[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] some problem with XSM enable

Hi Gfaaf,
    Now I have fixed this issue. There are some problems with grub 
configuration. It should append  ' flask_enforcing=1' in xen kernel and Append 
'module  /boot/xenpolicy.24' in grub.
         As my try, XSM should be enabled first. Then you can enable vtpm as 
docs/misc/vtpm.txt. if XSM is NOT enabled, the vtpmmgr can NOT run. Also the 
let me update the vtpm.txt next week with further research. Also I want to 
involve vtpm Development. Make vTPM stable and improve vTPM capability and 
performance. 
    I am Quan Xu (quan.xu@xxxxxxxxx), Intel engineer on Openstack cloud, Xen 
vt-d passthrough, Xen vtpm and OpenAttestation. 
    OpenAttestation is a open source project built on NSA's National 
Information Assurance Research Laboratory (NIARL) developed Host Integrity at 
Startup to 
measure and report status for host platforms which contain a Trusted Platform 
Module (TPM). Now I have pushed OpenAttestation to Ubuntu repo and redhat
rawhide repo, and has been integrated in Openstack to build Trusted computing 
pools.  It just supports dom0 or some other native host. We can make it happen 
to support trusted 
computing pools of virtual machines or further research...
 

Quan Xu 
Intel 



> -----Original Message-----
> From: Daniel De Graaf [mailto:dgdegra@xxxxxxxxxxxxx]
> Sent: Tuesday, June 04, 2013 10:12 PM
> To: quan.xu@xxxxxxxxxx
> Cc: xen-devel@xxxxxxxxxxxxxxxxxxx; Xu, Quan
> Subject: Re: [Xen-devel] some problem with XSM enable
> 
> On 06/03/2013 11:32 PM, quan.xu@xxxxxxxxxx wrote:
> >
> > hi community
> > when I want to enable XSM for vtpm, there are some problems in xen boot
> up.
> > Xen version  xen-4.3.0-rc2, dom0 is linux-3.7.10 without tpm drivers.
> > I configure xen-source-tree/Config.mk
> >
> > XSM_ENABLE ?= y
> > FLASK_ENABLE ?= $(XSM_ENABLE)
> >
> > And make dist, make install
> > Then I make the policy in xen-source-tree:  make -C tools/flask/policy
> >
> > When XSM is enabled, the xen boot-up stops at a lot of hex printout:
> 
> This looks like a crash, in which case the interesting parts would be above 
> the
> hex - which you didn't copy very accurately.  If possible, using a serial 
> console
> will be helpful in getting the text without needing to retype output.
> 
> The most important part is the value of RIP and the backtrace (if one is
> present); log messages leading up to the crash may also be useful.
> 
> >>>>>
> > Fff82*********** Fff82***********  Fff82*********** ~  ~  ~ ~ ~~ ~~ ~
> > ~  ~ ~ ~ ~ ~ ~~~~~~ ~~~~~~~~~~~~~ ~
> > 000000000000000 000000000000000  0000000000000000
> > 000000000000000 0000000000fff000  0000000000000000 <<<< I make sure
> if
> > "XSM_ENABLE ?= n and  FLASK_ENABLE ?= $(XSM_ENABLE)", the xen can
> work properly.
> >
> > Thanks
> >
> > Quan Xu
> >
> 
> xen-users dropped to BCC
> 
> --
> Daniel De Graaf
> National Security Agency

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.