Re: vTPM issues

["Marcos Simó Picó" <marcossp@kth.se>]

[-- Attachment #1.1: Type: text/plain, Size: 3191 bytes --]

Yes, I'm indeed using pv guests. After running #tcsd -f & I get:

TCSD TDDL ioctl: (25) Inappropriate ioctl for device
TCSD TDDL Falling back to Read/Write device support.
TCSD trousers 0.3.5git: TCSD up and running.


I don't know if the problem might be there. When I invoke tpm_takeownership -z -y -l debug it returns exactly the same messages I sent in my previous email.


On the other hand, /sys/devices/vtpm-0 is present, but /etc/tpm0 is not.


Thanks for your reply.


________________________________
De: Emil Condrea <emilcondrea@gmail.com>
Enviado: jueves, 25 de junio de 2015 10:21
Para: Marcos Simó Picó
Cc: xen-devel@lists.xen.org; Xu, Quan
Asunto: Re: [Xen-devel] vTPM issues

I guess you are using pv guests, I don't know exactly if Quan finished development for hvm.
I suggest to take a look at tcsd log:
pkill tcsd
tcsd -f &
tpm_takeownership -z -y -l debug
Also can you see if /sys/devices/vtpm-0 and /dev/tpm0 are present?

On Wed, Jun 24, 2015 at 6:16 PM, Marcos Simó Picó <marcossp@kth.se<mailto:marcossp@kth.se>> wrote:

Hello everyone,


I would like to try the vTPM feature, but I'm having some issues. Basically, I followed the steps explained in https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/


I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled Xen 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, I can invoke tpm_version from DomU:


root@DomU:/home/xen# tpm_version
  TPM 1.2 Version Info:
  Chip Version:        1.2.0.7
  Spec Level:          2
  Errata Revision:     1
  TPM Vendor ID:       ETHZ
  TPM Version:         01010000
  Manufacturer Info:   4554485a


I can also see the PCRs status by invoking cat /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an error. When I invoke takeownership I get the following error:


root@DomU:/home/xen# tpm_takeownership -y -z -l debug
Tspi_Context_Create success
Tspi_Context_Connect success
Tspi_Context_GetTpmObject success
Tspi_GetPolicyObject success
Tspi_Policy_SetSecret success
Tspi_Context_CreateObject success
Tspi_GetPolicyObject success
Tspi_Policy_SetSecret success
Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), Internal software error
Tspi_Context_CloseObject success
Tspi_Context_FreeMemory success
Tspi_Context_Close success


The same error is given when invoking tpm_getpubkey. I have already tried after clearing the TPM from BIOS, after having taken ownership and with ownership no taken with the same result when using the vTPM. I have also installed Xen 4.3.4, with the same result too.


In the end, I would like to use the vTPM to generate and use RSA keys for TLS session establishing (using the API provided with GnuTLS). Since I cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't find any SRK.


I really appreciate any help you can provide.


Best regards,

Marcos

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org<mailto:Xen-devel@lists.xen.org>
http://lists.xen.org/xen-devel



[-- Attachment #1.2: Type: text/html, Size: 8074 bytes --]

[-- Attachment #2: Type: text/plain, Size: 126 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel