Charles Bushong | 25 Mar 16:51 2013
Picon

verifying module against policy failed

Hi all,

I'm trying to get tboot up and running for my first time, and this list has been a great help.  However it seems I'm running into some problems when actually validating the modules.  I was hoping someone might have some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and legacy grub if it makes a difference.

I get ownership and define the nvram indicies without much issue (finally).  Then I create and write the v1 policy with this:

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

There are a few red flags that are sticking out to me.

1) Does this post-GETSEC[SENTER] error code mean anything?
TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

2) Modules failing.
TBOOT: verifying module "
/vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: verifying module "
/initramfs-2.6.32-279.5.1.el6.x86_64.img"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: all modules are verified

I can't figure out why it's reading the policy without issue, getting into GETSEC[SENTER], and then still failing the policy check.  Any help or points in the right direction would be appreciated.  Thanks!

-Charles
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Wei, Gang | 26 Mar 00:22 2013
Picon

Re: verifying module against policy failed

Charles Bushong wrote onĀ 2013-03-25:
> Hi all,
> 
> 
> I'm trying to get tboot up and running for my first time, and this list
> has been a great help.  However it seems I'm running into some problems
> when actually validating the modules.  I was hoping someone might have
> some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and
> legacy grub if it makes a difference.
> 
> 
> I get ownership and define the nvram indicies without much issue
(finally).
> Then I create and write the v1 policy with this:
> 
> tb_polgen --create --type nonfatal vl_ver1.pol
> tb_polgen --add --num 0 --pcr 18 --hash image --cmdline
> "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
> tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline"
> --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
> tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image
> /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
> lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS
> 
> 
> There are a few red flags that are sticking out to me.
> 
> 
> 1) Does this post-GETSEC[SENTER] error code mean anything?
> 
> TBOOT: TXT.ERRORCODE: 0xc0000001
> TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

This just mean everything is ok, sinit executed successfully.

> 
> 
> 2) Modules failing. TBOOT: verifying module "
> /vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"... TBOOT:  
> verification failed TBOOT: verifying module against policy failed.
> TBOOT: verifying module " /initramfs-2.6.32-279.5.1.el6.x86_64.img"...
> TBOOT:   verification failed TBOOT: verifying module against policy
> failed. TBOOT: all modules are verified

Please send the gruc.cfg & attach a serial port cable(or just use txt-stat
if already booted up) to get an entire booting log for tboot and send it
out.

Jimmy

> 
> 
> I can't figure out why it's reading the policy without issue, getting into
> GETSEC[SENTER], and then still failing the policy check.  Any help or
points in
> the right direction would be appreciated.  Thanks!
> 
> 
> -Charles
Attachment (smime.p7s): application/pkcs7-signature, 11 KiB
------------------------------------------------------------------------------
Own the Future-Intel&reg; Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game 
on Steam. $5K grand prize plus 10 genre and skill prizes. 
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Charles Bushong | 29 Mar 14:54 2013
Picon

Re: verifying module against policy failed

Jimmy,

Sorry, I replied before but it was caught by the oversized message filter.  I've been working with Charles F. to refine my configuration.  I think a few of the kinks have been worked out (such as forgetting to define an LCP...whoops), but Charles can no longer help me.  My machine won't boot at all, just restarts when it hits SENTER, and the next time it tries to boot, it says TXT.ERRORCODE=0x0.  Not sure why nothing is getting written into it...

Since the machine won't boot, I can't get txt-stat output.  I'm trying to figure out a setup to get the serial output, but for now all I have is screencaps of iDRAC.  I put it in an album on my google plus page here: https://plus.google.com/photos/104524032208184395446/albums/5860751449766674161  I'd attach it, but the photo set is around 100k and it would bounce the email.

Here is my config as it stands:

#### Release NVRAM Indicies
#owner
tpmnv_relindex -i owner -p $TPM_PASS
#tboot
tpmnv_relindex -i 0x20000001 -p $TPM_PASS
#error
tpmnv_relindex -i 0x20000002 -p $TPM_PASS


#### Define NVRAM Indicies
#owner
tpmnv_defindex -i owner -p $TPM_PASS
#tboot
tpmnv_defindex -i 0x20000001 -s 256 -pv 0x02 -p $TPM_PASS
#error
tpmnv_defindex -i 0x20000002 -s 8 -pv 0 -rl 0x07 -wl 0x07 -p $TPM_PASS

###LCP v2
lcp_mlehash –c "logging=vga,serial,memory vga_delay=15 loglvl=all" /boot/tboot.gz > tboot_hash
#Create the MLE Element
lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt tboot_hash
#Create policy list
lcp_crtpollist --create --out list_unsig.lst mle.elt
#Sign the list
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem
cp list_unsig.lst list_sig.lst
lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out list_sig.lst
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_{unsig,sig}.lst
#Write the policy to nvram
lcp_writepol -i owner -f list.pol -p $TPM_PASS
cp list.data /boot/list.data
#***Add /list.data to grub.conf***

###VLP
## Create the file
tb_polgen --create --type nonfatal vl_ver1.pol
## Add all the lines of your /boot/grub/menu.lst  The file is the image, everything after that is under "cmdline"
tb_polgen --add --num 0 --pcr none --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
## Write the policy
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

#####grub.conf:
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.32-279.5.1.el6.x86_64)
        root (hd0,0)
        kernel /tboot.gz logging=vga,serial,memory vga_delay=15 loglvl=all
        module /vmlinuz-2.6.32-279.5.1.el6.x86_64 ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255
        module /initramfs-2.6.32-279.5.1.el6.x86_64.img
        module /Xeon-5600-3500-SINIT-v1.1.BIN
        module /list.data

-Charles


On Mon, Mar 25, 2013 at 7:22 PM, Wei, Gang <gang.wei <at> intel.com> wrote:
Charles Bushong wrote on 2013-03-25:
> Hi all,
>
>
> I'm trying to get tboot up and running for my first time, and this list
> has been a great help.  However it seems I'm running into some problems
> when actually validating the modules.  I was hoping someone might have
> some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and
> legacy grub if it makes a difference.
>
>
> I get ownership and define the nvram indicies without much issue
(finally).
> Then I create and write the v1 policy with this:
>
> tb_polgen --create --type nonfatal vl_ver1.pol
> tb_polgen --add --num 0 --pcr 18 --hash image --cmdline
> "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
> tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline"
> --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
> tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image
> /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
> lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS
>
>
> There are a few red flags that are sticking out to me.
>
>
> 1) Does this post-GETSEC[SENTER] error code mean anything?
>
> TBOOT: TXT.ERRORCODE: 0xc0000001
> TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

This just mean everything is ok, sinit executed successfully.

>
>
> 2) Modules failing. TBOOT: verifying module "
> /vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"... TBOOT:
> verification failed TBOOT: verifying module against policy failed.
> TBOOT: verifying module " /initramfs-2.6.32-279.5.1.el6.x86_64.img"...
> TBOOT:   verification failed TBOOT: verifying module against policy
> failed. TBOOT: all modules are verified

Please send the gruc.cfg & attach a serial port cable(or just use txt-stat
if already booted up) to get an entire booting log for tboot and send it
out.

Jimmy

>
>
> I can't figure out why it's reading the policy without issue, getting into
> GETSEC[SENTER], and then still failing the policy check.  Any help or
points in
> the right direction would be appreciated.  Thanks!
>
>
> -Charles

------------------------------------------------------------------------------
Own the Future-Intel(R) Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest. Compete 
for recognition, cash, and the chance to get your game on Steam. 
$5K grand prize plus 10 genre and skill prizes. Submit your demo 
by 6/6/13. http://altfarm.mediaplex.com/ad/ck/12124-176961-30367-2
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Charles.Fisher | 26 Mar 02:14 2013

Re: verifying module against policy failed

There appear to be a couple of things that I don’t understand. It appears that while you have written you VL policy, you haven’t written a Launch Control Policy (which goes in the owner NV index). What your LCP will be depends on the processor, which you didn’t mention in you post. That is the place the tboot is validated by the SINIT module, and then when it returns tboot validates the remainder of the modules in grub.

 

It may be possible to do what you tried, but I have always had to have a LCP, which is where tboot and it command line are validated, so the first tb_polgen line is the one for vmlinuz-2.6.32-279…

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]
Sent: Monday, March 25, 2013 8:52 AM
To: tboot-devel <at> lists.sourceforge.net
Subject: [tboot-devel] verifying module against policy failed

 

Hi all,

I'm trying to get tboot up and running for my first time, and this list has been a great help.  However it seems I'm running into some problems when actually validating the modules.  I was hoping someone might have some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and legacy grub if it makes a difference.

I get ownership and define the nvram indicies without much issue (finally).  Then I create and write the v1 policy with this:

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

There are a few red flags that are sticking out to me.

1) Does this post-GETSEC[SENTER] error code mean anything?

TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

 

2) Modules failing.
TBOOT: verifying module "
/vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: verifying module "
/initramfs-2.6.32-279.5.1.el6.x86_64.img"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: all modules are verified

I can't figure out why it's reading the policy without issue, getting into GETSEC[SENTER], and then still failing the policy check.  Any help or points in the right direction would be appreciated.  Thanks!


