* vTPM issues @ 2015-06-24 15:16 Marcos Simó Picó 2015-06-25 8:21 ` Emil Condrea 0 siblings, 1 reply; 7+ messages in thread From: Marcos Simó Picó @ 2015-06-24 15:16 UTC (permalink / raw) To: xen-devel@lists.xen.org [-- Attachment #1.1: Type: text/plain, Size: 1946 bytes --] Hello everyone, I would like to try the vTPM feature, but I'm having some issues. Basically, I followed the steps explained in https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/ I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled Xen 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, I can invoke tpm_version from DomU: root@DomU:/home/xen# tpm_version TPM 1.2 Version Info: Chip Version: 1.2.0.7 Spec Level: 2 Errata Revision: 1 TPM Vendor ID: ETHZ TPM Version: 01010000 Manufacturer Info: 4554485a I can also see the PCRs status by invoking cat /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an error. When I invoke takeownership I get the following error: root@DomU:/home/xen# tpm_takeownership -y -z -l debug Tspi_Context_Create success Tspi_Context_Connect success Tspi_Context_GetTpmObject success Tspi_GetPolicyObject success Tspi_Policy_SetSecret success Tspi_Context_CreateObject success Tspi_GetPolicyObject success Tspi_Policy_SetSecret success Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), Internal software error Tspi_Context_CloseObject success Tspi_Context_FreeMemory success Tspi_Context_Close success The same error is given when invoking tpm_getpubkey. I have already tried after clearing the TPM from BIOS, after having taken ownership and with ownership no taken with the same result when using the vTPM. I have also installed Xen 4.3.4, with the same result too. In the end, I would like to use the vTPM to generate and use RSA keys for TLS session establishing (using the API provided with GnuTLS). Since I cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't find any SRK. I really appreciate any help you can provide. Best regards, Marcos [-- Attachment #1.2: Type: text/html, Size: 5567 bytes --] [-- Attachment #2: Type: text/plain, Size: 126 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: vTPM issues 2015-06-24 15:16 vTPM issues Marcos Simó Picó @ 2015-06-25 8:21 ` Emil Condrea 2015-06-25 9:10 ` Marcos Simó Picó 0 siblings, 1 reply; 7+ messages in thread From: Emil Condrea @ 2015-06-25 8:21 UTC (permalink / raw) To: Marcos Simó Picó; +Cc: Xu, Quan, xen-devel@lists.xen.org [-- Attachment #1.1: Type: text/plain, Size: 2561 bytes --] I guess you are using pv guests, I don't know exactly if Quan finished development for hvm. I suggest to take a look at tcsd log: pkill tcsd tcsd -f & tpm_takeownership -z -y -l debug Also can you see if /sys/devices/vtpm-0 and /dev/tpm0 are present? On Wed, Jun 24, 2015 at 6:16 PM, Marcos Simó Picó <marcossp@kth.se> wrote: > Hello everyone, > > > I would like to try the vTPM feature, but I'm having some issues. > Basically, I followed the steps explained in > https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/ > > > I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled Xen > 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, I > can invoke tpm_version from DomU: > > > root@DomU:/home/xen# tpm_version > TPM 1.2 Version Info: > Chip Version: 1.2.0.7 > Spec Level: 2 > Errata Revision: 1 > TPM Vendor ID: ETHZ > TPM Version: 01010000 > Manufacturer Info: 4554485a > > > I can also see the PCRs status by invoking cat > /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an > error. When I invoke takeownership I get the following error: > > > root@DomU:/home/xen# tpm_takeownership -y -z -l debug > Tspi_Context_Create success > Tspi_Context_Connect success > Tspi_Context_GetTpmObject success > Tspi_GetPolicyObject success > Tspi_Policy_SetSecret success > Tspi_Context_CreateObject