Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upAEM boot option causes hard reboot/partial shutdown #2155
Comments
andrewdavidwong
added
bug
C: other
P: major
labels
Jul 5, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Jul 13, 2016
For the record, I've tried various kernels including 4.1 and 4.2 copied from R3.1. Those copied kernels can boot past the AEM target and there is no reset. This suggests that a kernel 4.2 released for R3.2 could be a solution to the problem.
Kernel 4.4.14-10 from the testing repo in combination with tboot still causes system resets.
tasket
commented
Jul 13, 2016
|
For the record, I've tried various kernels including 4.1 and 4.2 copied from R3.1. Those copied kernels can boot past the AEM target and there is no reset. This suggests that a kernel 4.2 released for R3.2 could be a solution to the problem. |
marmarek
added this to the Release 3.2 milestone
Jul 13, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Jul 13, 2016
Per my thread post:
I am able to get 4.4.* to boot now! The trick was to add min_ram=0x2000000 to the tboot options.
But now I cannot get AEM to seal the secret. Nothing at all about AEM is displayed during startup, even though rd.antievilmaid is on the kernel options line.
@andrewdavidwong Can you try the min_ram option? You only need to add min_ram=0x2000000 to the multiboot tboot line in grub.
tasket
commented
Jul 13, 2016
|
Per my thread post: But now I cannot get AEM to seal the secret. Nothing at all about AEM is displayed during startup, even though rd.antievilmaid is on the kernel options line. @andrewdavidwong Can you try the min_ram option? You only need to add |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
rustybird
Jul 13, 2016
But now I cannot get AEM to seal the secret. Nothing at all about AEM is displayed during startup, even though rd.antievilmaid is on the kernel options line.
I think this might be fixed by QubesOS/qubes-core-admin-linux@fe6846d (which hasn't been released in a new package version yet)
rustybird
commented
Jul 13, 2016
I think this might be fixed by QubesOS/qubes-core-admin-linux@fe6846d (which hasn't been released in a new package version yet) |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
rustybird
Jul 13, 2016
@ttasket:
Sorry, forgot to say: You could try sudo systemctl enable anti-evil-maid-seal in dom0.
rustybird
commented
Jul 13, 2016
|
@ttasket: Sorry, forgot to say: You could try |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Jul 14, 2016
@rustybird Thanks, but that service is already enabled. Status shows it ran with failure code:
$ sudo systemctl status anti-evil-maid-unseal
● anti-evil-maid-unseal.service - Anti Evil Maid unsealing
Loaded: loaded (/usr/lib/systemd/system/anti-evil-maid-unseal.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2016-07-13 20:55:54 EDT; 33min ago
Main PID: 455 (code=exited, status=1/FAILURE)
Jul 13 20:55:53 dom0 systemd[1]: Starting Anti Evil Maid unsealing...
Jul 13 20:55:53 dom0 anti-evil-maid-unseal[455]: anti-evil-maid-unseal: Mounting the aem device...
Jul 13 20:55:53 dom0 anti-evil-maid-unseal[455]: anti-evil-maid-unseal: Initializing TPM...
Jul 13 20:55:53 dom0 anti-evil-maid-unseal[455]: tcsd_changer_identify: identifying TPM
Jul 13 20:55:54 dom0 anti-evil-maid-unseal[455]: install: invalid user 'tss'
Jul 13 20:55:54 dom0 systemd[1]: anti-evil-maid-unseal.service: Main process exited, code=exited, status=1/FAILURE
Jul 13 20:55:54 dom0 systemd[1]: Failed to start Anti Evil Maid unsealing.
Jul 13 20:55:54 dom0 systemd[1]: anti-evil-maid-unseal.service: Unit entered failed state.
Jul 13 20:55:54 dom0 systemd[1]: anti-evil-maid-unseal.service: Failed with result 'exit-code'.
tasket
commented
Jul 14, 2016
|
@rustybird Thanks, but that service is already enabled. Status shows it ran with failure code: |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
marmarek
Jul 14, 2016
Member
This is already fixed by HW42. Just building&uploading fixed package (v3.0.3).
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
|
This is already fixed by HW42. Just building&uploading fixed package (v3.0.3). Best Regards, |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Jul 14, 2016
AEM now works again on my system. The keys were to update to anti-evil-maid 3.0.3 from the testing repo so it would seal, and adding the min_ram parameter to tboot so the system doesn't crash/restart with 4.4 kernels.
tasket
commented
Jul 14, 2016
|
AEM now works again on my system. The keys were to update to anti-evil-maid 3.0.3 from the testing repo so it would seal, and adding the |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
marmarek
Jul 15, 2016
Member
I wonder whether min_ram should be added by default. Does it have any negative side effects?
|
I wonder whether |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Jul 15, 2016
That would be a good question for upstream. I've CC'd gang.wei@intel.com with no response so far; I'd like to post it to the tboot mailing list after others ( @andrewdavidwong , Todd Lasman) try it out. ML might say its better to upgrade tboot.
I started a fresh thread in qubes-users... https://groups.google.com/d/msgid/qubes-users/25ec3d4f-17cb-32a9-01b9-8a30c0150fe4%40openmailbox.org
tasket
commented
Jul 15, 2016
•
edited
Edited 1 time
-
tasket
edited Jul 15, 2016 (most recent)
edited
-
Jul 15, 2016 (most recent)
|
That would be a good question for upstream. I've CC'd gang.wei@intel.com with no response so far; I'd like to post it to the tboot mailing list after others ( @andrewdavidwong , Todd Lasman) try it out. ML might say its better to upgrade tboot. I started a fresh thread in qubes-users... https://groups.google.com/d/msgid/qubes-users/25ec3d4f-17cb-32a9-01b9-8a30c0150fe4%40openmailbox.org |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
ghost
Aug 3, 2016
that is platform specific, try different vendors platforms to see if this issue can be seen on all the platforms
ghost
commented
Aug 3, 2016
|
that is platform specific, try different vendors platforms to see if this issue can be seen on all the platforms |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
andrewdavidwong
Aug 4, 2016
Member
Todd confirmed that the min_ram fix worked for him. Do you still need me to test it, @ttasket?
andrewdavidwong
commented
Aug 4, 2016
•
edited
Edited 1 time
-
andrewdavidwong
edited Aug 4, 2016 (most recent)
edited
-
Aug 4, 2016 (most recent)
|
Todd confirmed that the |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
andrewdavidwong
Aug 6, 2016
Member
@ttasket: I've now tested this. Unfortunately, there is no change on my end. I tested with anti-evil-maid-3.0.4-1.fc20.x86_64 and added min_ram=0x2000000 to the tboot options as instructed. The system still fails to boot in the same way.
andrewdavidwong
commented
Aug 6, 2016
•
edited
Edited 1 time
-
andrewdavidwong
edited
Aug 6, 2016 (most recent)
edited
-
Aug 6, 2016 (most recent)
|
@ttasket: I've now tested this. Unfortunately, there is no change on my end. I tested with |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Aug 6, 2016
@andrewdavidwong My AEM version is 3.0.4-1.fc23 not fc20. If you're still running Qubes 3.1 you may want to upgrade to 3.2 rc2; that's what I'm using.
tboot-devel thread here: https://sourceforge.net/p/tboot/mailman/tboot-devel/thread/005196f3-3afd-eca1-787b-841e3953b39f%40openmailbox.org/#msg35257679
Newer versions of tboot do work with Linux 4.4, at least Ubuntu's.
@marmarek Are there any specific guidelines for compiling and installing tboot for Qubes?
tasket
commented
Aug 6, 2016
|
@andrewdavidwong My AEM version is 3.0.4-1.fc23 not fc20. If you're still running Qubes 3.1 you may want to upgrade to 3.2 rc2; that's what I'm using. tboot-devel thread here: https://sourceforge.net/p/tboot/mailman/tboot-devel/thread/005196f3-3afd-eca1-787b-841e3953b39f%40openmailbox.org/#msg35257679 Newer versions of tboot do work with Linux 4.4, at least Ubuntu's. @marmarek Are there any specific guidelines for compiling and installing tboot for Qubes? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
marmarek
Aug 6, 2016
Member
@marmarek Are there any specific guidelines for compiling and installing tboot for Qubes?
Look at fedora package - especially spec file. It should just work to
bump the version there and provide it new tarball.
As you've probably seen, I'm looking for a way to get somehow verified
sources, as there are multiple red flags with those on sf.net.
Then we may include it aem repository as just another package (until
newer version land in Fedora).
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
Look at fedora package - especially spec file. It should just work to As you've probably seen, I'm looking for a way to get somehow verified Best Regards, |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
andrewdavidwong
Aug 7, 2016
Member
@ttasket: Ok, I'll try again after I install 3.2* on this laptop.
|
@ttasket: Ok, I'll try again after I install 3.2* on this laptop. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Sep 2, 2016
@marmarek We got a signed copy of tboot 1.9.4 from ning.sun@intel.com (see inbox). Do you want to package it for Qubes and test, or test it first?
tasket
commented
Sep 2, 2016
|
@marmarek We got a signed copy of tboot 1.9.4 from ning.sun@intel.com (see inbox). Do you want to package it for Qubes and test, or test it first? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
chris-hacker-news
Oct 1, 2016
I had the same issue with TBOOT causing a reboot after GETSEC[SENTER]...
I am using Qubes R3.2, anti-evil-maid 3.0.4 and have a 6th gen i7 SINIT file.
I can confirm that this is an issue with an outdated TBOOT kernel.
You can manually upgrade it via Ubuntu: https://launchpad.net/ubuntu/yakkety/amd64/tboot/1.9.4-0ubuntu1
just unpack it from there and drop the "tboot.gz" and "tboot-syms" into your boot folder. Would be nice to have this by default or AT LEAST have a huge troubleshooter box over AEM which tells you to take this step manually for the time being. Searching for this issue is a freakin nightmare (and it was just one issue in a long list of avoidable problems) to be honest and in total I probably spent two full days on getting AEM to work just because the install process is so fundamentally broken and badly documented.
But in my opinion Anti Evil Maid on an SD card is pretty much necessary for running a system like Qubes OS, and some work should be done to make AEM more seamless. Qubes without AEM is terribly unsafe. This is why I think the whole process needs urgent streamlining.
So many points of failure:
- Forgot to encrypt the volume group instead of each volume? You're fucked, but you won't know until AEM refuses to boot two hours later.
- Selected EFI install? You're fucked yet again, but you won't know until AEM refuses to boot two hours later.
- Forgot to fetch your latest TBOOT on your own? Well go figure, because unless you have some cool Google foo it's going to be a nightmare to debug this issue where the PC goes blank without any debug output or log...
- Just don't get me started about the whole TPM and debugging it's refusal to let the owner own it... IMHO a TPM is a freakin schizophrenic child and your job is to cure it without a PhD degree in psychology.
chris-hacker-news
commented
Oct 1, 2016
|
I had the same issue with TBOOT causing a reboot after GETSEC[SENTER]... I am using Qubes R3.2, anti-evil-maid 3.0.4 and have a 6th gen i7 SINIT file. You can manually upgrade it via Ubuntu: https://launchpad.net/ubuntu/yakkety/amd64/tboot/1.9.4-0ubuntu1 just unpack it from there and drop the "tboot.gz" and "tboot-syms" into your boot folder. Would be nice to have this by default or AT LEAST have a huge troubleshooter box over AEM which tells you to take this step manually for the time being. Searching for this issue is a freakin nightmare (and it was just one issue in a long list of avoidable problems) to be honest and in total I probably spent two full days on getting AEM to work just because the install process is so fundamentally broken and badly documented. But in my opinion Anti Evil Maid on an SD card is pretty much necessary for running a system like Qubes OS, and some work should be done to make AEM more seamless. Qubes without AEM is terribly unsafe. This is why I think the whole process needs urgent streamlining. So many points of failure:
|
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Oct 1, 2016
Thanks for the input @oldblob666 ...
I did look for tboot in debian and couldn't find it... assumed incorrectly that Ubuntu didn't have it either.
Of course, verifying the Ubuntu tboot package with their distro key is recommended before using it as a replacement for the fedora tboot.
But in my opinion Anti Evil Maid on an SD card is pretty much necessary for running a system like Qubes OS, and some work should be done to make AEM more seamless. Qubes without AEM is terribly unsafe. This is why I think the whole process needs urgent streamlining.
Agreed. I think what many Qubes users lose sight of is that AEM isn't just a mitigation for physical attacks. It could also warn you if a remote attack somehow got to your firmware. So, yes, the AEM type of protection or warning system should be considered necessary for security in general.
@andrewdavidwong : Numbers 1) and 2) should be made into their own issues... these are essentially bugs addressable directly by Qubes. Though, I'll add that AEM has already streamlined somewhat over the years (re-sealing is now automatic, for instance).
As for tboot version, I think the assumption so far is that AEM is an 'extra' feature and its OK to defer to Fedora's decisions about updating it. But Qubes can address that, too, by supplying updated version directly.
TPM unfortunately is idiosyncratic with insufficient documentation of the ownership flow or the significance/mechanics of physical presence. The AEM documentation might be a good place to shed light on that topic, though one would expect the computer's documentation to supply the right info.
tasket
commented
Oct 1, 2016
|
Thanks for the input @oldblob666 ... I did look for tboot in debian and couldn't find it... assumed incorrectly that Ubuntu didn't have it either. Of course, verifying the Ubuntu tboot package with their distro key is recommended before using it as a replacement for the fedora tboot.
Agreed. I think what many Qubes users lose sight of is that AEM isn't just a mitigation for physical attacks. It could also warn you if a remote attack somehow got to your firmware. So, yes, the AEM type of protection or warning system should be considered necessary for security in general. @andrewdavidwong : Numbers 1) and 2) should be made into their own issues... these are essentially bugs addressable directly by Qubes. Though, I'll add that AEM has already streamlined somewhat over the years (re-sealing is now automatic, for instance). As for tboot version, I think the assumption so far is that AEM is an 'extra' feature and its OK to defer to Fedora's decisions about updating it. But Qubes can address that, too, by supplying updated version directly. TPM unfortunately is idiosyncratic with insufficient documentation of the ownership flow or the significance/mechanics of physical presence. The AEM documentation might be a good place to shed light on that topic, though one would expect the computer's documentation to supply the right info. |
This was referenced Oct 1, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
chris-hacker-news
Oct 1, 2016
@tasket Thanks for your answer :).
-
AEM seems to be neither able to use SRK or no SRK. Depending on which you chose, something will fail. My solution to that was to simply use no SRK and append "-z" to the "tpm_unsealdata" line in the file "/usr/lib/dracut/modules.d/90anti-evil-maid/anti-evil-maid-unseal" and get rid of the SRK piping instead. Less than ideal I think.
-
For "anti-evil-maid-seal", "$LABEL_SUFFIX" is set to "/run/anti-evil-maid/suffix", which does not exist. I changed it to "LABEL=$LABEL_PREFIX".
You can verify correct unseal operation by using:
tpm_unsealdata -z -i "/boot/aem/tpms/%some-long-hex-name%/aem/secret.txt.sealed"
It should print the secret you just sealed with "anti-evil-maid-seal".
THIS should also be part of the README, because rebooting over SD card is painfully slow + the normal reboot time and lack of debugging facilities... This is a nice and simple test you can perform to predict the outcome of the next reboot ^^.
chris-hacker-news
commented
Oct 1, 2016
•
edited
Edited 1 time
-
chris-hacker-news
edited Oct 1, 2016 (most recent)
edited
-
Oct 1, 2016 (most recent)
|
@tasket Thanks for your answer :).
You can verify correct unseal operation by using: tpm_unsealdata -z -i "/boot/aem/tpms/%some-long-hex-name%/aem/secret.txt.sealed" It should print the secret you just sealed with "anti-evil-maid-seal". THIS should also be part of the README, because rebooting over SD card is painfully slow + the normal reboot time and lack of debugging facilities... This is a nice and simple test you can perform to predict the outcome of the next reboot ^^. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
chris-hacker-news
Oct 1, 2016
FINALLY I got it to work, see my updated comment above!
I may try to fix the scripts for supporting SRK & Owner Key at some later date but right now I am really so done with all this low level boot stuff that I will probably not look at a PC for a few days and rather just tend to my pretty iPad, which just works ^^.
chris-hacker-news
commented
Oct 1, 2016
•
edited
Edited 1 time
-
chris-hacker-news
edited
Oct 1, 2016 (most recent)
edited
-
Oct 1, 2016 (most recent)
|
FINALLY I got it to work, see my updated comment above! I may try to fix the scripts for supporting SRK & Owner Key at some later date but right now I am really so done with all this low level boot stuff that I will probably not look at a PC for a few days and rather just tend to my pretty iPad, which just works ^^. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Oct 4, 2016
@nsun1 : Using the tboot 1.9.4 that I compiled doesn't seem to help. If I remove the min_ram parameter, the system restarts much like before.
With min_ram, the system unseals the secret and boots normally-- but wake from suspend no longer works. When its suspended and I press the power button, the HD light flashes like it normally does, but the screen never powers on. The power button keeps pulsing as if the system were still asleep, but after a minute the CPU fan starts running fast.
@chris-hacker-news : Does tboot 1.9.4 allow your system to sleep and wake up?
tasket
commented
Oct 4, 2016
|
@nsun1 : Using the tboot 1.9.4 that I compiled doesn't seem to help. If I remove the min_ram parameter, the system restarts much like before. With min_ram, the system unseals the secret and boots normally-- but wake from suspend no longer works. When its suspended and I press the power button, the HD light flashes like it normally does, but the screen never powers on. The power button keeps pulsing as if the system were still asleep, but after a minute the CPU fan starts running fast. @chris-hacker-news : Does tboot 1.9.4 allow your system to sleep and wake up? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
ghost
Oct 4, 2016
It looks like your machine needs min_ram parameter, so far we cannot tell if S3 was failed. One way is to collect from your serial port during S3 transition to identify this issue root cause.
Tboot 1.9.4 allows the S3 sleep and wake up, we usually test it with this command in linux “rtcwake -u -s 10 -m mem”
Do you have chance to get another vPro brand PC or laptop to run tboot on it, like HP, Dell all have this kind of machines?
-ning
From: tasket [mailto:notifications@github.com]
Sent: Tuesday, October 04, 2016 8:23 AM
To: QubesOS/qubes-issues qubes-issues@noreply.github.com
Cc: Sun, Ning ning.sun@intel.com; Mention mention@noreply.github.com
Subject: Re: [QubesOS/qubes-issues] AEM boot option causes hard reboot/partial shutdown (#2155)
@nsun1https://github.com/nsun1 : Using the tboot 1.9.4 that I compiled doesn't seem to help. If I remove the min_ram parameter, the system restarts much like before.
With min_ram, the system unseals the secret and boots normally-- but wake from suspend no longer works. When its suspended and I press the power button, the HD light flashes like it normally does, but the screen never powers on. The power button keeps pulsing as if the system were still asleep, but after a minute the CPU fan starts running fast.
@chris-hacker-newshttps://github.com/chris-hacker-news : Does tboot 1.9.4 allow your system to sleep and wake up?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHubhttps://github.com/QubesOS/qubes-issues/issues/2155#issuecomment-251421235, or mute the threadhttps://github.com/notifications/unsubscribe-auth/APgji3V91zh2ijYGevzOpydC13n1D0fqks5qwm9ngaJpZM4JFmD4.
ghost
commented
Oct 4, 2016
|
It looks like your machine needs min_ram parameter, so far we cannot tell if S3 was failed. One way is to collect from your serial port during S3 transition to identify this issue root cause. Do you have chance to get another vPro brand PC or laptop to run tboot on it, like HP, Dell all have this kind of machines? -ning From: tasket [mailto:notifications@github.com] @nsun1https://github.com/nsun1 : Using the tboot 1.9.4 that I compiled doesn't seem to help. If I remove the min_ram parameter, the system restarts much like before. With min_ram, the system unseals the secret and boots normally-- but wake from suspend no longer works. When its suspended and I press the power button, the HD light flashes like it normally does, but the screen never powers on. The power button keeps pulsing as if the system were still asleep, but after a minute the CPU fan starts running fast. @chris-hacker-newshttps://github.com/chris-hacker-news : Does tboot 1.9.4 allow your system to sleep and wake up? — |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Oct 5, 2016
@nsun1 : AFAIK there are no recent Thinkpad models with rs232 ports or with docks bearing them. The other computers here are AMD or otherwise don't have TXT.
I get the same behavior using the rtcwake command. Is there a log file that might be recording info during the wake attempt?
tasket
commented
Oct 5, 2016
|
@nsun1 : AFAIK there are no recent Thinkpad models with rs232 ports or with docks bearing them. The other computers here are AMD or otherwise don't have TXT. I get the same behavior using the rtcwake command. Is there a log file that might be recording info during the wake attempt? |
tasket
referenced this issue
Oct 5, 2016
Open
proposal: second qubes-certified laptop is Lenovo Thinkpad x220/x230 #1771
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
ghost
Oct 5, 2016
I am using the HP EliteDesk 800 and Dell T430 server for tboot dev.
When tboot got control returned from S3, tboot log will have all the print out afterwards, attached is an example from my HP EliteDesk.
From: tasket [mailto:notifications@github.com]
Sent: Wednesday, October 05, 2016 6:49 AM
To: QubesOS/qubes-issues qubes-issues@noreply.github.com
Cc: Sun, Ning ning.sun@intel.com; Mention mention@noreply.github.com
Subject: Re: [QubesOS/qubes-issues] AEM boot option causes hard reboot/partial shutdown (#2155)
@nsun1https://github.com/nsun1 : AFAIK there are no recent Thinkpad models with rs232 ports or with docks bearing them. The other computers here are AMD or otherwise don't have TXT.
I get the same behavior using the rtcwake command. Is there a log file that might be recording info during the wake attempt?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHubhttps://github.com/QubesOS/qubes-issues/issues/2155#issuecomment-251679923, or mute the threadhttps://github.com/notifications/unsubscribe-auth/APgjiwmUXX72aQqQlTN9VYEa7exDLoSeks5qw6rogaJpZM4JFmD4.
Intel(r) TXT Configuration Registers:
STS: 0x000180b1
senter_done: TRUE
sexit_done: FALSE
mem_config_lock: FALSE
private_open: TRUE
locality_1_open: TRUE
locality_2_open: TRUE
ESTS: 0x00
txt_reset: FALSE
E2STS: 0x0000000000000006
secrets: TRUE
ERRORCODE: 0x00000000
DIDVID: 0x00000001b0068086
vendor_id: 0x8086
device_id: 0xb006
revision_id: 0x1
FSBIF: 0xffffffffffffffff
QPIIF: 0x000000009d003000
SINIT.BASE: 0xb9ed0000
SINIT.SIZE: 327680B (0x50000)
HEAP.BASE: 0xb9f20000
HEAP.SIZE: 917504B (0xe0000)
DPR: 0x00000000ba000041
lock: TRUE
top: 0xba000000
size: 4MB (4194304B)
PUBLIC.KEY:
2d 67 dd d7 5e f9 33 92 66 a5 6f 27 18 95 55 ae
77 a2 b0 de 77 42 22 e5 de 24 8d be b8 e3 3d d7
TXT measured launch: TRUE
secrets flag set: TRUE
TBOOT log:
max_size=32706
zip_count=1
zip_pos[0] = 0
zip_size[0] = 12160
curr_pos=31485
buf:
TBOOT: *** TBOOT *******************
TBOOT: 2016-09-28 18:59 -0700 462:9b3461d87049
TBOOT: *********************************************
TBOOT: command line: logging=serial,memory,vga
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: BSP is cpu 0
TBOOT: original e820 map:
TBOOT: 0000000000000000 - 0000000000058000 (1)
TBOOT: 0000000000058000 - 0000000000059000 (2)
TBOOT: 0000000000059000 - 000000000009e000 (1)
TBOOT: 000000000009e000 - 000000000009f000 (2)
TBOOT: 000000000009f000 - 00000000000a0000 (1)
TBOOT: 00000000000a0000 - 0000000000100000 (2)
TBOOT: 0000000000100000 - 00000000b8cfb000 (1)
TBOOT: 00000000b8cfb000 - 00000000b91fb000 (20)
TBOOT: 00000000b91fb000 - 00000000b987f000 (2)
TBOOT: 00000000b987f000 - 00000000b994b000 (4)
TBOOT: 00000000b994b000 - 00000000b994c000 (2)
TBOOT: 00000000b994c000 - 00000000b9a7f000 (4)
TBOOT: 00000000b9a7f000 - 00000000b9aff000 (3)
TBOOT: 00000000b9aff000 - 00000000b9b00000 (1)
TBOOT: 00000000b9b00000 - 00000000be800000 (2)
TBOOT: 00000000f80fa000 - 00000000f80fb000 (2)
TBOOT: 00000000f80fd000 - 00000000f80fe000 (2)
TBOOT: 00000000fe000000 - 00000000fe011000 (2)
TBOOT: 00000000fed20000 - 00000000fed80000 (2)
TBOOT: 0000000100000000 - 000000033f800000 (1)
TBOOT: TPM: FIFO_INF Locality 0 is open
TBOOT: TPM: discrete TPM2.0 Family 0x1
TBOOT: ACM header length plus scratch size overflows
TBOOT: TPM: supported bank count = 2
TBOOT: TPM: bank alg = 00000004
TBOOT: TPM: bank alg = 0000000b
TBOOT: TPM: supported alg count = 00000002
TBOOT: 00000004
TBOOT: 0000000B
TBOOT: TPM:CreatePrimary creating hierarchy handle = 40000007
TBOOT: TPM:CreatePrimary created object handle = 80000000
TBOOT: TPM attribute:
TBOOT: extend policy: 2
TBOOT: current alg id: 0x4
TBOOT: timeout values: A: 750, B: 2000, C: 75000, D: 750
TBOOT: checking if module is an SINIT for this platform...