-Charles

------------------------------------------------------------------------------
Own the Future-Intel&reg; Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game 
on Steam. $5K grand prize plus 10 genre and skill prizes. 
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Charles Bushong | 26 Mar 16:16 2013
Picon

Re: verifying module against policy failed

Charles F,

You're right.  I haven't written anything to the owner index.  It seems in my shuffling of various configurations, that part was lost.  The problem is, now that I'm writing this, it's stopping on SENTER and rebooting the system.  I have tried with the following configurations:

###Attempt 1
###VLP
tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

#### Create and write Launch Control Policy (LCPv1)
lcp_mlehash -c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > mle_hash
lcp_crtpol -t hashonly -m mle_hash -o lcp_v1.pol

lcp_writepol -i owner -f lcp_v1.pol -p $TPM_PASS
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

#### Result: Instant system reset once it hit SENTER

####Attempt 2
###VLP
tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

###LCPv2
lcp_mlehash –c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > tboot_hash
lcp_crtpolelt --create --type mle --ctrl 0x00 --out mle.elt tboot_hash
lcp_crtpollist --create --out list_unsig.lst mle.elt
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_unsig.lst
cp list.data /boot

tcsd
lcp_writepol -i owner -f list.pol -p $TPM_PASS
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

###Add /list.data to /boot/grub/grub.conf

#### Result: Instant system reset once it hit SENTER

The processor is a Xeon X5675.  I'll keep playing around with the LCP, because it seems like this might be the root of my problems.  Any insight you can offer would be a big help.

-Charles B.

On Mon, Mar 25, 2013 at 9:14 PM, <Charles.Fisher <at> gdc4s.com> wrote:

There appear to be a couple of things that I don’t understand. It appears that while you have written you VL policy, you haven’t written a Launch Control Policy (which goes in the owner NV index). What your LCP will be depends on the processor, which you didn’t mention in you post. That is the place the tboot is validated by the SINIT module, and then when it returns tboot validates the remainder of the modules in grub.

 

It may be possible to do what you tried, but I have always had to have a LCP, which is where tboot and it command line are validated, so the first tb_polgen line is the one for vmlinuz-2.6.32-279…

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]
Sent: Monday, March 25, 2013 8:52 AM
To: tboot-devel <at> lists.sourceforge.net
Subject: [tboot-devel] verifying module against policy failed

 

Hi all,

I'm trying to get tboot up and running for my first time, and this list has been a great help.  However it seems I'm running into some problems when actually validating the modules.  I was hoping someone might have some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and legacy grub if it makes a difference.

I get ownership and define the nvram indicies without much issue (finally).  Then I create and write the v1 policy with this:

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

There are a few red flags that are sticking out to me.

1) Does this post-GETSEC[SENTER] error code mean anything?

TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

 

2) Modules failing.
TBOOT: verifying module "
/vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: verifying module "
/initramfs-2.6.32-279.5.1.el6.x86_64.img"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: all modules are verified

I can't figure out why it's reading the policy without issue, getting into GETSEC[SENTER], and then still failing the policy check.  Any help or points in the right direction would be appreciated.  Thanks!


-Charles


------------------------------------------------------------------------------
Own the Future-Intel&reg; Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game 
on Steam. $5K grand prize plus 10 genre and skill prizes. 
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Charles Bushong | 27 Mar 18:49 2013
Picon

Re: verifying module against policy failed

Charles F.,

Alright, I looked a bit more into this and tried to run something along these lines:

#Hash tboot.gz
lcp_mlehash –c "logging=vga,serial,memory vga_delay=10 loglvl=all" /boot/tboot.gz > tboot_hash
#Create the MLE Element
lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt tboot_hash
#Get current pcr's
export pcr_file=`find /sys/devices -name pcrs`
cat $pcr_file | grep -e PCR-00 -e PCR-01 > pcrs
#Create PCONF element
lcp_crtpolelt --create --type pconf --out pconf.elt pcrs
#Create CUSTOM element (this references the VLP .pol file)
lcp_crtpolelt --create --type custom --out custom.elt --uuid tboot vl_ver1.pol
#Combine the elements into an unsigned list
lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt custom.elt
#Sign the list
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem
cp list_unsig.lst list_sig.lst
lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out list_sig.lst
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_{unsig,sig}.lst
#Write the policy to nvram
lcp_writepol -i owner -f list.pol -p $TPM_PASS

When I tried to run this, it spit out the following.  I had to transcribe this myself as I don't have access to the serial printout right now.  Since it wont boot, just restarts after trying to execute SENTER, I can't access txt-stat either.

TBOOT: TPM: get capability, return value = 00000002
TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV
TBOOT:     :reading failed
<I expected this, because I removed the 20000001 index to try and narrow down the problem>
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT:     :54 bytes read
TBOOT: no LCP module found
TBOOT:     :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
<default policy>
TBOOT: no policy in TPM NV.
<continued on like normal, then rebooted the machine when trying to execute SENTER>

Any thoughts?

-Charles B.


On Tue, Mar 26, 2013 at 11:16 AM, Charles Bushong <bushong1 <at> gmail.com> wrote:
Charles F,

You're right.  I haven't written anything to the owner index.  It seems in my shuffling of various configurations, that part was lost.  The problem is, now that I'm writing this, it's stopping on SENTER and rebooting the system.  I have tried with the following configurations:

###Attempt 1
###VLP

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

#### Create and write Launch Control Policy (LCPv1)
lcp_mlehash -c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > mle_hash
lcp_crtpol -t hashonly -m mle_hash -o lcp_v1.pol

lcp_writepol -i owner -f lcp_v1.pol -p $TPM_PASS

lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

#### Result: Instant system reset once it hit SENTER

####Attempt 2
###VLP

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

###LCPv2
lcp_mlehash –c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > tboot_hash
lcp_crtpolelt --create --type mle --ctrl 0x00 --out mle.elt tboot_hash
lcp_crtpollist --create --out list_unsig.lst mle.elt
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_unsig.lst
cp list.data /boot

tcsd
lcp_writepol -i owner -f list.pol -p $TPM_PASS

lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

###Add /list.data to /boot/grub/grub.conf

#### Result: Instant system reset once it hit SENTER

The processor is a Xeon X5675.  I'll keep playing around with the LCP, because it seems like this might be the root of my problems.  Any insight you can offer would be a big help.

-Charles B.


On Mon, Mar 25, 2013 at 9:14 PM, <Charles.Fisher <at> gdc4s.com> wrote:

There appear to be a couple of things that I don’t understand. It appears that while you have written you VL policy, you haven’t written a Launch Control Policy (which goes in the owner NV index). What your LCP will be depends on the processor, which you didn’t mention in you post. That is the place the tboot is validated by the SINIT module, and then when it returns tboot validates the remainder of the modules in grub.

 

It may be possible to do what you tried, but I have always had to have a LCP, which is where tboot and it command line are validated, so the first tb_polgen line is the one for vmlinuz-2.6.32-279…

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]
Sent: Monday, March 25, 2013 8:52 AM
To: tboot-devel <at> lists.sourceforge.net
Subject: [tboot-devel] verifying module against policy failed

 

Hi all,

I'm trying to get tboot up and running for my first time, and this list has been a great help.  However it seems I'm running into some problems when actually validating the modules.  I was hoping someone might have some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and legacy grub if it makes a difference.

I get ownership and define the nvram indicies without much issue (finally).  Then I create and write the v1 policy with this:

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

There are a few red flags that are sticking out to me.

1) Does this post-GETSEC[SENTER] error code mean anything?

TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

 

2) Modules failing.
TBOOT: verifying module "
/vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: verifying module "
/initramfs-2.6.32-279.5.1.el6.x86_64.img"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: all modules are verified

I can't figure out why it's reading the policy without issue, getting into GETSEC[SENTER], and then still failing the policy check.  Any help or points in the right direction would be appreciated.  Thanks!


-Charles



------------------------------------------------------------------------------
Own the Future-Intel&reg; Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game 
on Steam. $5K grand prize plus 10 genre and skill prizes. 
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Charles.Fisher | 27 Mar 19:06 2013

Re: verifying module against policy failed

Also,

 

To just get things working, I would skip creating the policy elements for the pcrs andcustom, and just go with the mle element. After you get things working, then is the time to add additional stuff.

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]
Sent: Wednesday, March 27, 2013 10:50 AM
To: Fisher, Charles-p99463
Cc: tboot-devel <at> lists.sourceforge.net
Subject: Re: [tboot-devel] verifying module against policy failed

 

Charles F.,

Alright, I looked a bit more into this and tried to run something along these lines:

#Hash tboot.gz
lcp_mlehash –c "logging=vga,serial,memory vga_delay=10 loglvl=all" /boot/tboot.gz > tboot_hash
#Create the MLE Element
lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt tboot_hash
#Get current pcr's
export pcr_file=`find /sys/devices -name pcrs`
cat $pcr_file | grep -e PCR-00 -e PCR-01 > pcrs
#Create PCONF element
lcp_crtpolelt --create --type pconf --out pconf.elt pcrs
#Create CUSTOM element (this references the VLP .pol file)
lcp_crtpolelt --create --type custom --out custom.elt --uuid tboot vl_ver1.pol
#Combine the elements into an unsigned list
lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt custom.elt
#Sign the list
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem
cp list_unsig.lst list_sig.lst
lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out list_sig.lst
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_{unsig,sig}.lst
#Write the policy to nvram
lcp_writepol -i owner -f list.pol -p $TPM_PASS

When I tried to run this, it spit out the following.  I had to transcribe this myself as I don't have access to the serial printout right now.  Since it wont boot, just restarts after trying to execute SENTER, I can't access txt-stat either.

TBOOT: TPM: get capability, return value = 00000002

TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV

TBOOT:     :reading failed

<I expected this, because I removed the 20000001 index to try and narrow down the problem>

TBOOT: reading Launch Control Policy from TPM NV...

TBOOT:     :54 bytes read

TBOOT: no LCP module found
TBOOT:     :reading failed

TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:

<default policy>

TBOOT: no policy in TPM NV.

<continued on like normal, then rebooted the machine when trying to execute SENTER>

Any thoughts?


-Charles B.

 

On Tue, Mar 26, 2013 at 11:16 AM, Charles Bushong <bushong1 <at> gmail.com> wrote:

Charles F,

You're right.  I haven't written anything to the owner index.  It seems in my shuffling of various configurations, that part was lost.  The problem is, now that I'm writing this, it's stopping on SENTER and rebooting the system.  I have tried with the following configurations:

###Attempt 1
###VLP


tb_polgen --create --type nonfatal vl_ver1.pol

tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

#### Create and write Launch Control Policy (LCPv1)
lcp_mlehash -c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > mle_hash
lcp_crtpol -t hashonly -m mle_hash -o lcp_v1.pol

lcp_writepol -i owner -f lcp_v1.pol -p $TPM_PASS


lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

#### Result: Instant system reset once it hit SENTER

####Attempt 2
###VLP


tb_polgen --create --type nonfatal vl_ver1.pol

tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

###LCPv2
lcp_mlehash –c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > tboot_hash
lcp_crtpolelt --create --type mle --ctrl 0x00 --out mle.elt tboot_hash
lcp_crtpollist --create --out list_unsig.lst mle.elt
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_unsig.lst
cp list.data /boot

tcsd
lcp_writepol -i owner -f list.pol -p $TPM_PASS


lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

###Add /list.data to /boot/grub/grub.conf

#### Result: Instant system reset once it hit SENTER

The processor is a Xeon X5675.  I'll keep playing around with the LCP, because it seems like this might be the root of my problems.  Any insight you can offer would be a big help.

 

-Charles B.

 

 

On Mon, Mar 25, 2013 at 9:14 PM, <Charles.Fisher <at> gdc4s.com> wrote:

There appear to be a couple of things that I don’t understand. It appears that while you have written you VL policy, you haven’t written a Launch Control Policy (which goes in the owner NV index). What your LCP will be depends on the processor, which you didn’t mention in you post. That is the place the tboot is validated by the SINIT module, and then when it returns tboot validates the remainder of the modules in grub.

 

It may be possible to do what you tried, but I have always had to have a LCP, which is where tboot and it command line are validated, so the first tb_polgen line is the one for vmlinuz-2.6.32-279…

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]
Sent: Monday, March 25, 2013 8:52 AM
To: tboot-devel <at> lists.sourceforge.net
Subject: [tboot-devel] verifying module against policy failed

 

Hi all,

I'm trying to get tboot up and running for my first time, and this list has been a great help.  However it seems I'm running into some problems when actually validating the modules.  I was hoping someone might have some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and legacy grub if it makes a difference.

I get ownership and define the nvram indicies without much issue (finally).  Then I create and write the v1 policy with this:

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

There are a few red flags that are sticking out to me.

1) Does this post-GETSEC[SENTER] error code mean anything?

TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

 

2) Modules failing.
TBOOT: verifying module "
/vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: verifying module "
/initramfs-2.6.32-279.5.1.el6.x86_64.img"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: all modules are verified

I can't figure out why it's reading the policy without issue, getting into GETSEC[SENTER], and then still failing the policy check.  Any help or points in the right direction would be appreciated.  Thanks!


-Charles

 

 

------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Charles Bushong | 27 Mar 20:23 2013
Picon

Re: verifying module against policy failed

Charles F.,

The processor is a Xeon X5675.  Sorry for the omission in the last email as my first reply bounced back.  Yes, /boot/list.data exists and is present in grub.conf.  I don't have an SINIT defined in my grub.conf because previous instances in using it gave a message saying the one included in my BIOS is a newer version, so it was ignoring the supplied one and using the BIOS provided SINIT module.  I will try adding it (Xeon-5600-3500-SINIT-v1.1.BIN) back in to grub conf and see if that helps.  Thanks for the suggestion to only use the mle element. 

grub.conf:
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.32-279.5.1.el6.x86_64)
        root (hd0,0)
        kernel /tboot.gz logging=vga,serial,memory vga_delay=15 loglvl=all
        module /vmlinuz-2.6.32-279.5.1.el6.x86_64 ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255
        module /initramfs-2.6.32-279.5.1.el6.x86_64.img
        module /Xeon-5600-3500-SINIT-v1.1.BIN
        module /list.data

I tried creating a policy with just the MLE element, and wrote it to the owner index:

# tpmnv_relindex -i 0x20000001 -p $TPM_PASS
# lcp_writepol -i owner -f list.pol -p $TPM_PASS

Successfully write policy into index 0x40000001
# lcp_readpol -i owner -p $TPM_PASS
No size has been specified. Will read all index data.
begin to call the tss Tspi_NV_ReadValue
the policy is:
02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 e1 88 37 d8 77 00 16 e2 a0 4d 56 ae 61 e0
0b eb 28 1f f0 b9
version: 2
hash_alg: 2
policy_type: 0 - LCP_POLTYPE_HASHONLY
sinit_revocation_counter: 0
policy_control: 0
policy_hash: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Successfully read value from index: 0x40000001.

Upon reboot, I got the following:

TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: get capability, return value = 00000002
TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV
TBOOT:     :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT:     :54 bytes read
TBOOT: v2 LCP policy data found
TBOOT:     :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
<default policy>
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return = 00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: no policy in TPM NV
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
<etc>
TBOOT: executing GETSEC[SENTER]...
<Machine reboot>

One interesting thing I noticed this go around is that the TBOOT header says it's version 1.7.2, even though I downloaded the 1.7.3 source and compiled it for this machine.  Did someone just forget to increment the version?  Or am I incorrect about the code I got from sourceforge?

-Charles B


On Wed, Mar 27, 2013 at 2:06 PM, <Charles.Fisher <at> gdc4s.com> wrote:

Also,

 

To just get things working, I would skip creating the policy elements for the pcrs andcustom, and just go with the mle element. After you get things working, then is the time to add additional stuff.

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]

Sent: Wednesday, March 27, 2013 10:50 AM
To: Fisher, Charles-p99463
Cc: tboot-devel <at> lists.sourceforge.net
Subject: Re: [tboot-devel] verifying module against policy failed

 

Charles F.,

Alright, I looked a bit more into this and tried to run something along these lines:

#Hash tboot.gz
lcp_mlehash –c "logging=vga,serial,memory vga_delay=10 loglvl=all" /boot/tboot.gz > tboot_hash
#Create the MLE Element
lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt tboot_hash
#Get current pcr's
export pcr_file=`find /sys/devices -name pcrs`
cat $pcr_file | grep -e PCR-00 -e PCR-01 > pcrs
#Create PCONF element
lcp_crtpolelt --create --type pconf --out pconf.elt pcrs
#Create CUSTOM element (this references the VLP .pol file)
lcp_crtpolelt --create --type custom --out custom.elt --uuid tboot vl_ver1.pol
#Combine the elements into an unsigned list
lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt custom.elt
#Sign the list
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem
cp list_unsig.lst list_sig.lst
lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out list_sig.lst
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_{unsig,sig}.lst
#Write the policy to nvram
lcp_writepol -i owner -f list.pol -p $TPM_PASS

When I tried to run this, it spit out the following.  I had to transcribe this myself as I don't have access to the serial printout right now.  Since it wont boot, just restarts after trying to execute SENTER, I can't access txt-stat either.

TBOOT: TPM: get capability, return value = 00000002

TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV

TBOOT:     :reading failed

<I expected this, because I removed the 20000001 index to try and narrow down the problem>

TBOOT: reading Launch Control Policy from TPM NV...

TBOOT:     :54 bytes read

TBOOT: no LCP module found
TBOOT:     :reading failed

TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:

<default policy>

TBOOT: no policy in TPM NV.

<continued on like normal, then rebooted the machine when trying to execute SENTER>

Any thoughts?


-Charles B.

 

On Tue, Mar 26, 2013 at 11:16 AM, Charles Bushong <bushong1 <at> gmail.com> wrote:

Charles F,

You're right.  I haven't written anything to the owner index.  It seems in my shuffling of various configurations, that part was lost.  The problem is, now that I'm writing this, it's stopping on SENTER and rebooting the system.  I have tried with the following configurations:

###Attempt 1
###VLP


tb_polgen --create --type nonfatal vl_ver1.pol

tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

#### Create and write Launch Control Policy (LCPv1)
lcp_mlehash -c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > mle_hash
lcp_crtpol -t hashonly -m mle_hash -o lcp_v1.pol

lcp_writepol -i owner -f lcp_v1.pol -p $TPM_PASS


lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

#### Result: Instant system reset once it hit SENTER

####Attempt 2
###VLP


tb_polgen --create --type nonfatal vl_ver1.pol

tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

###LCPv2
lcp_mlehash –c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > tboot_hash
lcp_crtpolelt --create --type mle --ctrl 0x00 --out mle.elt tboot_hash
lcp_crtpollist --create --out list_unsig.lst mle.elt
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_unsig.lst
cp list.data /boot

tcsd
lcp_writepol -i owner -f list.pol -p $TPM_PASS


lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

###Add /list.data to /boot/grub/grub.conf

#### Result: Instant system reset once it hit SENTER

The processor is a Xeon X5675.  I'll keep playing around with the LCP, because it seems like this might be the root of my problems.  Any insight you can offer would be a big help.

 

-Charles B.

 

 

On Mon, Mar 25, 2013 at 9:14 PM, <Charles.Fisher <at> gdc4s.com> wrote:

There appear to be a couple of things that I don’t understand. It appears that while you have written you VL policy, you haven’t written a Launch Control Policy (which goes in the owner NV index). What your LCP will be depends on the processor, which you didn’t mention in you post. That is the place the tboot is validated by the SINIT module, and then when it returns tboot validates the remainder of the modules in grub.

 

It may be possible to do what you tried, but I have always had to have a LCP, which is where tboot and it command line are validated, so the first tb_polgen line is the one for vmlinuz-2.6.32-279…

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]
Sent: Monday, March 25, 2013 8:52 AM
To: tboot-devel <at> lists.sourceforge.net
Subject: [tboot-devel] verifying module against policy failed

 

Hi all,

I'm trying to get tboot up and running for my first time, and this list has been a great help.  However it seems I'm running into some problems when actually validating the modules.  I was hoping someone might have some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and legacy grub if it makes a difference.

I get ownership and define the nvram indicies without much issue (finally).  Then I create and write the v1 policy with this:

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

There are a few red flags that are sticking out to me.

1) Does this post-GETSEC[SENTER] error code mean anything?

TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

 

2) Modules failing.
TBOOT: verifying module "
/vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: verifying module "
/initramfs-2.6.32-279.5.1.el6.x86_64.img"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: all modules are verified

I can't figure out why it's reading the policy without issue, getting into GETSEC[SENTER], and then still failing the policy check.  Any help or points in the right direction would be appreciated.  Thanks!


-Charles

 

 


------------------------------------------------------------------------------
Own the Future-Intel&reg; Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game 
on Steam. $5K grand prize plus 10 genre and skill prizes. 
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Charles.Fisher | 27 Mar 19:02 2013

Re: verifying module against policy failed

You haven’t mentioned which processor you are using. From the commands you are using, it appears that  you are trying to do a version 2 lcp, which is for processors designed after 2008. Also, did you copy the list.data file to the /boot directory, and add the line module /list.data to your grub config immediately following the SINT module?

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]
Sent: Wednesday, March 27, 2013 10:50 AM
To: Fisher, Charles-p99463
Cc: tboot-devel <at> lists.sourceforge.net
Subject: Re: [tboot-devel] verifying module against policy failed

 

Charles F.,

Alright, I looked a bit more into this and tried to run something along these lines:

#Hash tboot.gz
lcp_mlehash –c "logging=vga,serial,memory vga_delay=10 loglvl=all" /boot/tboot.gz > tboot_hash
#Create the MLE Element
lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt tboot_hash
#Get current pcr's
export pcr_file=`find /sys/devices -name pcrs`
cat $pcr_file | grep -e PCR-00 -e PCR-01 > pcrs
#Create PCONF element
lcp_crtpolelt --create --type pconf --out pconf.elt pcrs
#Create CUSTOM element (this references the VLP .pol file)
lcp_crtpolelt --create --type custom --out custom.elt --uuid tboot vl_ver1.pol
#Combine the elements into an unsigned list
lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt custom.elt
#Sign the list
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem
cp list_unsig.lst list_sig.lst
lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out list_sig.lst
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_{unsig,sig}.lst
#Write the policy to nvram
lcp_writepol -i owner -f list.pol -p $TPM_PASS

When I tried to run this, it spit out the following.  I had to transcribe this myself as I don't have access to the serial printout right now.  Since it wont boot, just restarts after trying to execute SENTER, I can't access txt-stat either.

TBOOT: TPM: get capability, return value = 00000002

TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV

TBOOT:     :reading failed

<I expected this, because I removed the 20000001 index to try and narrow down the problem>

TBOOT: reading Launch Control Policy from TPM NV...

TBOOT:     :54 bytes read

TBOOT: no LCP module found
TBOOT:     :reading failed

TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:

<default policy>

TBOOT: no policy in TPM NV.

<continued on like normal, then rebooted the machine when trying to execute SENTER>

Any thoughts?


-Charles B.

 

On Tue, Mar 26, 2013 at 11:16 AM, Charles Bushong <bushong1 <at> gmail.com> wrote:

Charles F,

You're right.  I haven't written anything to the owner index.  It seems in my shuffling of various configurations, that part was lost.  The problem is, now that I'm writing this, it's stopping on SENTER and rebooting the system.  I have tried with the following configurations:

###Attempt 1
###VLP


tb_polgen --create --type nonfatal vl_ver1.pol

tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

#### Create and write Launch Control Policy (LCPv1)
lcp_mlehash -c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > mle_hash
lcp_crtpol -t hashonly -m mle_hash -o lcp_v1.pol

lcp_writepol -i owner -f lcp_v1.pol -p $TPM_PASS


lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

#### Result: Instant system reset once it hit SENTER

####Attempt 2
###VLP


tb_polgen --create --type nonfatal vl_ver1.pol

tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol

###LCPv2
lcp_mlehash –c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz > tboot_hash
lcp_crtpolelt --create --type mle --ctrl 0x00 --out mle.elt tboot_hash
lcp_crtpollist --create --out list_unsig.lst mle.elt
lcp_crtpol2 --create --type list --pol list.pol --data list.data list_unsig.lst
cp list.data /boot

tcsd
lcp_writepol -i owner -f list.pol -p $TPM_PASS


lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

###Add /list.data to /boot/grub/grub.conf

#### Result: Instant system reset once it hit SENTER

The processor is a Xeon X5675.  I'll keep playing around with the LCP, because it seems like this might be the root of my problems.  Any insight you can offer would be a big help.

 

-Charles B.

 

 

On Mon, Mar 25, 2013 at 9:14 PM, <Charles.Fisher <at> gdc4s.com> wrote:

There appear to be a couple of things that I don’t understand. It appears that while you have written you VL policy, you haven’t written a Launch Control Policy (which goes in the owner NV index). What your LCP will be depends on the processor, which you didn’t mention in you post. That is the place the tboot is validated by the SINIT module, and then when it returns tboot validates the remainder of the modules in grub.

 

It may be possible to do what you tried, but I have always had to have a LCP, which is where tboot and it command line are validated, so the first tb_polgen line is the one for vmlinuz-2.6.32-279…

 

Charles

 

From: Charles Bushong [mailto:bushong1 <at> gmail.com]
Sent: Monday, March 25, 2013 8:52 AM
To: tboot-devel <at> lists.sourceforge.net
Subject: [tboot-devel] verifying module against policy failed

 

Hi all,

I'm trying to get tboot up and running for my first time, and this list has been a great help.  However it seems I'm running into some problems when actually validating the modules.  I was hoping someone might have some insight as to what I'm doing wrong.  I'm using tboot 1.7.3 and legacy grub if it makes a difference.

I get ownership and define the nvram indicies without much issue (finally).  Then I create and write the v1 policy with this:

tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS

There are a few red flags that are sticking out to me.

1) Does this post-GETSEC[SENTER] error code mean anything?

TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0

 

2) Modules failing.
TBOOT: verifying module "
/vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: verifying module "
/initramfs-2.6.32-279.5.1.el6.x86_64.img"...
TBOOT:   verification failed
TBOOT: verifying module against policy failed.
TBOOT: all modules are verified

I can't figure out why it's reading the policy without issue, getting into GETSEC[SENTER], and then still failing the policy check.  Any help or points in the right direction would be appreciated.  Thanks!


-Charles

 

 

------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Hal Finney | 29 Mar 21:53 2013
Picon

Re: verifying module against policy failed

You know, you don't have to mess around with this LCP stuff to get tboot working. I'd recommend ignoring this stuff when you're getting tboot working for the first time. Don't define any NV space. tboot will work fine without them. You'll see some error messages in the log, but they are harmless.

It's too late for you Charles, but for future reference, getting tboot working without defining NV space is much simpler.

------------------------------------------------------------------------------
Own the Future-Intel(R) Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest. Compete 
for recognition, cash, and the chance to get your game on Steam. 
$5K grand prize plus 10 genre and skill prizes. Submit your demo 
by 6/6/13. http://altfarm.mediaplex.com/ad/ck/12124-176961-30367-2
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
Charles Bushong | 29 Mar 23:00 2013
Picon

Re: verifying module against policy failed

But then what validates the tboot image?

-Charles


On Fri, Mar 29, 2013 at 4:53 PM, Hal Finney <hal.finney <at> gmail.com> wrote:
You know, you don't have to mess around with this LCP stuff to get tboot working. I'd recommend ignoring this stuff when you're getting tboot working for the first time. Don't define any NV space. tboot will work fine without them. You'll see some error messages in the log, but they are harmless.

It's too late for you Charles, but for future reference, getting tboot working without defining NV space is much simpler.


------------------------------------------------------------------------------
Own the Future-Intel(R) Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest. Compete 
for recognition, cash, and the chance to get your game on Steam. 
$5K grand prize plus 10 genre and skill prizes. Submit your demo 
by 6/6/13. http://altfarm.mediaplex.com/ad/ck/12124-176961-30367-2
_______________________________________________
tboot-devel mailing list
tboot-devel <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel

Gmane