Hi All,
I still couldn't fix the issue. However, there was a problem with the
policies I used (the ones I created myself). I created another policy, with
the lcp-gen2 tools and tried them in another machine with the same MLE.
I was able to get a successful boot in the other machine, but not in the
NUC. I still get the same error "Invalid RSDP"
Reading the tboot source code, tboot/txt/txt.c is where the rdsp is set up:
http://hg.code.sf.net/p/tboot/code/file/f1d2d60eda9f/tboot/txt/txt.c#l557
/* capabilities : require MLE pagetable in ECX on launch */
/* TODO: when SINIT ready
* os_sinit_data->capabilities.ecx_pgtbl = 1;
*/
os_sinit_data->capabilities.ecx_pgtbl = 0;
if (is_loader_launch_efi(lctx)){
/* we were launched EFI, set efi_rsdt_ptr */
struct acpi_rsdp *rsdp = get_rsdp(lctx);
if (rsdp != NULL){
if (version < 6){
/* rsdt */
/* NOTE: Winston Wang says this doesn't work for v5 */
os_sinit_data->efi_rsdt_ptr = (uint64_t) rsdp->rsdp1.rsdt;
} else {
/* rsdp */
memcpy((void *)&g_rsdp, rsdp, sizeof(struct acpi_rsdp));
os_sinit_data->efi_rsdt_ptr = (uint64_t)((uint32_t)&g_rsdp);
}
} else {
/* per discussions--if we don't have an ACPI pointer, die */
printk(TBOOT_ERR"Failed to find RSDP for EFI launch\n");
return NULL;
}
}
It says that "this doesn't work for v5", my sinit is v5. So maybe it is
related? Do I need a newer sinit?
---------------------------------------------------------------------------------------------------------------------------
Here are the policies I am using:
$ xxd mle.pol
00000000: 0003 0b00 0000 0000 0000 0000 0000 0000 ................
00000010: 0000 0000 0000 0800 0000 ffff 0800 0800 ................
00000020: 0000 0800 0000 7505 ed2f c309 bd31 fc8e ......u../...1..
00000030: 544c ec55 1030 4e88 8457 2460 11e4 394f TL.U.0N..W$`..9O
00000040: b612 bc3a fbec ...:..
$ xxd mle.data
00000000: 496e 7465 6c28 5229 2054 5854 204c 4350 Intel(R) TXT LCP
00000010: 5f50 4f4c 4943 595f 4441 5441 0000 0000 _POLICY_DATA....
00000020: 0000 0001 0002 1000 3200 0000 3200 0000 ........2...2...
00000030: 1000 0000 0000 0000 0000 0b00 0100 abc0 ................
00000040: 5dd2 0aae d8bc ab2f 3dc1 7512 e9b5 f3b7 ]....../=.u.....
00000050: 55da 3ab0 e62c 553d 45c8 4cd3 44f0 U.:..,U=E.L.D.
On Tue, May 23, 2017 at 9:59 PM, Marco Vanotti <mvano...@google.com> wrote:
> Hi All!
>
> I am trying to get TXT working. I was able to get it to run with
> POLTYPE_ANY, however, as soon as I added a policy data file, I started
> getting *TXT error 0xC00020C1*, which for my SINIT ACM means "*Invalid
> RSDP*". (note that this error doesn't happen if I don't add the policy
> data module in grub2).
>
> Specific details about my setup:
>
> * Intel NUC NUC5i5MYHE
> * TPM 2.0
> * PO NV Index: 0x1400001, with attributes 0x4000A:
> - TPMA_NV_OWNERWRITE
> - TPMA_NV_POLICYWRITE
> - TPMA_NV_AUTHREAD
> * "5th_gen_i5_i7_SINIT_79.BIN" SINIT ACM, downloaded from intel website.
> It seems to be "version 5"
> * Latest BIOS Update (couple of weeks old).
>
>
> This issue seems to have been discussed in this list previously (
> https://sourceforge.net/p/tboot/mailman/message/35623784/ is one message
> of that mailing thread), but it seems that they couldn't find a solution.
>
> Any help debugging this problem would be really appreciated :)
>
> Best Regards,
> Marco
>
> ----------------------------------------------------------------------
> ----------
>
> (details about Grub2 and Policies that I am using)
>
> This is my grub2 config related to tboot:
>
> menuentry 'CentOS Linux GNU/Linux, with tboot 1.9.4 and Linux
> 3.10.0-514.16.1.el7.x86_64' --class centos --class gnu-linux --class gnu
> --class os --class tboot {
> insmod multiboot2
> insmod part_gpt
> insmod xfs
> set root='hd0,gpt2'
> if [ x$feature_platform_search_hint = xy ]; then
> search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2
> --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 dd1f25a9-de82-4943-8ba9-
> f3a5035678a2
> else
> search --no-floppy --fs-uuid --set=root dd1f25a9-de82-4943-8ba9-
> f3a5035678a2
> fi
> echo 'Loading tboot 1.9.4 ...'