TBOOT: ACM info_table version mismatch (6)
TBOOT: chipset production fused: 1
TBOOT: chipset ids: vendor: 0x8086, device: 0xb006, revision: 0x1
TBOOT: processor family/model/stepping: 0x506e3
TBOOT: platform id: 0x4000000000000
TBOOT: 1 ACM chipset id entries:
TBOOT: vendor: 0x8086, device: 0xb006, flags: 0x1, revision: 0x1, extended: 0x0
TBOOT: 2 ACM processor id entries:
TBOOT: fms: 0x406e0, fms_mask: 0xfff3ff0, platform_id: 0x0, platform_mask: 0x0
TBOOT: fms: 0x506e0, fms_mask: 0xfff3ff0, platform_id: 0x0, platform_mask: 0x0
TBOOT: SINIT matches platform
TBOOT: TXT.SINIT.BASE: 0xb9ed0000
TBOOT: TXT.SINIT.SIZE: 0x50000 (327680)
TBOOT: copied SINIT (size=20000) to 0xb9ed0000
TBOOT: AC mod base alignment OK
TBOOT: AC mod size OK
TBOOT: AC module header dump for SINIT:
TBOOT: type: 0x2 (ACM_TYPE_CHIPSET)
TBOOT: subtype: 0x0
TBOOT: length: 0xa1 (161)
TBOOT: version: 0
TBOOT: chipset_id: 0xb006
TBOOT: flags: 0x0
TBOOT: pre_production: 0
TBOOT: debug_signed: 0
TBOOT: vendor: 0x8086
TBOOT: date: 0x20150713
TBOOT: size_4: 0x20000 (131072)
TBOOT: txt_svn: 0x00000000
TBOOT: se_svn: 0x00000002
TBOOT: code_control: 0x0
TBOOT: entry point: 0x00000008:0000df27
TBOOT: scratch_size: 0x8f (143)
TBOOT: info_table:
TBOOT: uuid: {0x7fc03aaa, 0x46a7, 0x18db, 0xac2e,
{0x69, 0x8f, 0x8d, 0x41, 0x7f, 0x5a}}
TBOOT: ACM_UUID_V3
TBOOT: chipset_acm_type: 0x1 (SINIT)
TBOOT: version: 6
TBOOT: length: 0x30 (48)
TBOOT: chipset_id_list: 0x4f0
TBOOT: os_sinit_data_ver: 0x7
TBOOT: min_mle_hdr_ver: 0x00020000
TBOOT: capabilities: 0x0000016e
TBOOT: rlp_wake_getsec: 0
TBOOT: rlp_wake_monitor: 1
TBOOT: ecx_pgtbl: 1
TBOOT: stm: 1
TBOOT: pcr_map_no_legacy: 0
TBOOT: pcr_map_da: 1
TBOOT: platform_type: 1
TBOOT: max_phy_addr: 1
TBOOT: acm_ver: 71
TBOOT: chipset list:
TBOOT: count: 1
TBOOT: entry 0:
TBOOT: flags: 0x1
TBOOT: vendor_id: 0x8086
TBOOT: device_id: 0xb006
TBOOT: revision_id: 0x1
TBOOT: extended_id: 0x0
TBOOT: processor list:
TBOOT: count: 2
TBOOT: entry 0:
TBOOT: fms: 0x406e0
TBOOT: fms_mask: 0xfff3ff0
TBOOT: platform_id: 0x0
TBOOT: platform_mask: 0x0
TBOOT: entry 1:
TBOOT: fms: 0x506e0
TBOOT: fms_mask: 0xfff3ff0
TBOOT: platform_id: 0x0
TBOOT: platform_mask: 0x0
TBOOT: TPM info list:
TBOOT: TPM capability:
TBOOT: ext_policy: 0x3
TBOOT: tpm_family : 0x3
TBOOT: tpm_nv_index_set : 0x0
TBOOT: alg count: 6
TBOOT: alg_id: 0x4
TBOOT: alg_id: 0xb
TBOOT: alg_id: 0xc
TBOOT: alg_id: 0xd
TBOOT: alg_id: 0x14
TBOOT: alg_id: 0x18
TBOOT: SGX:verify_IA32_se_svn_status is called
TBOOT: SGX is enabled, cpuid.ebx:0x29c6fbf
TBOOT: Comparing se_svn with ACM Header se_svn
TBOOT: se_svn is equal to ACM se_svn
TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01C10131 in TPM NV
TBOOT: :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01C10106 in TPM NV
TBOOT: :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT: version: 2
TBOOT: policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT: hash_alg: TB_HALG_SHA1
TBOOT: policy_control: 00000001 (EXTEND_PCR17)
TBOOT: num_entries: 3
TBOOT: policy entry[0]:
TBOOT: mod_num: 0
TBOOT: pcr: none
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[1]:
TBOOT: mod_num: any
TBOOT: pcr: 19
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[2]:
TBOOT: mod_num: nv_raw
nv_index: 40000010
TBOOT: pcr: 22
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: TPM: write NV 01c10132, offset 00000000, 00000004 bytes, return value = 0000018B
TBOOT: Error: write TPM error: 0x18b.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.ERRORCODE: 0x0
TBOOT: TXT.ESTS: 0x0
TBOOT: TXT.E2STS: 0x0
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.HEAP.BASE: 0xb9f20000
TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
TBOOT: unsupported BIOS data version (6)
TBOOT: bios_data (@0xb9f20008, 0x56):
TBOOT: version: 6
TBOOT: bios_sinit_size: 0x0 (0)
TBOOT: lcp_pd_base: 0x0
TBOOT: lcp_pd_size: 0x0 (0)
TBOOT: num_logical_procs: 8
TBOOT: flags: 0x200000000
TBOOT: ext_data_elts[]:
TBOOT: BIOS_SPEC_VER:
TBOOT: major: 0x2
TBOOT: minor: 0x1
TBOOT: rev: 0x0
TBOOT: ACM:
TBOOT: num_acms: 1
TBOOT: acm_addrs[0]: 0xffe60000
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: CR0 and EFLAGS OK
TBOOT: supports preserving machine check errors
TBOOT: CPU is ready for SENTER
TBOOT: checking previous errors on the last boot.
TPM: read NV index 01c10132 from offset 00000000, return value = 0000018B
TBOOT: Error: read TPM error: 0x18b.
TBOOT: last boot has no error.
TBOOT: file addresses:
TBOOT: &_start=0x804000
TBOOT: &_end=0xb54a60
TBOOT: &_mle_start=0x804000
TBOOT: &_mle_end=0x839000
TBOOT: &_post_launch_entry=0x804010
TBOOT: &txt_wakeup=0x804200
TBOOT: &g_mle_hdr=0x81e4e0
TBOOT: MLE header:
TBOOT: uuid={0x9082ac5a, 0x476f, 0x74a7, 0x5c0f,
{0x55, 0xa2, 0xcb, 0x51, 0xb6, 0x42}}
TBOOT: length=34
TBOOT: version=00020001
TBOOT: entry_point=00000010
TBOOT: first_valid_page=00000000
TBOOT: mle_start_off=4000
TBOOT: mle_end_off=39000
TBOOT: capabilities: 0x00000027
TBOOT: rlp_wake_getsec: 1
TBOOT: rlp_wake_monitor: 1
TBOOT: ecx_pgtbl: 1
TBOOT: stm: 0
TBOOT: pcr_map_no_legacy: 0
TBOOT: pcr_map_da: 1
TBOOT: platform_type: 0
TBOOT: max_phy_addr: 0
TBOOT: MLE start=0x804000, end=0x839000, size=0x35000
TBOOT: ptab_size=3000, ptab_base=0x801000
TBOOT: TXT.HEAP.BASE: 0xb9f20000
TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
TBOOT: unsupported BIOS data version (6)
TBOOT: bios_data (@0xb9f20008, 0x56):
TBOOT: version: 6
TBOOT: bios_sinit_size: 0x0 (0)
TBOOT: lcp_pd_base: 0x0
TBOOT: lcp_pd_size: 0x0 (0)
TBOOT: num_logical_procs: 8
TBOOT: flags: 0x200000000
TBOOT: ext_data_elts[]:
TBOOT: BIOS_SPEC_VER:
TBOOT: major: 0x2
TBOOT: minor: 0x1
TBOOT: rev: 0x0
TBOOT: ACM:
TBOOT: num_acms: 1
TBOOT: acm_addrs[0]: 0xffe60000
TBOOT: discarding RAM above reserved regions: 0xb9aff000 - 0xb9b00000
TBOOT: min_lo_ram: 0x0, max_lo_ram: 0xb8cfb000
TBOOT: min_hi_ram: 0x100000000, max_hi_ram: 0x33f800000
TBOOT: no LCP module found
TBOOT: os_sinit_data (@0xb9f3517e, 0x90):
TBOOT: version: 7
TBOOT: flags: 1
TBOOT: mle_ptab: 0x801000
TBOOT: mle_size: 0x35000 (217088)
TBOOT: mle_hdr_base: 0x1a4e0
TBOOT: vtd_pmr_lo_base: 0x0
TBOOT: vtd_pmr_lo_size: 0xb8c00000
TBOOT: vtd_pmr_hi_base: 0x100000000
TBOOT: vtd_pmr_hi_size: 0x23f800000
TBOOT: lcp_po_base: 0x0
TBOOT: lcp_po_size: 0x0 (0)
TBOOT: capabilities: 0x00000002
TBOOT: rlp_wake_getsec: 0
TBOOT: rlp_wake_monitor: 1
TBOOT: ecx_pgtbl: 0
TBOOT: stm: 0
TBOOT: pcr_map_no_legacy: 0
TBOOT: pcr_map_da: 0
TBOOT: platform_type: 0
TBOOT: max_phy_addr: 0
TBOOT: efi_rsdt_ptr: 0x0
TBOOT: ext_data_elts[]:
TBOOT: EVENT_LOG_PTR:
TBOOT: size: 36
TBOOT: count: 1
TBOOT: Log Descrption:
TBOOT: Alg: 4
TBOOT: Size: 4096
TBOOT: EventsOffset: [0,0]
TBOOT: No Event Log.
TBOOT: setting MTRRs for acmod: base=0xb9ed0000, size=0x20000, num_pages=32
TBOOT: The maximum allowed MTRR range size=16 Pages
TBOOT: executing GETSEC[SENTER]...
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: ** TBOOT *******************
TBOOT: 2016-09-28 18:59 -0700 462:9b3461d87049
TBOOT: *********************************************
TBOOT: command line: logging=serial,memory,vga
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: SINIT ACM successfully returned...
