[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Infineon vtpm problem



Hi

I have successfully applied the patch mentioned here (http://lists.xensource.com/archives/html/xense-devel/2007-04/msg00005.html) to the xen v. 3.1.3 on an HP nx8325 with Infineon TPM.

I cleared the tpm, deleted /var/vtpm/VTPM file and rebooted.

After reboot, vtpm_managerd runs ok. (output is attched to the mail.)

I created a pv vm with the option vtpm = ['instance=1, backend=0'] The vm boots fine.

I installed trousers-0.3.1 and tpm-tools-1.3.1 from sources on the vm.

I run tcsd -f on the vm. (output is attched to the mail.)

I checkout and run the trousers test suite. 10 tests passed with 230 failed. (Is this expected?)

When I try tpm_takeownership on the vm, the command runs fine. (Although a strange warning appers on tcsd output which is attched).

But when I try tpm_sealdata < foo on the vm I get the following error.

Tspi_Key_LoadKey failed: 0x00003113 - layer=tsp, code=0113 (275), Authorization failed

But other tpm_version runs fine on vm.

tpm-test:~# tpm_version
 TPM 1.2 Version Info:
 Chip Version:        1.2.0.4
 Spec Level:          2
 Errata Revision:     94
 TPM Vendor ID:
 TPM Version:         01010000
 Manufacturer Info:   4554485a

Also this quote is from Xen User's Guide:

"Similarly, the TPM frontend driver must be compiled for the kernel trying to use TPM functionality. Its driver can be selected in the kernel configuration section Device Driver / Character Devices / TPM Devices. Along with that the TPM driver for the built-in TPM must be selected."

According to my understanding driver for the built-in TPM must be selected on the kernel where TPM frontend driver is used. Am I correct about this assumption? (The problem is tpm_infineon driver can not be selected on an unpriviledged kernel, it can only be selected on a priviledged kernel)

Am I missing something here? Why do I get auth errors?

Thanks in advance.

Erdem Bayer

Attachment: vtpm_managerd.out
Description: Text document

Attachment: tcsd.out
Description: Text document

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.