> multiboot2 /tboot.gz logging=serial,memory extpol=sha256
> echo 'Loading Linux 3.10.0-514.16.1.el7.x86_64 ...'
> module2 /vmlinuz-3.10.0-514.16.1.el7.x86_64 root=/dev/mapper/cl_txtnuc-root
> ro crashkernel=auto rd.lvm.lv=cl_txtnuc/root rd.lvm.lv=cl_txtnuc/swap
> rhgb quiet intel_iommu=on noefi
> echo 'Loading initial ramdisk ...'
> module2 /initramfs-3.10.0-514.16.1.el7.x86_64.img
> echo 'Loading sinit 5th_gen_i5_i7_SINIT_79.BIN ...'
> module2 /5th_gen_i5_i7_SINIT_79.BIN
> echo 'Loading tboot policy data file lcp.data ...'
> module2 /lcp.data
> }
>
> I have tried creating a Policy with the lcp-gen2 files, as well as
> creating my own. In both cases it did not work. What follows is the policy
> I am using, with explanation of each field.
>
>
> policy.pol, written to TPM Index 0x1400001, size 102 bytes.
>
> xxd policy.pol
> 0000000: 0003 0b00 0001 0000 0000 0000 0000 0000 ................
> 0000010: 0000 0000 0000 0400 0000 ffff 0800 0800 ................
> 0000020: 0000 0000 0000 3f1f 5a59 07d4 3b1e 0ef3 ......?.ZY..;...
> 0000030: 2cda 07fe 0c7a 9c58 be39 a03e b6af d88d ,....z.X.9.>....
> 0000040: 8b9c b92e 6355 0000 0000 0000 0000 0000 ....cU..........
> 0000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
> 0000060: 0000 0000 0000 ......
>
> Description:
>
> Policy Version: 3.0 (0x0003)
> Hash Algorithm: TPM_ALG_SHA256 (0x000B),
> Policy Type: LCP_POLTYPE_LIST (0x00),
> SINIT Min Version: 1 (0x01)
> Data Revocation Counters: 0x0000 8 times.
> Policy Control: Only set "OS Sinit Data Capabilities" (0x0000 0004)
> Max SINIT min version: 255 (0xff)
> Max BIOS AC min version: 255 (0xff)
> Approved Hash Alg Mask: Only SHA256 (0x0008)
> Approved Sign Alg Mask: tpm_alg_rsassa_2048_sha256 (0x0000 0008)
> Aux Hash Alg Mask: None. (0x0000)
> Reserved (2 bytes) (0x0000)
> Policy Hash: SHA256(SHA256(Policy List)). The rest of the bytes are
> because it is an union.
>
> policy.data, saved to /boot/lcp.data, 126 bytes.
>
> xxd tmp.data
> 00000000: 496e 7465 6c28 5229 2054 5854 204c 4350 Intel(R) TXT LCP
> 00000010: 5f50 4f4c 4943 595f 4441 5441 0000 0000 _POLICY_DATA....
> 00000020: 0000 0001 0102 1000 5200 0000 5200 0000 ........R...R...
> 00000030: 1000 0000 0100 0000 0000 0b00 0100 abc0 ................
> 00000040: 5dd2 0aae d8bc ab2f 3dc1 7512 e9b5 f3b7 ]....../=.u.....
> 00000050: 55da 3ab0 e62c 553d 45c8 4cd3 44f0 0000 U.:..,U=E.L.D...
> 00000060: 0000 0000 0000 0000 0000 0000 0000 0000 ................
> 00000070: 0000 0000 0000 0000 0000 0000 0000 ..............
>
> File Signature: LCP_POLICY_DATA_FILE_SIGNATURE (32 bytes)
> Reserved (3 bytes) (0x000000)
> Num Lists: 1 (0x01)
>
> [From here starts the LCP_POLICY_LIST2]
> Version: 2.1 (0x0201)
> Signature Algorithm: TPM_ALG_NULL (0x0010)
> Policy Element Size: 82 bytes (0x0000 0052)
> [From here starts the LCP_POLICY_ELEMENT]
> Size: 82 bytes (0x0000 0052)
>
> Type: LCP_POLELT_TYPE_MLE2 (0x0000 0010)
> Policy Element Control: DEFAULT_POL_ELT_CONTROL (0x0000 0001)
> [From here starts the LCP_MLE_ELEMENT2]
> SINIT Min Version: 0 (0x0)
> Reserved (1 byte) (0x0)
> Hash Algorithm: SHA256 (0x000b)
> Num Hashes: 1 (0x0001)
> Hashes: SHA256 of MLE as reported by TPM 2.0 Event Log.
>
> The hash of the LCP_LIST is 983f986b1e16fbee53be445a8f040e
> a1669bf52280ae8ebf768caf05bb77e33f
> SHA256(983f986b1e16fbee53be445a8f040ea1669bf52280ae8ebf768caf05bb77e33f)
> = 3f1f5a5907d43b1e0ef32cda07fe0c7a9c58be39a03eb6afd88d8b9cb92e6355
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