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: BSP is cpu 0
TBOOT: original e820 map:
TBOOT: 0000000000000000 - 0000000000058000 (1)
TBOOT: 0000000000058000 - 0000000000059000 (2)
TBOOT: 0000000000059000 - 000000000009e000 (1)
TBOOT: 000000000009e000 - 000000000009f000 (2)
TBOOT: 000000000009f000 - 00000000000a0000 (1)
TBOOT: 00000000000a0000 - 0000000000100000 (2)
TBOOT: 0000000000100000 - 00000000b8cfb000 (1)
TBOOT: 00000000b8cfb000 - 00000000b91fb000 (20)
TBOOT: 00000000b91fb000 - 00000000b987f000 (2)
TBOOT: 00000000b987f000 - 00000000b994b000 (4)
TBOOT: 00000000b994b000 - 00000000b994c000 (2)
TBOOT: 00000000b994c000 - 00000000b9a7f000 (4)
TBOOT: 00000000b9a7f000 - 00000000b9aff000 (3)
TBOOT: 00000000b9aff000 - 00000000b9b00000 (1)
TBOOT: 00000000b9b00000 - 00000000be800000 (2)
TBOOT: 00000000f80fa000 - 00000000f80fb000 (2)
TBOOT: 00000000f80fd000 - 00000000f80fe000 (2)
TBOOT: 00000000fe000000 - 00000000fe011000 (2)
TBOOT: 00000000fed20000 - 00000000fed80000 (2)
TBOOT: 0000000100000000 - 000000033f800000 (1)
TBOOT: TPM: FIFO_INF Locality 0 is open
TBOOT: TPM: discrete TPM2.0 Family 0x1
TBOOT: TPM: supported bank count = 2
TBOOT: TPM: bank alg = 00000004
TBOOT: TPM: bank alg = 0000000b
TBOOT: TPM: supported alg count = 00000002
TBOOT: 00000004
TBOOT: 0000000B
TBOOT: TPM attribute:
TBOOT: extend policy: 2
TBOOT: current alg id: 0x4
TBOOT: timeout values: A: 750, B: 2000, C: 75000, D: 750
TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01200001 in TPM NV
TBOOT: :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01400001 in TPM NV
TBOOT: :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT: version: 2
TBOOT: policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT: hash_alg: TB_HALG_SHA1
TBOOT: policy_control: 00000001 (EXTEND_PCR17)
TBOOT: num_entries: 3
TBOOT: policy entry[0]:
TBOOT: mod_num: 0
TBOOT: pcr: none
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[1]:
TBOOT: mod_num: any
TBOOT: pcr: 17
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[2]:
TBOOT: mod_num: nv_raw
nv_index: 40000010
TBOOT: pcr: 22
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: TPM: write NV 01200002, offset 00000000, 00000004 bytes, return value = 0000018B
TBOOT: Error: write TPM error: 0x18b.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0
TBOOT: TXT.ESTS: 0x0
TBOOT: TXT.E2STS: 0x0
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.HEAP.BASE: 0xb9f20000
TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
TBOOT: unsupported BIOS data version (6)
TBOOT: bios_data (@0xb9f20008, 0x56):
TBOOT: version: 6
TBOOT: bios_sinit_size: 0x0 (0)
TBOOT: lcp_pd_base: 0x0
TBOOT: lcp_pd_size: 0x0 (0)
TBOOT: num_logical_procs: 8
TBOOT: flags: 0x200000000
TBOOT: ext_data_elts[]:
TBOOT: BIOS_SPEC_VER:
TBOOT: major: 0x2
TBOOT: minor: 0x1
TBOOT: rev: 0x0
TBOOT: ACM:
TBOOT: num_acms: 1
TBOOT: acm_addrs[0]: 0xffe60000
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: Post_launch started ...
TBOOT: measured launch succeeded
TBOOT: TXT.HEAP.BASE: 0xb9f20000
TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
TBOOT: unsupported BIOS data version (6)
TBOOT: bios_data (@0xb9f20008, 0x56):
TBOOT: version: 6
TBOOT: bios_sinit_size: 0x0 (0)
TBOOT: lcp_pd_base: 0x0
TBOOT: lcp_pd_size: 0x0 (0)
TBOOT: num_logical_procs: 8
TBOOT: flags: 0x200000000
TBOOT: ext_data_elts[]:
TBOOT: BIOS_SPEC_VER:
TBOOT: major: 0x2
TBOOT: minor: 0x1
TBOOT: rev: 0x0
TBOOT: ACM:
TBOOT: num_acms: 1
TBOOT: acm_addrs[0]: 0xffe60000
TBOOT: os_mle_data (@0xb9f2005e, 0x15120):
TBOOT: version: 3
TBOOT: loader context addr: 0x28000
TBOOT: os_sinit_data (@0xb9f3517e, 0x90):
TBOOT: version: 7
TBOOT: flags: 1
TBOOT: mle_ptab: 0x801000
TBOOT: mle_size: 0x35000 (217088)
TBOOT: mle_hdr_base: 0x1a4e0
TBOOT: vtd_pmr_lo_base: 0x0
TBOOT: vtd_pmr_lo_size: 0xb8c00000
TBOOT: vtd_pmr_hi_base: 0x100000000
TBOOT: vtd_pmr_hi_size: 0x23f800000
TBOOT: lcp_po_base: 0x0
TBOOT: lcp_po_size: 0x0 (0)
TBOOT: capabilities: 0x00000002
TBOOT: rlp_wake_getsec: 0
TBOOT: rlp_wake_monitor: 1
TBOOT: ecx_pgtbl: 0
TBOOT: stm: 0
TBOOT: pcr_map_no_legacy: 0
TBOOT: pcr_map_da: 0
TBOOT: platform_type: 0
TBOOT: max_phy_addr: 0
TBOOT: efi_rsdt_ptr: 0x0
TBOOT: ext_data_elts[]:
TBOOT: EVENT_LOG_PTR:
TBOOT: size: 36
TBOOT: count: 1
TBOOT: Log Descrption:
TBOOT: Alg: 4
TBOOT: Size: 4096
TBOOT: EventsOffset: [0,801]
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x402
TBOOT: Digest: cd 0c 36 be 55 66 61 da ba 9d 45 2b fc 71 27 d6 d4 c5 44 1e
TBOOT: Data: 36 bytes
22 19 57 30 40 10 86 87 30 26 93 7d 4e b1 a0 19
c2 a4 fd 4b 81 a8 dc fe c7 fb 28 1d 03 3b d4 9d
00 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 255
TBOOT: Type: 0x401
TBOOT: Digest: 9d 98 66 cf 0b 7c 36 62 39 33 00 00 00 00 00 00 00 00 00 00
TBOOT: Data: 4 bytes
01 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40a
TBOOT: Digest: e0 7a 6a f9 04 73 cf 94 09 dd 52 0b a7 31 db 2c 4b 56 94 18
TBOOT: Data: 32 bytes
00 00 00 00 27 10 15 20 06 b0 00 00 00 02 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40b
TBOOT: Digest: 90 69 ca 78 e7 45 0a 28 51 73 43 1b 3e 52 c5 c2 52 99 e4 73
TBOOT: Data: 4 bytes
00 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40c
TBOOT: Digest: 0a af 76 f4 25 c6 e0 f4 3a 36 19 7d e7 68 e6 7d 9e 03 5a bb
TBOOT: Data: 4 bytes
02 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x412
TBOOT: Digest: 5b a9 3c 9d b0 cf f9 3f 52 b5 21 d7 42 0e 43 f6 ed a2 78 4f
TBOOT: Data: 1 bytes
00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40e
TBOOT: Digest: 5b a9 3c 9d b0 cf f9 3f 52 b5 21 d7 42 0e 43 f6 ed a2 78 4f
TBOOT: Data: 1 bytes
00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40f
TBOOT: Digest: 0a af 76 f4 25 c6 e0 f4 3a 36 19 7d e7 68 e6 7d 9e 03 5a bb
TBOOT: Data: 4 bytes
02 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x404
TBOOT: Digest: 7f 36 c1 2d 44 1f be f0 03 3b df 3d 72 bb 2f 36 ba ab 66 26
TBOOT: Data: 0 bytes
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x414
TBOOT: Digest: 5d fe a6 ad 59 16 9b 18 1f 5c bc 08 e8 44 55 fa 0e 28 91 61
TBOOT: Data: 95 bytes
01 01 80 00 03 00 0b 62 04 44 08 00 20 ef 9a 26
fc 22 d1 ae 8c ec ff 59 e9 48 1a c1 ec 53 3d be
22 8b ec 6d 17 93 0f 4c b2 cc 5b 97 24 00 68 01
01 80 00 01 00 0b 62 04 2c 04 00 20 b7 5c e1 94
6f 78 df 8b aa 42 69 18 db 09 31 80 17 e6 b3 8d
04 8c 95 4e 05 c2 c4 f3 4b d4 40 60 00 46 00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x410
TBOOT: Digest: fe 48 79 5c e3 18 12 ff a8 14 99 7f 46 3e a0 ca 19 eb 33 2c
TBOOT: Data: 0 bytes
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x40b
TBOOT: Digest: 90 69 ca 78 e7 45 0a 28 51 73 43 1b 3e 52 c5 c2 52 99 e4 73
TBOOT: Data: 4 bytes
00 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x40f
TBOOT: Digest: 0a af 76 f4 25 c6 e0 f4 3a 36 19 7d e7 68 e6 7d 9e 03 5a bb
TBOOT: Data: 4 bytes
02 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x40c
TBOOT: Digest: 0a af 76 f4 25 c6 e0 f4 3a 36 19 7d e7 68 e6 7d 9e 03 5a bb
TBOOT: Data: 4 bytes
02 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x413
TBOOT: Digest: 5b a9 3c 9d b0 cf f9 3f 52 b5 21 d7 42 0e 43 f6 ed a2 78 4f
TBOOT: Data: 1 bytes
00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x414
TBOOT: Digest: 5d fe a6 ad 59 16 9b 18 1f 5c bc 08 e8 44 55 fa 0e 28 91 61
TBOOT: Data: 95 bytes
01 01 80 00 03 00 0b 62 04 44 08 00 20 ef 9a 26
fc 22 d1 ae 8c ec ff 59 e9 48 1a c1 ec 53 3d be
22 8b ec 6d 17 93 0f 4c b2 cc 5b 97 24 00 68 01
01 80 00 01 00 0b 62 04 2c 04 00 20 b7 5c e1 94
6f 78 df 8b aa 42 69 18 db 09 31 80 17 e6 b3 8d
04 8c 95 4e 05 c2 c4 f3 4b d4 40 60 00 46 00
TBOOT: sinit_mle_data (@0xb9f3520e, 0x2e4):
TBOOT: version: 9
TBOOT: bios_acm_id:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: edx_senter_flags: 0x00000000
TBOOT: mseg_valid: 0x0
TBOOT: sinit_hash:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: mle_hash:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: stm_hash:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: lcp_policy_hash:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: lcp_policy_control: 0x00000000
TBOOT: rlp_wakeup_addr: 0xb9ed1bb0
TBOOT: num_mdrs: 6
TBOOT: mdrs_off: 0x254
TBOOT: num_vtd_dmars: 168
TBOOT: vtd_dmars_off: 0x1ac
TBOOT: sinit_mdrs:
TBOOT: 0000000000000000 - 00000000000a0000 (GOOD)
TBOOT: 0000000000100000 - 0000000001000000 (GOOD)
TBOOT: 0000000001000000 - 00000000b9c00000 (GOOD)
TBOOT: 0000000100000000 - 000000033f800000 (GOOD)
TBOOT: 00000000ba000000 - 00000000bc000000 (SMRAM NON-OVERLAY)
TBOOT: 00000000f8000000 - 00000000fc000000 (PCIE EXTENDED CONFIG)
TBOOT: proc_scrtm_status: 0x00000000
TBOOT: ext_data_elts[]:
TBOOT: unknown element: type: 6, size: 196
TBOOT: unknown element: type: 9, size: 68
TBOOT: CPU supports 39 phys address bits
TBOOT: RSDP (v2, HPQOEM) @ 0x0fbe
TBOOT: acpi_table_ioapic @ 0xb9aed06c, .address = 0xfec00000
TBOOT: acpi_table_mcfg @ 0xb9aec000, .base_address = 0xf8000000
TBOOT: mtrr_def_type: e = 1, fe = 1, type = 6
TBOOT: mtrrs:
TBOOT: base mask type v
TBOOT: 00000000c0000 0000007fc0000 00 01
TBOOT: 00000000bc000 0000007ffc000 00 01
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: discarding RAM above reserved regions: 0xb9aff000 - 0xb9b00000
TBOOT: reserving 0xb8c00000 - 0xb8cfb000, which was truncated for VT-d
TBOOT: min_lo_ram: 0x0, max_lo_ram: 0xb8cfb000
TBOOT: min_hi_ram: 0x100000000, max_hi_ram: 0x33f800000
TBOOT: MSR for SMM monitor control on BSP is 0x0.
TBOOT: verifying ILP is opt-out or has the same MSEG header with TXT.MSEG.BASE
opt-out
TBOOT: : succeeded.
TBOOT: enabling SMIs on BSP
TBOOT: mle_join.entry_point = 804200
TBOOT: mle_join.seg_sel = 8
TBOOT: mle_join.gdt_base = 805000
TBOOT: mle_join.gdt_limit = 3f
TBOOT: joining RLPs to MLE with MONITOR wakeup
TBOOT: rlp_wakeup_addr = 0xb9ed1bb0
TBOOT: cpu 2 waking up from TXT sleep
TBOOT: waiting for all APs (7) to enter wait-for-sipi...
TBOOT: MSR for SMM monitor control on cpu 2 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 2
: succeeded.
TBOOT: enabling SMIs on cpu 2
TBOOT: .VMXON done for cpu 2
TBOOT:
TBOOT: cpu 6 waking up from TXT sleep
TBOOT: launching mini-guest for cpu 2
TBOOT: MSR for SMM monitor control on cpu 6 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 6
: succeeded.
TBOOT: enabling SMIs on cpu 6
TBOOT: VMXON done for cpu 6
TBOOT: launching mini-guest for cpu 6
TBOOT: cpu 4 waking up from TXT sleep
TBOOT: MSR for SMM monitor control on cpu 4 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 4
: succeeded.
TBOOT: enabling SMIs on cpu 4
TBOOT: VMXON done for cpu 4
TBOOT: .cpu 7 waking up from TXT sleep
TBOOT: launching mini-guest for cpu 4
TBOOT: MSR for SMM monitor control on cpu 7 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 7
: succeeded.
TBOOT: enabling SMIs on cpu 7
TBOOT: VMXON done for cpu 7
TBOOT: launching mini-guest for cpu 7
TBOOT: cpu 3 waking up from TXT sleep
TBOOT: MSR for SMM monitor control on cpu 3 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 3
: succeeded.
TBOOT: enabling SMIs on cpu 3
TBOOT: VMXON done for cpu 3
TBOOT: .cpu 5 waking up from TXT sleep
TBOOT: launching mini-guest for cpu 3
TBOOT: MSR for SMM monitor control on cpu 5 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 5
: succeeded.
TBOOT: enabling SMIs on cpu 5
TBOOT: VMXON done for cpu 5
TBOOT: launching mini-guest for cpu 5
TBOOT: cpu 1 waking up from TXT sleep
TBOOT: MSR for SMM monitor control on cpu 1 is 0x0
TBOOT: .verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 1
. : succeeded.
TBOOT: .enabling SMIs on cpu 1
TBOOT: .VMXON done for cpu 1
TBOOT:
TBOOT: launching mini-guest for cpu 1
TBOOT: all APs in wait-for-sipi
TBOOT: saved IA32_MISC_ENABLE = 0x00850089
TBOOT: set TXT.CMD.SECRETS flag
TBOOT: opened TPM locality 1
TBOOT: DMAR table @ 0xb9ac9000 saved.
TBOOT: got sinit match on module #2
TBOOT: no LCP module found
TBOOT: protecting TXT heap (b9f20000 - b9ffffff) in e820 table
TBOOT: protecting SINIT (b9ed0000 - b9f1ffff) in e820 table
TBOOT: protecting TXT Private Space (fed20000 - fed2ffff) in e820 table
TBOOT: verifying e820 table against SINIT MDRs: verification succeeded.
TBOOT: verifying module 0 of mbi (100000 - 7d653f) in e820 table
(range from 0000000000100000 to 00000000007d6540 is in E820_RAM)
TBOOT: : succeeded.
TBOOT: verifying module 1 of mbi (b55000 - 6ebb9ff) in e820 table
(range from 0000000000b55000 to 0000000006ebba00 is in E820_RAM)
TBOOT: : succeeded.
TBOOT: verifying tboot and its page table (800000 - b54a5f) in e820 table
(range from 0000000000800000 to 0000000000b54a60 is in E820_RAM)
TBOOT: : succeeded.
TBOOT: ELF magic number is not matched, image is not ELF format.
TBOOT: protecting tboot (800000 - b54fff) in e820 table
TBOOT: reserving tboot memory log (60000 - 67fff) in e820 table
TBOOT: adjusted e820 map:
TBOOT: 0000000000000000 - 0000000000058000 (1)
TBOOT: 0000000000058000 - 0000000000059000 (2)
TBOOT: 0000000000059000 - 0000000000060000 (1)
TBOOT: 0000000000060000 - 0000000000068000 (2)
TBOOT: 0000000000068000 - 000000000009e000 (1)
TBOOT: 000000000009e000 - 000000000009f000 (2)
TBOOT: 000000000009f000 - 00000000000a0000 (1)
TBOOT: 00000000000a0000 - 0000000000100000 (2)
TBOOT: 0000000000100000 - 0000000000800000 (1)
TBOOT: 0000000000800000 - 0000000000b55000 (2)
TBOOT: 0000000000b55000 - 00000000b8c00000 (1)
TBOOT: 00000000b8c00000 - 00000000b8cfb000 (2)
TBOOT: 00000000b8cfb000 - 00000000b91fb000 (20)
TBOOT: 00000000b91fb000 - 00000000b987f000 (2)
TBOOT: 00000000b987f000 - 00000000b994b000 (4)
TBOOT: 00000000b994b000 - 00000000b994c000 (2)
TBOOT: 00000000b994c000 - 00000000b9a7f000 (4)
TBOOT: 00000000b9a7f000 - 00000000b9aff000 (3)
TBOOT: 00000000b9aff000 - 00000000b9b00000 (2)
TBOOT: 00000000b9b00000 - 00000000b9ed0000 (2)
TBOOT: 00000000b9ed0000 - 00000000b9f20000 (2)
TBOOT: 00000000b9f20000 - 00000000ba000000 (2)
TBOOT: 00000000ba000000 - 00000000be800000 (2)
TBOOT: 00000000f80fa000 - 00000000f80fb000 (2)
TBOOT: 00000000f80fd000 - 00000000f80fe000 (2)
TBOOT: 00000000fe000000 - 00000000fe011000 (2)
TBOOT: 00000000fed20000 - 00000000fed30000 (2)
TBOOT: 00000000fed30000 - 00000000fed80000 (2)
TBOOT: 0000000100000000 - 000000033f800000 (1)
TBOOT: verifying policy
TBOOT: verifying module "
root=UUID=b960d645-e37b-4856-b198-b9a978ecb5c2 ro quiet splash intel_iommu=on"...
TBOOT: OK : 4c c9 fb 4b a4 78 5d 79 08 c0 6d 73 4f 50 b3 78 10 cf 07 66
TBOOT: verifying module ""...
TBOOT: OK : 7b 94 2f c0 65 29 08 ef 62 84 8f 61 80 79 be 6b 00 43 f5 cf
TBOOT: all modules are verified
TBOOT: pre_k_s3_state:
TBOOT: vtd_pmr_lo_base: 0x0
TBOOT: vtd_pmr_lo_size: 0xb8c00000
TBOOT: vtd_pmr_hi_base: 0x100000000
TBOOT: vtd_pmr_hi_size: 0x23f800000
TBOOT: pol_hash: ce 78 8c 7b 47 b2 91 85 b8 8c 3c a0 7d f7 02 e3 a1 e4 60 03
TBOOT: VL measurements:
TBOOT: PCR 17 (alg count 1):
TBOOT: alg 0004: fb b1 b9 ea b0 c9 2a c0 9c 28 14 f5 38 b5 ad 02 af e0 ee af
TBOOT: PCR 18 (alg count 1):
TBOOT: alg 0004: fb b1 b9 ea b0 c9 2a c0 9c 28 14 f5 38 b5 ad 02 af e0 ee af
TBOOT: PCR 17 (alg count 1):
TBOOT: alg 0004: 4c c9 fb 4b a4 78 5d 79 08 c0 6d 73 4f 50 b3 78 10 cf 07 66
TBOOT: PCR 17 (alg count 1):
TBOOT: alg 0004: 7b 94 2f c0 65 29 08 ef 62 84 8f 61 80 79 be 6b 00 43 f5 cf
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x501
TBOOT: Digest: fb b1 b9 ea b0 c9 2a c0 9c 28 14 f5 38 b5 ad 02 af e0 ee af
TBOOT: Data: 0 bytes
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x501
TBOOT: Digest: fb b1 b9 ea b0 c9 2a c0 9c 28 14 f5 38 b5 ad 02 af e0 ee af
TBOOT: Data: 0 bytes
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x501
TBOOT: Digest: 4c c9 fb 4b a4 78 5d 79 08 c0 6d 73 4f 50 b3 78 10 cf 07 66
TBOOT: Data: 0 bytes
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x501
TBOOT: Digest: 7b 94 2f c0 65 29 08 ef 62 84 8f 61 80 79 be 6b 00 43 f5 cf
TBOOT: Data: 0 bytes
TBOOT: requested 0x40 random bytes but only got 0x20
TBOOT: trying one more time to get remaining 0x20 bytes
TBOOT: tboot_shared data:
TBOOT: version: 6
TBOOT: log_addr: 0x00060000
TBOOT: shutdown_entry: 0x008041c0
TBOOT: shutdown_type: 0
TBOOT: tboot_base: 0x00804000
TBOOT: tboot_size: 0x350a60
TBOOT: num_in_wfs: 7
TBOOT: flags: 0x00000000
TBOOT: ap_wake_addr: 0x00000000
TBOOT: ap_wake_trigger: 0
TBOOT: no LCP module found
TBOOT: ELF magic number is not matched, image is not ELF format.
TBOOT: assuming kernel is Linux format
TBOOT: Initrd from 0x79c99000 to 0x7ffffa00
TBOOT: Kernel (protected mode) from 0x1000000 to 0x16d1f40
TBOOT: Kernel (real mode) from 0x69c00 to 0x6e200
TBOOT: Linux cmdline placed in header: root=UUID=b960d645-e37b-4856-b198-b9a978ecb5c2 ro quiet splash intel_i
TBOOT: ommu=on
TBOOT:
TBOOT: transfering control to kernel @0x1000000...
TBOOT: VMXOFF done for cpu 2
TBOOT: cpu 2 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 4
TBOOT: cpu 4 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 6
TBOOT: cpu 6 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 1
TBOOT: cpu 1 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 3
TBOOT: cpu 3 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 5
TBOOT: cpu 5 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 7
TBOOT: cpu 7 waking up, SIPI vector=98000
TBOOT: shutdown(): TB_SHUTDOWN_WFS
TBOOT: VMXON done for cpu 2
TBOOT: launching mini-guest for cpu 2
TBOOT: shutdown(): TB_SHUTDOWN_WFS
TBOOT: VMXON done for cpu 4
TBOOT: launching mini-guest for cpu 4
TBOOT: shutdown(): TB_SHUTDOWN_WFS
TBOOT: VMXON done for cpu 6
TBOOT: launching mini-guest for cpu 6
TBOOT: shutdown(): TB_SHUTDOWN_WFS
TBOOT: VMXON done for cpu 1
TBOOT: launching mini-guest for cpu 1
TBOOT: shutdown(): TB_SHUTDOWN_WFS
TBOOT: VMXON done for cpu 3
TBOOT: launching mini-guest for cpu 3
TBOOT: shutdown(): TB_SHUTDOWN_WFS
TBOOT: VMXON done for cpu 5
TBOOT: launching mini-guest for cpu 5
TBOOT: shutdown(): TB_SHUTDOWN_WFS
TBOOT: VMXON done for cpu 7
TBOOT: wait until all APs ready for txt shutdown
TBOOT: launching mini-guest for cpu 7
TBOOT: DMAR table @ 0xb9ac9000 is still there, skip restore step.