success > Tspi_GetPolicyObject success > Tspi_Policy_SetSecret success > Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), > Internal software error > Tspi_Context_CloseObject success > Tspi_Context_FreeMemory success > Tspi_Context_Close success > > > The same error is given when invoking tpm_getpubkey. I have already > tried after clearing the TPM from BIOS, after having taken ownership and > with ownership no taken with the same result when using the vTPM. I have > also installed Xen 4.3.4, with the same result too. > > > In the end, I would like to use the vTPM to generate and use RSA keys > for TLS session establishing (using the API provided with GnuTLS). Since I > cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't > find any SRK. > > > I really appreciate any help you can provide. > > > Best regards, > > Marcos > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel > > [-- Attachment #1.2: Type: text/html, Size: 3747 bytes --] [-- Attachment #2: Type: text/plain, Size: 126 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: vTPM issues 2015-06-25 8:21 ` Emil Condrea @ 2015-06-25 9:10 ` Marcos Simó Picó 2015-06-25 9:22 ` Emil Condrea 0 siblings, 1 reply; 7+ messages in thread From: Marcos Simó Picó @ 2015-06-25 9:10 UTC (permalink / raw) To: Emil Condrea; +Cc: Xu, Quan, xen-devel@lists.xen.org [-- Attachment #1.1: Type: text/plain, Size: 3191 bytes --] Yes, I'm indeed using pv guests. After running #tcsd -f & I get: TCSD TDDL ioctl: (25) Inappropriate ioctl for device TCSD TDDL Falling back to Read/Write device support. TCSD trousers 0.3.5git: TCSD up and running. I don't know if the problem might be there. When I invoke tpm_takeownership -z -y -l debug it returns exactly the same messages I sent in my previous email. On the other hand, /sys/devices/vtpm-0 is present, but /etc/tpm0 is not. Thanks for your reply. ________________________________ De: Emil Condrea <emilcondrea@gmail.com> Enviado: jueves, 25 de junio de 2015 10:21 Para: Marcos Simó Picó Cc: xen-devel@lists.xen.org; Xu, Quan Asunto: Re: [Xen-devel] vTPM issues I guess you are using pv guests, I don't know exactly if Quan finished development for hvm. I suggest to take a look at tcsd log: pkill tcsd tcsd -f & tpm_takeownership -z -y -l debug Also can you see if /sys/devices/vtpm-0 and /dev/tpm0 are present? On Wed, Jun 24, 2015 at 6:16 PM, Marcos Simó Picó <marcossp@kth.se<mailto:marcossp@kth.se>> wrote: Hello everyone, I would like to try the vTPM feature, but I'm having some issues. Basically, I followed the steps explained in https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/ I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled Xen 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, I can invoke tpm_version from DomU: root@DomU:/home/xen# tpm_version TPM 1.2 Version Info: Chip Version: 1.2.0.7 Spec Level: 2 Errata Revision: 1 TPM Vendor ID: ETHZ TPM Version: 01010000 Manufacturer Info: 4554485a I can also see the PCRs status by invoking cat /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an error. When I invoke takeownership I get the following error: root@DomU:/home/xen# tpm_takeownership -y -z -l debug Tspi_Context_Create success Tspi_Context_Connect success Tspi_Context_GetTpmObject success Tspi_GetPolicyObject success Tspi_Policy_SetSecret success Tspi_Context_CreateObject success Tspi_GetPolicyObject success Tspi_Policy_SetSecret success Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), Internal software error Tspi_Context_CloseObject success Tspi_Context_FreeMemory success Tspi_Context_Close success The same error is given when invoking tpm_getpubkey. I have already tried after clearing the TPM from BIOS, after having taken ownership and with ownership no taken with the same result when using the vTPM. I