I can get vtpm_manager to run if I delete /var/vtpm/VTPM. However, when I kill it with control-c, and try to run it again, I get: INFO[VTPM]: Starting VTPM. INFO[TCS]: Constructing new TCS: INFO[TCS]: Calling TCS_OpenContext: INFO[VTSP]: OIAP. INFO[VTSP]: Loading Key into TPM. INFO[VTSP]: Unbinding 256 bytes of data. ERROR in VTSP_Unbind at vtsp.c:720 code: TPM_BAD_PARAMETER. ERROR in envelope_decrypt at securestorage.c:156 code: TPM_BAD_PARAMETER. ERROR[VTPM]: Failed to envelope decrypt data .ERROR in VTPM_LoadManagerData at securestorage.c:459 code: TPM_BAD_PARAMETER. ERROR[VTPM]: Failed to load service data with error = TPM_BAD_PARAMETER ERROR[VTPM]: Failed to read existing manager file What''s causing this, and how do I fix it? I need my guest to get the same VTPM every time it starts, so that keys (signing and SRK) persist across instances. -- Luke _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Luke wrote:> I can get vtpm_manager to run if I delete /var/vtpm/VTPM. However, when > I kill it with control-c, and try to run it again, I get: > > INFO[VTPM]: Starting VTPM. > INFO[TCS]: Constructing new TCS: > INFO[TCS]: Calling TCS_OpenContext: > INFO[VTSP]: OIAP. > INFO[VTSP]: Loading Key into TPM. > INFO[VTSP]: Unbinding 256 bytes of data. > ERROR in VTSP_Unbind at vtsp.c:720 code: TPM_BAD_PARAMETER. > ERROR in envelope_decrypt at securestorage.c:156 code: TPM_BAD_PARAMETER. > ERROR[VTPM]: Failed to envelope decrypt data > .ERROR in VTPM_LoadManagerData at securestorage.c:459 code: > TPM_BAD_PARAMETER. > ERROR[VTPM]: Failed to load service data with error = TPM_BAD_PARAMETER > ERROR[VTPM]: Failed to read existing manager file > > > What''s causing this, and how do I fix it? I need my guest to get the > same VTPM every time it starts, so that keys (signing and SRK) persist > across instances. >Just to add a bit of information - this happens after I let vtpm_managerd take ownership of the tpm. Is it just that no one uses this program? Or is this an error specific to me? _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Fischer, Anna
2007-Sep-20 19:56 UTC
RE: [Xen-users] vtpm_manager can''t run twice in a row
> Luke wrote: > > I can get vtpm_manager to run if I delete /var/vtpm/VTPM. However, > > when I kill it with control-c, and try to run it again, I get: > > > > INFO[VTPM]: Starting VTPM. > > INFO[TCS]: Constructing new TCS: > > INFO[TCS]: Calling TCS_OpenContext: > > INFO[VTSP]: OIAP. > > INFO[VTSP]: Loading Key into TPM. > > INFO[VTSP]: Unbinding 256 bytes of data. > > ERROR in VTSP_Unbind at vtsp.c:720 code: TPM_BAD_PARAMETER. > > ERROR in envelope_decrypt at securestorage.c:156 code: > TPM_BAD_PARAMETER. > > ERROR[VTPM]: Failed to envelope decrypt data .ERROR in > > VTPM_LoadManagerData at securestorage.c:459 code: > > TPM_BAD_PARAMETER. > > ERROR[VTPM]: Failed to load service data with error = > > TPM_BAD_PARAMETER > > ERROR[VTPM]: Failed to read existing manager file > > > > > > What''s causing this, and how do I fix it? I need my guest > to get the > > same VTPM every time it starts, so that keys (signing and > SRK) persist > > across instances. > > > Just to add a bit of information - this happens after I let > vtpm_managerd take ownership of the tpm. > > Is it just that no one uses this program?I have been using the vtpm_manager without any problems, and it works fine to kill it with control-c (see my attached log file). I can start and stop it frequently like that, and it never shows me any errors.> Or is this an > error specific to me?It would eventually be helpful to know some more details on what you''re actually doing, how you''ve taken ownership of the TPM, what TPM you''re using, and also what Xen and what vtpm_manager version you run. Also, I would recommend to forward this problem to the xense-devel list, as you would be much more likely to find help from people on that list. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Kouichi Yasaki
2007-Sep-21 00:08 UTC
[Xense-devel] Re: [Xen-users] vtpm_manager can''t run twice in a row
I also encountered the same error before. In my case, TCSP_UnBind function have a bug in parameter check. I have reported a patch that fixed my case by following URL. How about this patch? http://lists.xensource.com/archives/html/xen-devel/2007-09/msg00354.html Kouichi YASAKI Luke wrote:> Luke wrote: >> I can get vtpm_manager to run if I delete /var/vtpm/VTPM. However, when >> I kill it with control-c, and try to run it again, I get: >> >> INFO[VTPM]: Starting VTPM. >> INFO[TCS]: Constructing new TCS: >> INFO[TCS]: Calling TCS_OpenContext: >> INFO[VTSP]: OIAP. >> INFO[VTSP]: Loading Key into TPM. >> INFO[VTSP]: Unbinding 256 bytes of data. >> ERROR in VTSP_Unbind at vtsp.c:720 code: TPM_BAD_PARAMETER. >> ERROR in envelope_decrypt at securestorage.c:156 code: TPM_BAD_PARAMETER. >> ERROR[VTPM]: Failed to envelope decrypt data >> .ERROR in VTPM_LoadManagerData at securestorage.c:459 code: >> TPM_BAD_PARAMETER. >> ERROR[VTPM]: Failed to load service data with error = TPM_BAD_PARAMETER >> ERROR[VTPM]: Failed to read existing manager file >> >> >> What''s causing this, and how do I fix it? I need my guest to get the >> same VTPM every time it starts, so that keys (signing and SRK) persist >> across instances. >> > Just to add a bit of information - this happens after I let > vtpm_managerd take ownership of the tpm. > > Is it just that no one uses this program? Or is this an error specific > to me? > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users > >_______________________________________________ Xense-devel mailing list Xense-devel@lists.xensource.com http://lists.xensource.com/xense-devel
Fischer, Anna wrote:> I have been using the vtpm_manager without any problems, and it works > fine to kill it with control-c (see my attached log file). I can start > and stop it frequently like that, and it never shows me any errors. > >> Or is this an >> error specific to me? > > It would eventually be helpful to know some more details on what you''re > actually doing, how you''ve taken ownership of the TPM, what TPM you''re > using, and also what Xen and what vtpm_manager version you run. Also, I > would recommend to forward this problem to the xense-devel list, as you > would be much more likely to find help from people on that list.As I''ve mentioned above, I let vtpm_managerd take control of the TPM. In other words, I clear the TPM, run vtpm_managerd, and vtpm_managerd takes control of the TPM. I''m using Dell Optiplex 745s. neon:/sys/class/misc/tpm0/device$ sudo cat ./id ATM1200 PNP0c31 Manufacturer: 0x41544d4c TCG version: 1.2 Firmware version: 13.5 Basically, a 1.2 atmel TPM, but I have problems on a 1.1 atmel as well ( in a precision 345). I have the same problem in all versions of vtpm_managerd, including, most recently, xen-unstable (as of today) and xen-testing-3.1 (as of 2 weeks ago).> > would recommend to forward this problem to the xense-devel list, as you > > would be much more likely to find help from people on that list.Thanks - I didn''t know about this list. -- Luke _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users