TBOOT: MACing region 0: 0x1000 - 0x58000
TBOOT: MACing region 1: 0x59000 - 0x60000
TBOOT: MACing region 2: 0x68000 - 0x9e000
TBOOT: MACing region 3: 0x9f000 - 0xa0000
TBOOT: MACing region 4: 0x100000 - 0x800000
TBOOT: MACing region 5: 0xb55000 - 0xb8c00000
TBOOT: MACing region 6: 0x100000000 - 0x13f800000
TBOOT: post_k_s3_state:
TBOOT: kernel_s3_resume_vector: 0x981d0
TBOOT: kernel_integ: 3f 7b 18 16 98 4e 88 05
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: cap'ed dynamic PCRs
TBOOT: waiting for APs (7) to exit guests...
TBOOT: .VMXOFF done for cpu 1
TBOOT:
TBOOT: VMXOFF done for cpu 3
TBOOT: VMXOFF done for cpu 2
TBOOT: .VMXOFF done for cpu 4
TBOOT: VMXOFF done for cpu 5
TBOOT: VMXOFF done for cpu 6
TBOOT: VMXOFF done for cpu 7
TBOOT: .
TBOOT: all APs exited guests
TBOOT: secrets flag cleared
TBOOT: memory configuration unlocked
TBOOT: private config space closed
TBOOT: executing GETSEC[SEXIT]...
TBOOT: measured environment torn down
TBOOT: shutdown_system() called for shutdown_type: TB_SHUTDOWN_S3
TBOOT: PM1A GAS @ 0x83e020:
TBOOT: space_id: I/O
TBOOT: bit_width: 16
TBOOT: bit_offset: 0
TBOOT: access_width: 2
TBOOT: address: 1804
TBOOT: PM1B GAS @ 0x83e02c:
TBOOT: space_id: I/O
TBOOT: bit_width: 0
TBOOT: bit_offset: 0
TBOOT: access_width: 2
TBOOT: address: 0
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: ******************* TBOOT *******************
TBOOT: 2016-09-28 18:59 -0700 462:9b3461d87049
TBOOT: *********************************************
TBOOT: command line: logging=serial,memory,vga
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: Resume from S3...
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: BSP is cpu 0
TBOOT: TPM: FIFO_INF Locality 0 is open
TBOOT: TPM: discrete TPM2.0 Family 0x1
TBOOT: TPM: supported bank count = 2
TBOOT: TPM: bank alg = 00000004
TBOOT: TPM: bank alg = 0000000b
TBOOT: TPM: supported alg count = 00000002
TBOOT: 00000004
TBOOT: 0000000B
TBOOT: TPM attribute:
TBOOT: extend policy: 2
TBOOT: current alg id: 0x4
TBOOT: timeout values: A: 750, B: 2000, C: 75000, D: 750
TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01200001 in TPM NV
TBOOT: :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01400001 in TPM NV
TBOOT: :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT: version: 2
TBOOT: policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT: hash_alg: TB_HALG_SHA1
TBOOT: policy_control: 00000001 (EXTEND_PCR17)
TBOOT: num_entries: 3
TBOOT: policy entry[0]:
TBOOT: mod_num: 0
TBOOT: pcr: none
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[1]:
TBOOT: mod_num: any
TBOOT: pcr: 17
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[2]:
TBOOT: mod_num: nv_raw
nv_index: 40000010
TBOOT: pcr: 22
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: TPM: write NV 01200002, offset 00000000, 00000004 bytes, return value = 0000018B
TBOOT: Error: write TPM error: 0x18b.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.ERRORCODE: 0x0
TBOOT: TXT.ESTS: 0x0
TBOOT: TXT.E2STS: 0x0
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.HEAP.BASE: 0xb9f20000
TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
TBOOT: unsupported BIOS data version (6)
TBOOT: bios_data (@0xb9f20008, 0x56):
TBOOT: version: 6
TBOOT: bios_sinit_size: 0x0 (0)
TBOOT: lcp_pd_base: 0x0
TBOOT: lcp_pd_size: 0x0 (0)
TBOOT: num_logical_procs: 8
TBOOT: flags: 0x200000000
TBOOT: ext_data_elts[]:
TBOOT: BIOS_SPEC_VER:
TBOOT: major: 0x2
TBOOT: minor: 0x1
TBOOT: rev: 0x0
TBOOT: ACM:
TBOOT: num_acms: 1
TBOOT: acm_addrs[0]: 0xffe60000
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: CR0.NE not set
TBOOT: CR0 and EFLAGS OK
TBOOT: supports preserving machine check errors
TBOOT: CPU is ready for SENTER
TBOOT: setting MTRRs for acmod: base=0xb9ed0000, size=0x20000, num_pages=32
TBOOT: The maximum allowed MTRR range size=16 Pages
TBOOT: executing GETSEC[SENTER]...
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: ******************* TBOOT *******************
TBOOT: 2016-09-28 18:59 -0700 462:9b3461d87049
TBOOT: *********************************************
TBOOT: command line: logging=serial,memory,vga
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: SINIT ACM successfully returned...
TBOOT: Resume from S3...
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: BSP is cpu 0
TBOOT: TPM: FIFO_INF Locality 0 is open
TBOOT: TPM: discrete TPM2.0 Family 0x1
TBOOT: TPM: supported bank count = 2
TBOOT: TPM: bank alg = 00000004
TBOOT: TPM: bank alg = 0000000b
TBOOT: TPM: supported alg count = 00000002
TBOOT: 00000004
TBOOT: 0000000B
TBOOT: TPM attribute:
TBOOT: extend policy: 2
TBOOT: current alg id: 0x4
TBOOT: timeout values: A: 750, B: 2000, C: 75000, D: 750
TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01200001 in TPM NV
TBOOT: :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01400001 in TPM NV
TBOOT: :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT: version: 2
TBOOT: policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT: hash_alg: TB_HALG_SHA1
TBOOT: policy_control: 00000001 (EXTEND_PCR17)
TBOOT: num_entries: 3
TBOOT: policy entry[0]:
TBOOT: mod_num: 0
TBOOT: pcr: none
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[1]:
TBOOT: mod_num: any
TBOOT: pcr: 17
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[2]:
TBOOT: mod_num: nv_raw
nv_index: 40000010
TBOOT: pcr: 22
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: TPM: write NV 01200002, offset 00000000, 00000004 bytes, return value = 0000018B
TBOOT: Error: write TPM error: 0x18b.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0
TBOOT: TXT.ESTS: 0x0
TBOOT: TXT.E2STS: 0x0
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.HEAP.BASE: 0xb9f20000
TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
TBOOT: unsupported BIOS data version (6)
TBOOT: bios_data (@0xb9f20008, 0x56):
TBOOT: version: 6
TBOOT: bios_sinit_size: 0x0 (0)
TBOOT: lcp_pd_base: 0x0
TBOOT: lcp_pd_size: 0x0 (0)
TBOOT: num_logical_procs: 8
TBOOT: flags: 0x200000000
TBOOT: ext_data_elts[]:
TBOOT: BIOS_SPEC_VER:
TBOOT: major: 0x2
TBOOT: minor: 0x1
TBOOT: rev: 0x0
TBOOT: ACM:
TBOOT: num_acms: 1
TBOOT: acm_addrs[0]: 0xffe60000
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: Post_launch started ...
TBOOT: measured launch succeeded
TBOOT: TXT.HEAP.BASE: 0xb9f20000
TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
TBOOT: unsupported BIOS data version (6)
TBOOT: bios_data (@0xb9f20008, 0x56):
TBOOT: version: 6
TBOOT: bios_sinit_size: 0x0 (0)
TBOOT: lcp_pd_base: 0x0
TBOOT: lcp_pd_size: 0x0 (0)
TBOOT: num_logical_procs: 8
TBOOT: flags: 0x200000000
TBOOT: ext_data_elts[]:
TBOOT: BIOS_SPEC_VER:
TBOOT: major: 0x2
TBOOT: minor: 0x1
TBOOT: rev: 0x0
TBOOT: ACM:
TBOOT: num_acms: 1
TBOOT: acm_addrs[0]: 0xffe60000
TBOOT: os_mle_data (@0xb9f2005e, 0x15120):
TBOOT: version: 3
TBOOT: loader context addr: 0x28000
TBOOT: os_sinit_data (@0xb9f3517e, 0x90):
TBOOT: version: 7
TBOOT: flags: 1
TBOOT: mle_ptab: 0x801000
TBOOT: mle_size: 0x35000 (217088)
TBOOT: mle_hdr_base: 0x1a4e0
TBOOT: vtd_pmr_lo_base: 0x0
TBOOT: vtd_pmr_lo_size: 0xb8c00000
TBOOT: vtd_pmr_hi_base: 0x100000000
TBOOT: vtd_pmr_hi_size: 0x23f800000
TBOOT: lcp_po_base: 0x0
TBOOT: lcp_po_size: 0x0 (0)
TBOOT: capabilities: 0x00000002
TBOOT: rlp_wake_getsec: 0
TBOOT: rlp_wake_monitor: 1
TBOOT: ecx_pgtbl: 0
TBOOT: stm: 0
TBOOT: pcr_map_no_legacy: 0
TBOOT: pcr_map_da: 0
TBOOT: platform_type: 0
TBOOT: max_phy_addr: 0
TBOOT: efi_rsdt_ptr: 0x0
TBOOT: ext_data_elts[]:
TBOOT: EVENT_LOG_PTR:
TBOOT: size: 36
TBOOT: count: 1
TBOOT: Log Descrption:
TBOOT: Alg: 4
TBOOT: Size: 4096
TBOOT: EventsOffset: [0,801]
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x402
TBOOT: Digest: cd 0c 36 be 55 66 61 da ba 9d 45 2b fc 71 27 d6 d4 c5 44 1e
TBOOT: Data: 36 bytes
22 19 57 30 40 10 86 87 30 26 93 7d 4e b1 a0 19
c2 a4 fd 4b 81 a8 dc fe c7 fb 28 1d 03 3b d4 9d
00 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 255
TBOOT: Type: 0x401
TBOOT: Digest: 9d 98 66 cf 0b 7c 36 62 39 33 00 00 00 00 00 00 00 00 00 00
TBOOT: Data: 4 bytes
01 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40a
TBOOT: Digest: e0 7a 6a f9 04 73 cf 94 09 dd 52 0b a7 31 db 2c 4b 56 94 18
TBOOT: Data: 32 bytes
00 00 00 00 27 10 15 20 06 b0 00 00 00 02 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40b
TBOOT: Digest: 90 69 ca 78 e7 45 0a 28 51 73 43 1b 3e 52 c5 c2 52 99 e4 73
TBOOT: Data: 4 bytes
00 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40c
TBOOT: Digest: 0a af 76 f4 25 c6 e0 f4 3a 36 19 7d e7 68 e6 7d 9e 03 5a bb
TBOOT: Data: 4 bytes
02 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x412
TBOOT: Digest: 5b a9 3c 9d b0 cf f9 3f 52 b5 21 d7 42 0e 43 f6 ed a2 78 4f
TBOOT: Data: 1 bytes
00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40e
TBOOT: Digest: 5b a9 3c 9d b0 cf f9 3f 52 b5 21 d7 42 0e 43 f6 ed a2 78 4f
TBOOT: Data: 1 bytes
00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x40f
TBOOT: Digest: 0a af 76 f4 25 c6 e0 f4 3a 36 19 7d e7 68 e6 7d 9e 03 5a bb
TBOOT: Data: 4 bytes
02 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x404
TBOOT: Digest: 7f 36 c1 2d 44 1f be f0 03 3b df 3d 72 bb 2f 36 ba ab 66 26
TBOOT: Data: 0 bytes
TBOOT: Event:
TBOOT: PCRIndex: 17
TBOOT: Type: 0x414
TBOOT: Digest: 5d fe a6 ad 59 16 9b 18 1f 5c bc 08 e8 44 55 fa 0e 28 91 61
TBOOT: Data: 95 bytes
01 01 80 00 03 00 0b 62 04 44 08 00 20 ef 9a 26
fc 22 d1 ae 8c ec ff 59 e9 48 1a c1 ec 53 3d be
22 8b ec 6d 17 93 0f 4c b2 cc 5b 97 24 00 68 01
01 80 00 01 00 0b 62 04 2c 04 00 20 b7 5c e1 94
6f 78 df 8b aa 42 69 18 db 09 31 80 17 e6 b3 8d
04 8c 95 4e 05 c2 c4 f3 4b d4 40 60 00 46 00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x410
TBOOT: Digest: fe 48 79 5c e3 18 12 ff a8 14 99 7f 46 3e a0 ca 19 eb 33 2c
TBOOT: Data: 0 bytes
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x40b