have also installed Xen 4.3.4, with the same result too. In the end, I would like to use the vTPM to generate and use RSA keys for TLS session establishing (using the API provided with GnuTLS). Since I cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't find any SRK. I really appreciate any help you can provide. Best regards, Marcos _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org<mailto:Xen-devel@lists.xen.org> http://lists.xen.org/xen-devel [-- Attachment #1.2: Type: text/html, Size: 8074 bytes --] [-- Attachment #2: Type: text/plain, Size: 126 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: vTPM issues 2015-06-25 9:10 ` Marcos Simó Picó @ 2015-06-25 9:22 ` Emil Condrea 2015-06-25 9:34 ` Marcos Simó Picó 0 siblings, 1 reply; 7+ messages in thread From: Emil Condrea @ 2015-06-25 9:22 UTC (permalink / raw) To: Marcos Simó Picó; +Cc: xen-devel@lists.xen.org [-- Attachment #1.1: Type: text/plain, Size: 3933 bytes --] Sorry, I misspelled, I meant /dev/tpm0 not /etc/tpm0 I remember that once I had this problem when almost all trousers commands were returning internal software error in domU. Can you check what are the timeout values? cat /sys/devices/vtpm-0/timeouts I remember that there was a bug in ubuntu 14.04 regarding tpm driver. You could try 14.04.2. I am using Ubuntu 15.04 as domU guest and tpm comands run succesfully. On Thu, Jun 25, 2015 at 12:10 PM, Marcos Simó Picó <marcossp@kth.se> wrote: > Yes, I'm indeed using pv guests. After running #tcsd -f & I get: > > TCSD TDDL ioctl: (25) Inappropriate ioctl for device > TCSD TDDL Falling back to Read/Write device support. > TCSD trousers 0.3.5git: TCSD up and running. > > > I don't know if the problem might be there. When I invoke > tpm_takeownership -z -y -l debug it returns exactly the same messages I > sent in my previous email. > > > On the other hand, /sys/devices/vtpm-0 is present, but /etc/tpm0 is not. > > > Thanks for your reply. > > > ------------------------------ > *De:* Emil Condrea <emilcondrea@gmail.com> > *Enviado:* jueves, 25 de junio de 2015 10:21 > *Para:* Marcos Simó Picó > *Cc:* xen-devel@lists.xen.org; Xu, Quan > *Asunto:* Re: [Xen-devel] vTPM issues > > I guess you are using pv guests, I don't know exactly if Quan finished > development for hvm. > I suggest to take a look at tcsd log: > pkill tcsd > tcsd -f & > tpm_takeownership -z -y -l debug > Also can you see if /sys/devices/vtpm-0 and /dev/tpm0 are present? > > On Wed, Jun 24, 2015 at 6:16 PM, Marcos Simó Picó <marcossp@kth.se> wrote: > >> Hello everyone, >> >> >> I would like to try the vTPM feature, but I'm having some issues. >> Basically, I followed the steps explained in >> https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/ >> >> >> I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled >> Xen 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, >> I can invoke tpm_version from DomU: >> >> >> root@DomU:/home/xen# tpm_version >> TPM 1.2 Version Info: >> Chip Version: 1.2.0.7 >> Spec Level: 2 >> Errata Revision: 1 >> TPM Vendor ID: ETHZ >> TPM Version: 01010000 >> Manufacturer Info: 4554485a >> >> >> I can also see the PCRs status by invoking cat >> /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an >> error. When I invoke takeownership I get the following error: >> >> >> root@DomU:/home/xen# tpm_takeownership -y -z -l debug >> Tspi_Context_Create success >> Tspi_Context_Connect success >> Tspi_Context_GetTpmObject success >> Tspi_GetPolicyObject success >> Tspi_Policy_SetSecret success >> Tspi_Context_CreateObject success >> Tspi_GetPolicyObject success >> Tspi_Policy_SetSecret success >> Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), >> Internal software error >> Tspi_Context_CloseObject success >> Tspi_Context_FreeMemory success >> Tspi_Context_Close success >> >> >> The same error is given when invoking tpm_getpubkey. I have already >> tried after clearing the TPM from BIOS, after having taken ownership and >> with ownership no taken with the same result when using the vTPM. I have >> also installed Xen 4.3.4, with the same result too. >> >> >> In the end, I would like to use the vTPM to generate and use RSA keys >> for TLS session establishing (using the API provided with GnuTLS). Since I >> cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't >> find any SRK. >> >> >> I really appreciate any help you can provide. >> >> >> Best regards, >> >> Marcos >> >> _______________________________________________ >> Xen-devel mailing list >> Xen-devel@lists.xen.org >> http://lists.xen.org/xen-devel >> >> > [-- Attachment #1.2: Type: text/html, Size: 6024 bytes --] [-- Attachment #2: Type: text/plain, Size: 126 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: vTPM issues 2015-06-25 9:22 ` Emil Condrea @ 2015-06-25 9:34 ` Marcos Simó Picó 2015-06-25 9:52 ` Emil Condrea 0 siblings, 1 reply; 7+ messages in thread From: Marcos Simó Picó @ 2015-06-25 9:34 UTC (permalink / raw) To: Emil Condrea; +Cc: xen-devel@lists.xen.org [-- Attachment #1.1: Type: text/plain, Size: 4229 bytes --] Okay, /etc/tpm0 is present. The timeout values are: 752000 2000000 752000 752000 [adjusted] I have no problem actually upgrading to Ubuntu 15.04 if that might solve the problem. Thanks a lot for your reply again. ________________________________ De: Emil Condrea <emilcondrea@gmail.com> Enviado: jueves, 25 de junio de 2015 11:22 Para: Marcos Simó Picó Cc: xen-devel@lists.xen.org Asunto: Re: [Xen-devel] vTPM issues Sorry, I misspelled, I meant /dev/tpm0 not /etc/tpm0 I remember that once I had this problem when almost all trousers commands were returning internal software error in domU. Can you check what are the timeout values? cat /sys/devices/vtpm-0/timeouts I remember that there was a bug in ubuntu 14.04 regarding tpm driver. You could try 14.04.2. I am using Ubuntu 15.04 as domU guest and tpm comands run succesfully. On Thu, Jun 25, 2015 at 12:10 PM, Marcos Simó Picó <marcossp@kth.se<mailto:marcossp@kth.se>> wrote: Yes, I'm indeed using pv guests. After running #tcsd -f & I get: TCSD TDDL ioctl: (25) Inappropriate ioctl for device TCSD TDDL Falling back to Read/Write device support. TCSD trousers 0.3.5git: TCSD up and running. I don't know if the problem might be there. When I invoke tpm_takeownership -z -y -l debug it returns exactly the same messages I sent in my previous email. On the other hand, /sys/devices/vtpm-0 is present, but /etc/tpm0 is not. Thanks for your reply. ________________________________ De: Emil Condrea <emilcondrea@gmail.com<mailto:emilcondrea@gmail.com>> Enviado: jueves, 25 de junio de 2015 10:21 Para: Marcos Simó Picó Cc: xen-devel@lists.xen.org<mailto:xen-devel@lists.xen.org>; Xu, Quan Asunto: Re: [Xen-devel] vTPM issues I guess you are using pv guests, I don't know exactly if Quan finished development for hvm. I suggest to take a look at tcsd log: pkill tcsd tcsd -f & tpm_takeownership -z -y -l debug Also can you see if /sys/devices/vtpm-0 and /dev/tpm0 are present? On Wed, Jun 24, 2015 at 6:16 PM, Marcos Simó Picó <marcossp@kth.se<mailto:marcossp@kth.se>> wrote: Hello everyone, I would like to try the vTPM feature, but I'm having some issues. Basically, I followed the steps explained in https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/ I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled Xen 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, I can invoke tpm_version from DomU: root@DomU:/home/xen# tpm_version TPM 1.2 Version Info: Chip Version: 1.2.0.7 Spec Level: 2 Errata Revision: 1 TPM Vendor ID: ETHZ TPM Version: 01010000 Manufacturer Info: 4554485a I can also see the PCRs status by invoking cat /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an error. When I invoke takeownership I get the following error: root@DomU:/home/xen# tpm_takeownership -y -z -l debug Tspi_Context_Create success Tspi_Context_Connect success Tspi_Context_GetTpmObject success Tspi_GetPolicyObject success Tspi_Policy_SetSecret success Tspi_Context_CreateObject success Tspi_GetPolicyObject success Tspi_Policy_SetSecret success Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), Internal software error Tspi_Context_CloseObject success Tspi_Context_FreeMemory success Tspi_Context_Close success The same error is given when invoking tpm_getpubkey. I have already tried after clearing the TPM from BIOS, after having taken ownership and with ownership no taken with the same result when using the vTPM. I have also installed Xen 4.3.4, with the same result too. In the end, I would like to use the vTPM to generate and use RSA keys for TLS session establishing (using the API provided with GnuTLS). Since I cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't find any SRK. I really appreciate any help you can provide. Best regards, Marcos _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org<mailto:Xen-devel@lists.xen.org> http://lists.xen.org/xen-devel [-- Attachment #1.2: Type: text/html, Size: 10044 bytes --] [-- Attachment #2: Type: text/plain, Size: 126 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: vTPM issues 2015-06-25 9:34 ` Marcos Simó Picó @ 2015-06-25 9:52 ` Emil Condrea 2015-06-25 19:18 ` Marcos Simó Picó 0 siblings, 1 reply; 7+ messages in thread From: Emil Condrea @ 2015-06-25 9:52 UTC (permalink / raw) To: Marcos Simó Picó; +Cc: xen-devel@lists.xen.org [-- Attachment #1.1: Type: text/plain, Size: 4716 bytes --] Timeouts have the standard values. Good luck with installing 15.04. On Thu, Jun 25, 2015 at 12:34 PM, Marcos Simó Picó <marcossp@kth.se> wrote: > Okay, /etc/tpm0 is present. > > The timeout values are: > > 752000 2000000 752000 752000 [adjusted] > > > I have no problem actually upgrading to Ubuntu 15.04 if that might solve > the problem. > > > Thanks a lot for your reply again. > ------------------------------ > *De:* Emil Condrea <emilcondrea@gmail.com> > *Enviado:* jueves, 25 de junio de 2015 11:22 > *Para:* Marcos Simó Picó > *Cc:* xen-devel@lists.xen.org > *Asunto:* Re: [Xen-devel] vTPM issues > > Sorry, I misspelled, I meant /dev/tpm0 not /etc/tpm0 > I remember that once I had this problem when almost all trousers commands > were returning internal software error in domU. > Can you check what are the timeout values? > cat /sys/devices/vtpm-0/timeouts > > I remember that there was a bug in ubuntu 14.04 regarding tpm driver. > You could try 14.04.2. I am using Ubuntu 15.04 as domU guest and tpm > comands > run succesfully. > > On Thu, Jun 25, 2015 at 12:10 PM, Marcos Simó Picó <marcossp@kth.se> > wrote: > >> Yes, I'm indeed using pv guests. After running #tcsd -f & I get: >> >> TCSD TDDL ioctl: (25) Inappropriate ioctl for device >> TCSD TDDL Falling back to Read/Write device support. >> TCSD trousers 0.3.5git: TCSD up and running. >> >> >> I don't know if the problem might be there. When I invoke >> tpm_takeownership -z -y -l debug it returns exactly the same messages I >> sent in my previous email. >> >> >> On the other hand, /sys/devices/vtpm-0 is present, but /etc/tpm0 is not. >> >> >> Thanks for your reply. >> >> >> ------------------------------ >> *De:* Emil Condrea <emilcondrea@gmail.com> >> *Enviado:* jueves, 25 de junio de 2015 10:21 >> *Para:* Marcos Simó Picó >> *Cc:* xen-devel@lists.xen.org; Xu, Quan >> *Asunto:* Re: [Xen-devel] vTPM issues >> >> I guess you are using pv guests, I don't know exactly if Quan finished >> development for hvm. >> I suggest to take a look at tcsd log: >> pkill tcsd >> tcsd -f & >> tpm_takeownership -z -y -l debug >> Also can you see if /sys/devices/vtpm-0 and /dev/tpm0 are present? >> >> On Wed, Jun 24, 2015 at 6:16 PM, Marcos Simó Picó <marcossp@kth.se> >> wrote: >> >>> Hello everyone, >>> >>> >>> I would like to try the vTPM feature, but I'm having some issues. >>> Basically, I followed the steps explained in >>> https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/ >>> >>> >>> I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled >>> Xen 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, >>> I can invoke tpm_version from DomU: >>> >>> >>> root@DomU:/home/xen# tpm_version >>> TPM 1.2 Version Info: >>> Chip Version: 1.2.0.7 >>> Spec Level: 2 >>> Errata Revision: 1 >>> TPM Vendor ID: ETHZ >>> TPM Version: 01010000 >>> Manufacturer Info: 4554485a >>> >>> >>> I can also see the PCRs status by invoking cat >>> /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an >>> error. When I invoke takeownership I get the following error: >>> >>> >>> root@DomU:/home/xen# tpm_takeownership -y -z -l debug >>> Tspi_Context_Create success >>> Tspi_Context_Connect success >>> Tspi_Context_GetTpmObject success >>> Tspi_GetPolicyObject success >>> Tspi_Policy_SetSecret success >>> Tspi_Context_CreateObject success >>> Tspi_GetPolicyObject success >>> Tspi_Policy_SetSecret success >>> Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), >>> Internal software error >>> Tspi_Context_CloseObject success >>> Tspi_Context_FreeMemory success >>> Tspi_Context_Close success >>> >>> >>> The same error is given when invoking tpm_getpubkey. I have already >>> tried after clearing the TPM from BIOS, after having taken ownership and >>> with ownership no taken with the same result when using the vTPM. I have >>> also installed Xen 4.3.4, with the same result too. >>> >>> >>> In the end, I would like to use the vTPM to generate and use RSA keys >>> for TLS session establishing (using the API provided with GnuTLS). Since I >>> cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't >>> find any SRK. >>> >>> >>> I really appreciate any help you can provide. >>> >>> >>> Best regards, >>> >>> Marcos >>> >>> _______________________________________________ >>> Xen-devel mailing list >>> Xen-devel@lists.xen.org >>> http://lists.xen.org/xen-devel >>> >>> >> > [-- Attachment #1.2: Type: text/html, Size: 7594 bytes --] [-- Attachment #2: Type: text/plain, Size: 126 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: vTPM issues 2015-06-25 9:52 ` Emil Condrea @ 2015-06-25 19:18 ` Marcos Simó Picó 0 siblings, 0 replies; 7+ messages in thread From: Marcos Simó Picó @ 2015-06-25 19:18 UTC (permalink / raw) To: Emil Condrea; +Cc: xen-devel@lists.xen.org [-- Attachment #1.1: Type: text/plain, Size: 4658 bytes --] It worked straight away on Ubuntu 15.04. Thanks a lot for your advice. On 25 Jun 2015, at 11:52, Emil Condrea <emilcondrea@gmail.com<mailto:emilcondrea@gmail.com>> wrote: Timeouts have the standard values. Good luck with installing 15.04. On Thu, Jun 25, 2015 at 12:34 PM, Marcos Simó Picó <marcossp@kth.se<mailto:marcossp@kth.se>> wrote: Okay, /etc/tpm0 is present. The timeout values are: 752000 2000000 752000 752000 [adjusted] I have no problem actually upgrading to Ubuntu 15.04 if that might solve the problem. Thanks a lot for your reply again. ________________________________ De: Emil Condrea <emilcondrea@gmail.com<mailto:emilcondrea@gmail.com>> Enviado: jueves, 25 de junio de 2015 11:22 Para: Marcos Simó Picó Cc: xen-devel@lists.xen.org<mailto:xen-devel@lists.xen.org> Asunto: Re: [Xen-devel] vTPM issues Sorry, I misspelled, I meant /dev/tpm0 not /etc/tpm0 I remember that once I had this problem when almost all trousers commands were returning internal software error in domU. Can you check what are the timeout values? cat /sys/devices/vtpm-0/timeouts I remember that there was a bug in ubuntu 14.04 regarding tpm driver. You could try 14.04.2. I am using Ubuntu 15.04 as domU guest and tpm comands run succesfully. On Thu, Jun 25, 2015 at 12:10 PM, Marcos Simó Picó <marcossp@kth.se<mailto:marcossp@kth.se>> wrote: Yes, I'm indeed using pv guests. After running #tcsd -f & I get: TCSD TDDL ioctl: (25) Inappropriate ioctl for device TCSD TDDL Falling back to Read/Write device support. TCSD trousers 0.3.5git: TCSD up and running. I don't know if the problem might be there. When I invoke tpm_takeownership -z -y -l debug it returns exactly the same messages I sent in my previous email. On the other hand, /sys/devices/vtpm-0 is present, but /etc/tpm0 is not. Thanks for your reply. ________________________________ De: Emil Condrea <emilcondrea@gmail.com<mailto:emilcondrea@gmail.com>> Enviado: jueves, 25 de junio de 2015 10:21 Para: Marcos Simó Picó Cc: xen-devel@lists.xen.org<mailto:xen-devel@lists.xen.org>; Xu, Quan Asunto: Re: [Xen-devel] vTPM issues I guess you are using pv guests, I don't know exactly if Quan finished development for hvm. I suggest to take a look at tcsd log: pkill tcsd tcsd -f & tpm_takeownership -z -y -l debug Also can you see if /sys/devices/vtpm-0 and /dev/tpm0 are present? On Wed, Jun 24, 2015 at 6:16 PM, Marcos Simó Picó <marcossp@kth.se<mailto:marcossp@kth.se>> wrote: Hello everyone, I would like to try the vTPM feature, but I'm having some issues. Basically, I followed the steps explained in https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/ I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled Xen 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, I can invoke tpm_version from DomU: root@DomU:/home/xen# tpm_version TPM 1.2 Version Info: Chip Version: 1.2.0.7 Spec Level: 2 Errata Revision: 1 TPM Vendor ID: ETHZ TPM Version: 01010000 Manufacturer Info: 4554485a I can also see the PCRs status by invoking cat /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an error. When I invoke takeownership I get the following error: root@DomU:/home/xen# tpm_takeownership -y -z -l debug Tspi_Context_Create success Tspi_Context_Connect success Tspi_Context_GetTpmObject success Tspi_GetPolicyObject success Tspi_Policy_SetSecret success Tspi_Context_CreateObject success Tspi_GetPolicyObject success Tspi_Policy_SetSecret success Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), Internal software error Tspi_Context_CloseObject success Tspi_Context_FreeMemory success Tspi_Context_Close success The same error is given when invoking tpm_getpubkey. I have already tried after clearing the TPM from BIOS, after having taken ownership and with ownership no taken with the same result when using the vTPM. I have also installed Xen 4.3.4, with the same result too. In the end, I would like to use the vTPM to generate and use RSA keys for TLS session establishing (using the API provided with GnuTLS). Since I cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't find any SRK. I really appreciate any help you can provide. Best regards, Marcos _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org<mailto:Xen-devel@lists.xen.org> http://lists.xen.org/xen-devel [-- Attachment #1.2: Type: text/html, Size: 9905 bytes --] [-- Attachment #2: Type: text/plain, Size: 126 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2015-06-25 19:18 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2015-06-24 15:16 vTPM issues Marcos Simó Picó 2015-06-25 8:21 ` Emil Condrea 2015-06-25 9:10 ` Marcos Simó Picó 2015-06-25 9:22 ` Emil Condrea 2015-06-25 9:34 ` Marcos Simó Picó 2015-06-25 9:52 ` Emil Condrea 2015-06-25 19:18 ` Marcos Simó Picó
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.