TBOOT: Digest: 90 69 ca 78 e7 45 0a 28 51 73 43 1b 3e 52 c5 c2 52 99 e4 73
TBOOT: Data: 4 bytes
00 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x40f
TBOOT: Digest: 0a af 76 f4 25 c6 e0 f4 3a 36 19 7d e7 68 e6 7d 9e 03 5a bb
TBOOT: Data: 4 bytes
02 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x40c
TBOOT: Digest: 0a af 76 f4 25 c6 e0 f4 3a 36 19 7d e7 68 e6 7d 9e 03 5a bb
TBOOT: Data: 4 bytes
02 00 00 00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x413
TBOOT: Digest: 5b a9 3c 9d b0 cf f9 3f 52 b5 21 d7 42 0e 43 f6 ed a2 78 4f
TBOOT: Data: 1 bytes
00
TBOOT: Event:
TBOOT: PCRIndex: 18
TBOOT: Type: 0x414
TBOOT: Digest: 5d fe a6 ad 59 16 9b 18 1f 5c bc 08 e8 44 55 fa 0e 28 91 61
TBOOT: Data: 95 bytes
01 01 80 00 03 00 0b 62 04 44 08 00 20 ef 9a 26
fc 22 d1 ae 8c ec ff 59 e9 48 1a c1 ec 53 3d be
22 8b ec 6d 17 93 0f 4c b2 cc 5b 97 24 00 68 01
01 80 00 01 00 0b 62 04 2c 04 00 20 b7 5c e1 94
6f 78 df 8b aa 42 69 18 db 09 31 80 17 e6 b3 8d
04 8c 95 4e 05 c2 c4 f3 4b d4 40 60 00 46 00
TBOOT: sinit_mle_data (@0xb9f3520e, 0x2e4):
TBOOT: version: 9
TBOOT: bios_acm_id:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: edx_senter_flags: 0x00000000
TBOOT: mseg_valid: 0x0
TBOOT: sinit_hash:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: mle_hash:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: stm_hash:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: lcp_policy_hash:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
TBOOT: lcp_policy_control: 0x00000000
TBOOT: rlp_wakeup_addr: 0xb9ed1bb0
TBOOT: num_mdrs: 6
TBOOT: mdrs_off: 0x254
TBOOT: num_vtd_dmars: 168
TBOOT: vtd_dmars_off: 0x1ac
TBOOT: sinit_mdrs:
TBOOT: 0000000000000000 - 00000000000a0000 (GOOD)
TBOOT: 0000000000100000 - 0000000001000000 (GOOD)
TBOOT: 0000000001000000 - 00000000b9c00000 (GOOD)
TBOOT: 0000000100000000 - 000000033f800000 (GOOD)
TBOOT: 00000000ba000000 - 00000000bc000000 (SMRAM NON-OVERLAY)
TBOOT: 00000000f8000000 - 00000000fc000000 (PCIE EXTENDED CONFIG)
TBOOT: proc_scrtm_status: 0x00000000
TBOOT: ext_data_elts[]:
TBOOT: unknown element: type: 6, size: 196
TBOOT: unknown element: type: 9, size: 68
TBOOT: CPU supports 39 phys address bits
TBOOT: RSDP (v2, HPQOEM) @ 0x0fbe
TBOOT: acpi_table_ioapic @ 0xb9aed06c, .address = 0xfec00000
TBOOT: acpi_table_mcfg @ 0xb9aec000, .base_address = 0xf8000000
TBOOT: mtrr_def_type: e = 1, fe = 1, type = 6
TBOOT: mtrrs:
TBOOT: base mask type v
TBOOT: 00000000c0000 0000007fc0000 00 01
TBOOT: 00000000bc000 0000007ffc000 00 01
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: 0000000000000 0000000000000 00 00
TBOOT: min_lo_ram: 0x0, max_lo_ram: 0xb8c00000
TBOOT: min_hi_ram: 0x100000000, max_hi_ram: 0x33f800000
TBOOT: MSR for SMM monitor control on BSP is 0x0.
TBOOT: verifying ILP is opt-out or has the same MSEG header with TXT.MSEG.BASE
opt-out
TBOOT: : succeeded.
TBOOT: enabling SMIs on BSP
TBOOT: mle_join.entry_point = 804200
TBOOT: mle_join.seg_sel = 8
TBOOT: mle_join.gdt_base = 805000
TBOOT: mle_join.gdt_limit = 3f
TBOOT: joining RLPs to MLE with MONITOR wakeup
TBOOT: rlp_wakeup_addr = 0xb9ed1bb0
TBOOT: cpu 6 waking up from TXT sleep
TBOOT: waiting for all APs (7) to enter wait-for-sipi...
TBOOT: MSR for SMM monitor control on cpu 6 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 6
: succeeded.
TBOOT: enabling SMIs on cpu 6
TBOOT: .VMXON done for cpu 6
TBOOT:
TBOOT: launching mini-guest for cpu 6
TBOOT: cpu 7 waking up from TXT sleep
TBOOT: MSR for SMM monitor control on cpu 7 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 7
: succeeded.
TBOOT: enabling SMIs on cpu 7
TBOOT: VMXON done for cpu 7
TBOOT: launching mini-guest for cpu 7
TBOOT: cpu 2 waking up from TXT sleep
TBOOT: MSR for SMM monitor control on cpu 2 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 2
: succeeded.
TBOOT: enabling SMIs on cpu 2
TBOOT: VMXON done for cpu 2
TBOOT: .launching mini-guest for cpu 2
TBOOT: cpu 5 waking up from TXT sleep
TBOOT: MSR for SMM monitor control on cpu 5 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 5
: succeeded.
TBOOT: enabling SMIs on cpu 5
TBOOT: VMXON done for cpu 5
TBOOT: launching mini-guest for cpu 5
TBOOT: cpu 3 waking up from TXT sleep
TBOOT: MSR for SMM monitor control on cpu 3 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 3
: succeeded.
TBOOT: enabling SMIs on cpu 3
TBOOT: VMXON done for cpu 3
TBOOT: .cpu 4 waking up from TXT sleep
TBOOT: launching mini-guest for cpu 3
TBOOT: MSR for SMM monitor control on cpu 4 is 0x0
TBOOT: verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 4
: succeeded.
TBOOT: enabling SMIs on cpu 4
TBOOT: VMXON done for cpu 4
TBOOT: launching mini-guest for cpu 4
TBOOT: cpu 1 waking up from TXT sleep
TBOOT: MSR for SMM monitor control on cpu 1 is 0x0
TBOOT: .verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 1
. : succeeded.
TBOOT: .enabling SMIs on cpu 1
TBOOT: .VMXON done for cpu 1
TBOOT:
TBOOT: launching mini-guest for cpu 1
TBOOT: all APs in wait-for-sipi
TBOOT: saved IA32_MISC_ENABLE = 0x00850089
TBOOT: set TXT.CMD.SECRETS flag
TBOOT: opened TPM locality 1
TBOOT: DMAR table @ 0xb9ac9000 saved.
TBOOT: No need to hide DMAR table.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: verifying pre_k_s3_state
TBOOT: TPM: Load return value = 00000910
TBOOT: failed to unseal blob
TBOOT: creation or verification of S3 measurements failed.
TBOOT: tboot_shared data:
TBOOT: version: 6
TBOOT: log_addr: 0x00060000
TBOOT: shutdown_entry: 0x008041c0
TBOOT: shutdown_type: 3
TBOOT: tboot_base: 0x00804000
TBOOT: tboot_size: 0x350a60
TBOOT: num_in_wfs: 7
TBOOT: flags: 0x00000000
TBOOT: ap_wake_addr: 0x00000000
TBOOT: ap_wake_trigger: 0
TBOOT: VMXOFF done for cpu 2
TBOOT: cpu 2 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 4
TBOOT: cpu 4 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 6
TBOOT: cpu 6 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 1
TBOOT: cpu 1 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 3
TBOOT: cpu 3 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 5
TBOOT: cpu 5 waking up, SIPI vector=98000
TBOOT: VMXOFF done for cpu 7
TBOOT: cpu 7 waking up, SIPI vector=98000
ghost
commented
Oct 5, 2016
|
I am using the HP EliteDesk 800 and Dell T430 server for tboot dev. From: tasket [mailto:notifications@github.com] @nsun1https://github.com/nsun1 : AFAIK there are no recent Thinkpad models with rs232 ports or with docks bearing them. The other computers here are AMD or otherwise don't have TXT. I get the same behavior using the rtcwake command. Is there a log file that might be recording info during the wake attempt? — Intel(r) TXT Configuration Registers: TBOOT log: |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Oct 13, 2016
@andrewdavidwong @chris-hacker-news : Is it possible to test tboot 1.9.4 on your systems to see how sleep/wake work? It would be good to have the extra input and get a sense for how common the waking problem is.
tasket
commented
Oct 13, 2016
|
@andrewdavidwong @chris-hacker-news : Is it possible to test tboot 1.9.4 on your systems to see how sleep/wake work? It would be good to have the extra input and get a sense for how common the waking problem is. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
andrewdavidwong
Oct 13, 2016
Member
@tasket: Not sure when exactly I'll have time to do this, but I'll try!
|
@tasket: Not sure when exactly I'll have time to do this, but I'll try! |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Oct 13, 2016
Thanks Andrew!
@nsun1 : If that log is from a serial port, can I get similar output on the vga display somehow? Unfortunately, the display doesn't seem to turn on when resuming from S3, even if tboot was loaded with the vga logging option. I somewhat doubt an in-memory log would survive a reboot on my system... is this even an option?
tasket
commented
Oct 13, 2016
|
Thanks Andrew! @nsun1 : If that log is from a serial port, can I get similar output on the vga display somehow? Unfortunately, the display doesn't seem to turn on when resuming from S3, even if tboot was loaded with the vga logging option. I somewhat doubt an in-memory log would survive a reboot on my system... is this even an option? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Oct 25, 2016
Update:
I have tried updating to the latest BIOS version and installed xen 4.6.3 without any improvement. Also, switching to Linux 4.4.12 in dom0 has no effect -- System still appears to freeze during resume.
tasket
commented
Oct 25, 2016
|
Update: |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
ghost
Oct 25, 2016
Usually, we try linux kernel w/ tboot, and do s3 resume with command: rtcwake –u –s 10 -m mem.
From: tasket [mailto:notifications@github.com]
Sent: Tuesday, October 25, 2016 3:11 PM
To: QubesOS/qubes-issues qubes-issues@noreply.github.com
Cc: Sun, Ning ning.sun@intel.com; Mention mention@noreply.github.com
Subject: Re: [QubesOS/qubes-issues] AEM boot option causes hard reboot/partial shutdown (#2155)
Update:
I have tried updating to the latest BIOS version and installed xen 4.6.3 without any improvement. Also, switching to Linux 4.4.12 in dom0 has no effect -- System still appears to freeze during resume.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHubhttps://github.com/QubesOS/qubes-issues/issues/2155#issuecomment-256192230, or mute the threadhttps://github.com/notifications/unsubscribe-auth/APgji1wIQNqn-hzNPPW5_4rklkLra1rnks5q3n5agaJpZM4JFmD4.
ghost
commented
Oct 25, 2016
|
Usually, we try linux kernel w/ tboot, and do s3 resume with command: rtcwake –u –s 10 -m mem. From: tasket [mailto:notifications@github.com] Update: — |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Nov 1, 2016
@nsun1 : The rtcwake command in this case doesn't behave any differently than other methods of going into sleep/wake modes.
If you know of some way to retrieve a boot log from memory then I can try that. However, I'm assuming recent Intel systems scramble RAM after a system reset, making log recovery impossible.
tasket
commented
Nov 1, 2016
|
@nsun1 : The rtcwake command in this case doesn't behave any differently than other methods of going into sleep/wake modes. If you know of some way to retrieve a boot log from memory then I can try that. However, I'm assuming recent Intel systems scramble RAM after a system reset, making log recovery impossible. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
andrewdavidwong
Nov 13, 2016
Member
@tasket: I just re-tested the min_ram option on the latest R3.2 with anti-evil-maid-3.0.4-1.fc23.x86_64. Unfortunately, there's still no change. The system still fails to boot in the same way.
andrewdavidwong
commented
Nov 13, 2016
•
edited
Edited 1 time
-
andrewdavidwong
edited
Nov 13, 2016 (most recent)
edited
-
Nov 13, 2016 (most recent)
|
@tasket: I just re-tested the |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Nov 14, 2016
@andrewdavidwong Thanks :)
Let us know if you test it also with tboot 1.9.4, which does boot for me; Its available from https://sourceforge.net/projects/tboot/files/tboot/ and IIRC you should have a cc of email from nsun1@intel.com 9/1/2016 with tboot signature. This newer tboot does have an issue where my system can't wake from sleep.
tasket
commented
Nov 14, 2016
|
@andrewdavidwong Thanks :) Let us know if you test it also with tboot 1.9.4, which does boot for me; Its available from https://sourceforge.net/projects/tboot/files/tboot/ and IIRC you should have a cc of email from nsun1@intel.com 9/1/2016 with tboot signature. This newer tboot does have an issue where my system can't wake from sleep. |
marmarek
removed this from the Release 3.2 milestone
Nov 19, 2016
marmarek
modified the milestones:
Release 3.2 updates,
Release 3.2
Nov 19, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
rustybird
Nov 26, 2016
@tasket Can you paste the tboot signature into a gist? Maybe that will get more testers.
rustybird
commented
Nov 26, 2016
|
@tasket Can you paste the tboot signature into a gist? Maybe that will get more testers. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
cyrinux
Nov 26, 2016
i guys, I would like to try too, I have a t450s and anti-evil-maid doesn't work since my last bios update.
I can't find a rpm for tboot 1.9.4, could you help me?
cyrinux
commented
Nov 26, 2016
•
edited
Edited 1 time
-
cyrinux
edited Nov 26, 2016 (most recent)
edited
-
Nov 26, 2016 (most recent)
|
i guys, I would like to try too, I have a t450s and anti-evil-maid doesn't work since my last bios update. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Nov 27, 2016
@rustybird @cyrinux : You can download it here...
https://sourceforge.net/projects/tboot/files/tboot/
The signature is attached to this post (unzip it before using it to gpg --verify)
tboot-1.9.4.gpg.zip
tasket
commented
Nov 27, 2016
|
@rustybird @cyrinux : You can download it here... https://sourceforge.net/projects/tboot/files/tboot/ The signature is attached to this post (unzip it before using it to |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Nov 27, 2016
Forgot to mention that is source code so you will have to use make to create the binary that is placed on the AEM boot volume.
Its also possible to manually download a binary deb package from ubuntu's repository then verify it using the ubuntu keys that can be installed in a debian template.
tasket
commented
Nov 27, 2016
•
edited
Edited 1 time
-
tasket
edited
Nov 27, 2016 (most recent)
edited
-
Nov 27, 2016 (most recent)
|
Forgot to mention that is source code so you will have to use Its also possible to manually download a binary deb package from ubuntu's repository then verify it using the ubuntu keys that can be installed in a debian template. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
rustybird
Nov 28, 2016
The signature is attached to this post (unzip it before using it to gpg --verify)
tboot-1.9.4.gpg.zip
Thanks!
Do you know if the signing key (which was created on the same day as the signature) is mentioned anywhere online? The keyserver had 4 more keys for his email address:
$ gpg --verify tboot-1.9.4.tar.gz.gpg
gpg: Signature made Thu 01 Sep 2016 01:33:40 AM UTC
gpg: using RSA key 0x314B1F9A2252E060
gpg: Good signature from "Ning Sun <ning.sun@intel.com>" [unknown]
gpg: WARNING: Using untrusted key!
$ gpg --search-keys ning.sun@intel.com
gpg: searching for "ning.sun@intel.com" from hkp server qdigse2yzvuglcix.onion
(1) Ning Sun <ning.sun@intel.com>
2048 bit RSA key 0x314B1F9A2252E060, created: 2016-09-01
(2) Ning Sun <ning.sun@intel.com>
2048 bit RSA key 0x2E06527408EB8FF1, created: 2015-04-15
(3) Ning Sun <ning.sun@intel.com>
2048 bit RSA key 0x6B6F8FEC54688283, created: 2015-03-06
(4) NINGSUN <ning.sun@intel.com>
2048 bit RSA key 0x9D127ACB85C97614, created: 2015-03-06
(5) Ning Sun <ning.sun@intel.com>
2048 bit RSA key 0x474191673CD2A023, created: 2015-03-05
(FWIW, the signature's data payload was identical to the tboot-1.9.4.tar.gz I downloaded from one of SourceForge's HTTP mirrors over Tor. Hurray)
rustybird
commented
Nov 28, 2016
•
edited
Edited 1 time
-
rustybird
edited Nov 28, 2016 (most recent)
edited
-
Nov 28, 2016 (most recent)
Thanks! Do you know if the signing key (which was created on the same day as the signature) is mentioned anywhere online? The keyserver had 4 more keys for his email address: (FWIW, the signature's data payload was identical to the tboot-1.9.4.tar.gz I downloaded from one of SourceForge's HTTP mirrors over Tor. Hurray) |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Nov 28, 2016
@rustybird -
@nsun1 can comment about the key that was used (seems to have prefered making a new key for that purpose). I get the impression trusted boot isn't a high priority project for Intel. I don't know what else to make of it.
You might feel better about verifying and unpacking the Ubuntu package instead?
tasket
commented
Nov 28, 2016
|
@rustybird - You might feel better about verifying and unpacking the Ubuntu package instead? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
ghost
Nov 28, 2016
ghost
commented
Nov 28, 2016
|
If it is for try out or test purpose, tboot source code can be found from here: https://sourceforge.net/p/tboot/code/ci/default/tree/
You can download it with command: hg clone http://hg.code.sf.net/p/tboot/code tboot-code
From: tasket [mailto:notifications@github.com]
Sent: Monday, November 28, 2016 1:53 PM
To: QubesOS/qubes-issues <qubes-issues@noreply.github.com>
Cc: Sun, Ning <ning.sun@intel.com>; Mention <mention@noreply.github.com>
Subject: Re: [QubesOS/qubes-issues] AEM boot option causes hard reboot/partial shutdown (#2155)
@rustybird<https://github.com/rustybird> -
@nsun1<https://github.com/nsun1> can comment about the key that was used (seems to have prefered making a new key for that purpose). I get the impression trusted boot isn't a high priority project for Intel. I don't know what else to make of it.
You might feel better about verifying and unpacking the Ubuntu package instead?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#2155 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/APgjixf8sQ6NVXU_W2gsGSmw3C2xMRBrks5rC01BgaJpZM4JFmD4>.
|
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
bburky
Jan 12, 2017
I had the same crash/reboot after executing GETSEC[SENTER]. I was able to fix it by using the files unpacked from the Ubuntu package.
rtcwake –u –s 10 -m mem seems to crash the computer with or without tboot. This is a desktop, so I don't really care though. The power light does blink like it goes into suspend. But the CPU fan goes full speed and the screen goes blank. Can't wake it. Somehow even the physical reset button didn't work. S3 suspend is enabled in BIOS. Or one time the fan didn't spin, and the reset button did work, but the computer couldn't be woken. "Sleep" works in Windows on this machine.
- X11SSV-Q
- i7-6700
(Yes, it's a weird computer. I know. Was mostly intended for gaming, decided to pick some specs to allow running Qubes and AEM too though. Need to manage to add a second USB controller for the keyboard somehow though.)
bburky
commented
Jan 12, 2017
|
I had the same crash/reboot after
(Yes, it's a weird computer. I know. Was mostly intended for gaming, decided to pick some specs to allow running Qubes and AEM too though. Need to manage to add a second USB controller for the keyboard somehow though.) |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
earque
Mar 11, 2017
I recently experienced this same issue though I'm not sure how. I'm pretty new to linux so my diagnosis skills are limited.
About 3 months ago I installed qubes 3.2 on my x230 thinkpad, no major issues, almost everything works. AEM working fine. I'm not sure what caused the change. Best I can figure is that whenever I saw a dom0 update, I updated (rather carelessly, it turns out), without really testing or even restarting. In fact I almost never shut my machine down below s3 sleep.
About 3 days ago I got tired of waiting for my laptop to become responsive and I hard restarted. The AEM grub option goes into a boot loop, which I think people in this thread are familiar with. After several days of penitent googling and restarts, it turns out that AEM now only works with 1) a well known owner, 2) the min_ram parameter set, 3) tboot 1.9.4 files (blobs?). As of my last restart, none of this was the case.
So there you have it. I have no idea what was updated or why it would cause tboot to stop working.
FWIW, AEM is installed to my boot sector and I haven't tried it on a usb device. It's hard enough to get it working as it is.
Lessons: I need to figure out how to roll back updates with dnf. I need to watch what gets updated, and test, or at least restart, after updating. If my boot sequence were to be tampered with, I'd probably just think it was something I did, and ham-fistedly clear tpm in my attempt to fix it. In fact, I may have just done that. They do tell me my context is high threat, which is why I'm going through this in the first place.
earque
commented
Mar 11, 2017
•
edited
Edited 1 time
-
earque
edited Mar 11, 2017 (most recent)
edited
-
Mar 11, 2017 (most recent)
|
I recently experienced this same issue though I'm not sure how. I'm pretty new to linux so my diagnosis skills are limited. About 3 months ago I installed qubes 3.2 on my x230 thinkpad, no major issues, almost everything works. AEM working fine. I'm not sure what caused the change. Best I can figure is that whenever I saw a dom0 update, I updated (rather carelessly, it turns out), without really testing or even restarting. In fact I almost never shut my machine down below s3 sleep. About 3 days ago I got tired of waiting for my laptop to become responsive and I hard restarted. The AEM grub option goes into a boot loop, which I think people in this thread are familiar with. After several days of penitent googling and restarts, it turns out that AEM now only works with 1) a well known owner, 2) the min_ram parameter set, 3) tboot 1.9.4 files (blobs?). As of my last restart, none of this was the case. So there you have it. I have no idea what was updated or why it would cause tboot to stop working. FWIW, AEM is installed to my boot sector and I haven't tried it on a usb device. It's hard enough to get it working as it is. Lessons: I need to figure out how to roll back updates with dnf. I need to watch what gets updated, and test, or at least restart, after updating. If my boot sequence were to be tampered with, I'd probably just think it was something I did, and ham-fistedly clear tpm in my attempt to fix it. In fact, I may have just done that. They do tell me my context is high threat, which is why I'm going through this in the first place. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
tasket
Mar 13, 2017
@earque It was a Xen or Linux upgrade that triggered the problem for me... wish I could be more specific.
If you are using removable media for the boot volume, you also have to be mindful about which package updates will require that volume to be mounted as /boot (during the update). That includes xen* packages, kernel, tboot, grub and anything that gets included in the initramfs.
tasket
commented
Mar 13, 2017
|
@earque It was a Xen or Linux upgrade that triggered the problem for me... wish I could be more specific. If you are using removable media for the boot volume, you also have to be mindful about which package updates will require that volume to be mounted as /boot (during the update). That includes xen* packages, kernel, tboot, grub and anything that gets included in the initramfs. |
andrewdavidwong commentedJul 5, 2016
Qubes OS version (e.g.,
R3.1):R3.1,R3.2-rc1Full discussion thread
Brief Problem Description:
Everything goes smoothly with the AEM installation up to step 5 (reboot and select the "AEM Qubes" GRUB option). I select that option (or allow it to be auto-selected, or select the one in the "advanced" submenu). It gets about 4 lines in (up to "loading initial ramdisk"), then the laptop appears to do a hard reboot/partial shutdown. Instead of a normal reboot with the BIOS and normal boot process, the screen is blank, but the system retains power. (Power button is lit and keyboard backlight brightness can be changed.)
More precisely, here are the physical symptoms, in order: