SORRY, This page is under construction
This guide is intended to build Ubuntu Jaunty (9.04, i386) with Trusted Computing.
Download ISO image. and install to your HDD.
Update to be work with latest packages.
enable TPM.
Download source package and build.
$ sudo apt-get build-dep grub $ apt-get source grub $ pushd grub-0.97/debian/patches/ $ wget http://osdn.dl.sourceforge.jp/openpts/37646/grub-0.97-29ubuntu45-ima-1.1.0.0.patch $ popd $ echo "# This patch supports IMA" >> grub-0.97/debian/patches/00list $ echo "grub-0.97-29ubuntu45-ima-1.1.0.0.patch" >> grub-0.97/debian/patches/00list $ mv grub-0.97/debian/rules grub-0.97/debian/rules.orig $ sed -e 's/--disable-auto-linux-mem-opt/--disable-auto-linux-mem-opt --enable-ima/g' grub-0.97/debian/rules.orig > grub-0.97/debian/rules $ chmod +x grub-0.97/debian/rules
Build deb package.
$ pushd grub-0.97 $ debchange -i
add changelog message. e.g.
grub (0.97-29ubuntu53.ima) jaunty; urgency=low * enable Trusted Boot -- foo <foo@users.sourceforge.jp> Tue, 31 Mar 2009 23:27:39 +0900
$ dpkg-buildpackage -rfakeroot -us -uc $ popd
Install new GRUB package.
$ sudo dpkg -i grub_0.97-29ubuntu53.ima_i386.deb $ grep TCG /usr/lib/grub/i386-pc/* Binary file /usr/lib/grub/i386-pc/stage1 matches Binary file /usr/lib/grub/i386-pc/stage2 matches Binary file /usr/lib/grub/i386-pc/stage2_eltorito matches
install new GRUB to local system (replace the bootloader components).
$ sudo grub-install /dev/sda $ grep TCG /boot/grub/* Binary file /boot/grub/stage1 matches Binary file /boot/grub/stage2 matches
OK:-)
References: https://help.ubuntu.com/community/Kernel/Compile
$ sudo apt-get install build-essential $ sudo apt-get install kernel-package $ sudo apt-get install ncurses-dev
$ cd /usr/src $ sudo wget http://ftp.riken.jp/Linux/kernel.org/linux/kernel/v2.6/linux-2.6.30.tar.bz2 $ sudo tar jxvf linux-2.6.30.tar.bz2 $ cd linux-2.6.30/ $ sudo cp /boot/config-2.6.27-11-generic .config $ sudo make oldconfig $ sudo make menuconfig $ sudo make xconfig
CONFIG_IMA=y CONFIG_IMA_MEASURE_PCR_IDX=10 CONFIG_IMA_AUDIT=y CONFIG_IMA_LSM_RULES=y
Intel iTPM requires following patches
$ sudo wget http://cybione.org/~cdidier/log/data/200812020841/itpm.diff $ sudo patch -p0 -z .itpm --dry-run < itpm.diff $ sudo patch -p0 -z .itpm < itpm.diff
$ sudo make-kpkg clean $ sudo CONCURRENCY_LEVEL=3 make-kpkg --append-to-version=-ima --initrd kernel_image kernel_headers $ cd .. $ dpkg -i linux-image-2.6.30_2.6.30-10.00.Custom_i386.deb $ dpkg -i linux-headers-2.6.30_2.6.30-10.00.Custom_i386.deb $ vim /boot/grub/menu.lst
This is original IMA patch using LSM. The patch is available from http://sourceforge.net/projects/linux-ima
$ sudo apt-get build-dep linux-image-debug-$(uname -r) $ apt-get source linux-image-debug-$(uname -r) $ cd linux-2.6.27 $ debchange -i $ wget http://nchc.dl.sourceforge.net/sourceforge/linux-ima/ibm_ima_8.5_2.6.27.6.patch $ patch -p1 -z .ima < ibm_ima_8.5_2.6.27.6.patch patching file Documentation/ima/INSTALL patching file Documentation/ima/integrity_measurements.txt patching file Makefile Hunk #1 succeeded at 629 (offset 10 lines). patching file drivers/char/tpm/tpm.c patching file drivers/char/tpm/tpm.h patching file drivers/char/tpm/tpm_atmel.c patching file drivers/char/tpm/tpm_infineon.c patching file drivers/char/tpm/tpm_nsc.c patching file drivers/char/tpm/tpm_tis.c patching file include/linux/ima_module.h patching file include/linux/tpm.h patching file init/Kconfig patching file kernel/module.c patching file security/Kconfig Hunk #1 FAILED at 117. 1 out of 1 hunk FAILED -- saving rejects to file security/Kconfig.rej patching file security/Makefile Hunk #2 FAILED at 15. 1 out of 2 hunks FAILED -- saving rejects to file security/Makefile.rej patching file security/ima/Kconfig patching file security/ima/Makefile patching file security/ima/ima.h patching file security/ima/ima_fs.c patching file security/ima/ima_init.c patching file security/ima/ima_lsmhooks.c patching file security/ima/ima_main.c patching file security/ima/ima_queue.c
some FAILED exist, since the AppArmor patch was applied. Manually fix security/Kconfig and security/Makefile files. Also it can not compile ubuntu/aufs/vfsub.c due to error. fix manually.
$ cp /boot/config-$(uname -r) .config $ make -s xconfig OR $ make -s menuconfig Device Driver > Character devices > TPM hardware Supports = Y Device Driver > Character devices > TPM hardware Supports > * Interface= Y Cryptographic API > SHA1 = Y Security options > Capability = N Security options > Smack = N Security options > TCG run-time Integrity Measuremenet = Y $ UBUNTUBUILD=1 DEBIAN_SRCTOP=./ fakeroot make-kpkg -initrd kernel_image kernel_headers modules_image $ cd .. $ sudo dpkg -i linux-headers-2.6.27.10_2.6.27-11.27ubuntu.ima_i386.deb $ sudo dpkg -i linux-image-2.6.27.10_2.6.27-11.27ubuntu.ima_i386.deb
Edit /boot/grub/menu.lst to enable IMA. e.g.
title Ubuntu 8.10, kernel 2.6.27.10 uuid 31e82bb7-f3a8-4536-8b40-b3182c6872e2 kernel /vmlinuz-2.6.27.10 root=UUID=7183f5c8-fc83-4554-b335-8440370ca77a ro quiet splash crashkernel=384M-2G:64M@16M,2G-:128M@16M ima=1 selinux=0 apparmor=0 tpm_tis.force=1 tpm_tis.interrupts=0 initrd /initrd.img-2.6.27.10 quiet
Reboot the system. and check the measurements
$ dmesg <snip> [ 0.004000] Security Framework initialized [ 0.004000] SELinux: Disabled at boot. [ 0.004000] AppArmor: AppArmor disabled by boottime parameter <snip> [ 2.060007] tpm_tis tpm_tis: 1.2 TPM (device-id 0x1020, rev-id 6) <snip> [ 5.896625] IBM Integrity Measurement Architecture (IBM IMA v8.4 08/27/2008). [ 5.896627] IMA (test mode) <snip> $ ls /sys/kernel/security/ ima tpm0 $ sudo cat /sys/kernel/security/ima/ascii_runtime_measurements 10 ed83754d46a567afb945e5b1bfb5ac2ea3a4560d boot_aggregate 10 48059cf5953adb47e81146859ae02eb5d07ae261 /bin/sh 10 202e1dd4affcf58805f662290eb4a0d534be60f0 /bin/mkdir 10 b913e527d69496b5692cbc8bc2a97f49cd0be5a8 /lib/klibc-zUXi_KjK5ZQAIyc8jlwme9T6a4U.so 10 b8634abcb46d9c76567528fce662d00110dce97e /bin/mknod 10 30d6d100429132f64fb8b24f0c4c6011c5d819c1 /bin/cat 10 e4ece1b97ab901e6433c7f917615fc104ba3a4f8 /sbin/depmod <snip> 10 49e97774326fc9eb5f7cb680477c1d56f4e28921 /usr/bin/sudo <snip> $ sha1sum /usr/bin/sudo 49e97774326fc9eb5f7cb680477c1d56f4e28921 /usr/bin/sudo
OK.
$ sudo apt-get install trousers
$ sudo apt-get install tpm-tools $ tpm_version TPM 1.2 Version Info: Chip Version: 1.2.4.0 Spec Level: 2 Errata Revision: 2 TPM Vendor ID: INTC Vendor Specific data: 00040000 00030464 TPM Version: 01010000 Manufacturer Info: 494e5443
$ sudo apt-get install trousers libtspi-dev tpm-tools libtpm-unseal0 libtpm-unseal-dev $ sudo apt-get install libcommons-codec-java libcommons-logging-java libpg-java liblog4j1.2-java libibatis-java $ sudo apt-get install libcommons-discovery-java libaxis-java $ sudo apt-get install liblog4j1.2-java-gcj libaxis-java-gcj
From GIT repository (2009-02-22)
$ git clone git://git.sourceforge.jp/gitroot/openpts/tools.git $ cd tools $ make dpkg-buildpackage $ sudo dpkg -i ../openpts-tools_0.1.3-git20090331_i386.deb
$ /usr/bin/tpm_pcrread -a pcr.0=fd696e0329f63bf288616865f86227aea0bff6af pcr.1=0f028024e085e43db5bd29cf771acbb8ab4fb473 pcr.2=d68ec5b044f32933f6bf2488c1b36a0c3bc970e0 pcr.3=3a3f780f11a4b49969fcaa80cd6e3957c33b2275 pcr.4=db8be6e34e5f2c5c4b11f918aec25fe7333f6471 pcr.5=b74a56f449507542c3ad1def88e0e34617c3ba8f pcr.6=585e579e48997fee8efd20830c6a841eb353c628 pcr.7=3a3f780f11a4b49969fcaa80cd6e3957c33b2275 pcr.8=55e50e41bec4225964925f4db2fd1781011ca188 pcr.9=0000000000000000000000000000000000000000 pcr.10=a99b9181fc6f73d30e44442965b9a546b9b9a643 pcr.11=0000000000000000000000000000000000000000 pcr.12=0000000000000000000000000000000000000000 pcr.13=0000000000000000000000000000000000000000 pcr.14=0000000000000000000000000000000000000000 pcr.15=0000000000000000000000000000000000000000 pcr.16=0000000000000000000000000000000000000000 pcr.17=ffffffffffffffffffffffffffffffffffffffff pcr.18=ffffffffffffffffffffffffffffffffffffffff pcr.19=ffffffffffffffffffffffffffffffffffffffff pcr.20=ffffffffffffffffffffffffffffffffffffffff pcr.21=ffffffffffffffffffffffffffffffffffffffff pcr.22=ffffffffffffffffffffffffffffffffffffffff pcr.23=0000000000000000000000000000000000000000
$ iml -p 4 Idx PCR Type Digest EventData ----------------------------------------------------------------------- 179 4 0x80000003 9b4d80cfefc7d5576c4d9f224872505896ef2798 [BIOS:LENOVO NEW(TBD) len=10,00001000000000000010] 180 4 0x00000004 d9be6524a5f5047db5866813acf3277892a7a30a [BIOS:EV_SEPARATOR, ffffffff] 181 4 0x00000005 c1e25c3f6b0dc78d57296aa2870ca6f782ccf80f [BIOS:EV_ACTION, Calling INT 19h] 182 4 0x00000005 6ab91c9fbe9489ea35f226ec70e23c7bb09db9a3 [BIOS:EV_ACTION, Booting BCV Device 80h, - HITACHI HTS541616J9SA00-(S1)] 183 4 0x0000000d c72cb355f3c9978fa9f15ec692264356c7328855 [BIOS:EV_IPL] 184 4 0x0000000d b82f5fa84465edfc054591b059bb65ea54f67282 [GRUB:EV_IPL, Stage1(MBR)] 185 4 0x0000000d d4fa72b193753834e25ca5dc420f9c23d14c6087 [GRUB:EV_IPL, Stage1.5] 186 4 0x0000000d 55fc0eb1ceb08bf75cdd3fb1f0235d8471b748d3 [GRUB:EV_IPL, Stage1.5(filesystem)] 187 4 0x00000006 9fc81a0038d3a3ffdbc053b2eb13b28a8db461cd [GRUB: measure MBR again] 188 4 0x00000004 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 [GRUB:EV_SEPARATOR, Grub Event Separator]
OK :-)
$ git clone git://git.sourceforge.jp/gitroot/openpts/core.git $ cd tools $ make dpkg-buildpackage $ sudo dpkg -i ../openpts-core_0.1.3-1_i386.deb $ sudo dpkg -i ../openpts-core-gcj_0.1.3-1_i386.deb
$
$ git clone git://git.sourceforge.jp/gitroot/openpts/demo.git $ cd tools $ make dpkg-buildpackage $ sudo dpkg -i ../openpts-tcdemo-client_0.1.3-git20090405_i386.deb $ sudo dpkg -i ../openpts-tcdemo-client-gcj_0.1.3-git20090405_i386.deb $ sudo dpkg -i ../openpts-tcdemo-server_0.1.3-git20090405_i386.deb
$ apt-get source grub $ cd grub-0.97 $ dpkg-buildpackage -rfakeroot -us -uc $ wget http://jaist.dl.sourceforge.net/sourceforge/trousers/grub-0.97-13-ima-1.1.0.0.tgz $ tar xvfz grub-0.97-13-ima-1.1.0.0.tgz $ patch -p1 -z ima < ./grub-0.97-13-ima-1.1.0.0/grub-0.97-13-ima-1.1.0.0.patch patching file configure.ac Hunk #2 FAILED at 665. 1 out of 2 hunks FAILED -- saving rejects to file configure.ac.rej patching file stage1/stage1.h patching file stage1/stage1.S patching file stage2/asm.S Hunk #1 succeeded at 2612 (offset 134 lines). patching file stage2/boot.c Hunk #1 succeeded at 32 with fuzz 2 (offset 2 lines). Hunk #2 succeeded at 64 (offset 2 lines). Hunk #3 succeeded at 97 (offset 2 lines). Hunk #4 succeeded at 801 (offset 11 lines). Hunk #5 succeeded at 832 (offset 11 lines). Hunk #6 succeeded at 921 (offset 11 lines). patching file stage2/builtins.c Hunk #1 succeeded at 122 (offset 14 lines). Hunk #2 succeeded at 170 (offset 14 lines). Hunk #3 succeeded at 314 (offset -20 lines). Hunk #4 succeeded at 361 (offset -20 lines). Hunk #5 succeeded at 371 (offset -20 lines). Hunk #6 succeeded at 491 (offset -19 lines). Hunk #7 succeeded at 504 (offset -19 lines). Hunk #8 succeeded at 578 (offset -19 lines). Hunk #9 succeeded at 2101 (offset 106 lines). Hunk #10 succeeded at 2146 (offset 106 lines). Hunk #11 succeeded at 2771 (offset 97 lines). Hunk #12 succeeded at 2815 (offset 97 lines). Hunk #13 succeeded at 2849 (offset 97 lines). Hunk #14 succeeded at 2870 (offset 97 lines). Hunk #15 succeeded at 2889 (offset 97 lines). Hunk #16 succeeded at 3065 (offset 97 lines). Hunk #17 succeeded at 3121 (offset 97 lines). Hunk #18 succeeded at 3165 (offset 97 lines). Hunk #19 succeeded at 3465 (offset 104 lines). Hunk #20 FAILED at 5375. Hunk #21 succeeded at 5847 (offset 351 lines). Hunk #22 succeeded at 5892 with fuzz 1 (offset 354 lines). 1 out of 22 hunks FAILED -- saving rejects to file stage2/builtins.c.rej patching file stage2/shared.h Hunk #1 succeeded at 373 (offset -2 lines). Hunk #2 succeeded at 1011 (offset 4 lines). patching file stage2/start.S patching file stage2/stage1_5.c patching file stage2/stage2.c Hunk #1 succeeded at 582 (offset 16 lines). Hunk #2 succeeded at 978 (offset -31 lines). patching file stage2/ima.h patching file stage2/ima.c patching file stage2/start_eltorito.S patching file stage2/Makefile.am Hunk #1 succeeded at 109 (offset 12 lines). Manually apply rejected patches, configure.ac.rej and stage2/builtins.c.rej $ aclocal-1.9 && automake-1.9 && autoconf CC=gcc LDFLAGS=-Wl,-Bsymbolic-functions ./configure \ --host=i486-linux-gnu \ --build=i486-linux-gnu \ --prefix=/usr \ --mandir=/usr/share/man \ --infodir=/usr/share/info \ --disable-auto-linux-mem-opt --enable-ima $ make $ sudo make install $ grep TCG /usr/lib/grub/i386-pc/* Binary file /usr/lib/grub/i386-pc/stage1 matches Binary file /usr/lib/grub/i386-pc/stage2 matches Binary file /usr/lib/grub/i386-pc/stage2_eltorito matches $ sudo grub-install /dev/sda Searching for GRUB installation directory ... found: /boot/grub Installing GRUB to /dev/sda as (hd0)... Installation finished. No error reported. This is the contents of the device map /boot/grub/device.map. Check if this is correct or not. If any of the lines is incorrect, fix it and re-run the script `grub-install'. (hd0) /dev/sda (hd1) /dev/sdb $ grep TCG /boot/grub/* Binary file /boot/grub/stage1 matches Binary file /boot/grub/stage2 matches
Reboot and check the measurement.
$ reboot $ sudo modprobe tpm_tis force=1 interrupt=0 $ sudo less /sys/kernel/security/tpm0/ascii_bios_measurements <snip> 4 1d1ff5054e9cf7bf546fa42433b8fae0f25f00a4 0d [IPL] 5 e94b3d1db138c8fae4e24caa215aed0e1ba8ef9a 0e [IPL Partition Data] 4 b82f5fa84465edfc054591b059bb65ea54f67282 0d [IPL] 4 d4fa72b193753834e25ca5dc420f9c23d14c6087 0d [IPL] 4 463c5c57665fd7c60eba7fd3d650960e97344129 0d [IPL] 4 2e7bc2484bfcf3314fb2a862fd538eabf7a172f8 06 [] 4 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 04 [Grub Event Separator] 5 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 04 [Grub Event Separator] 5 fe2c7e55d455f98be04eeb9c359bd6eb2ad86af5 0e [IPL Partition Data] 5 d63d12ced978aca120bfe6ee7683e394c2ffaef0 05 [Boot Sequance User Intervention] 5 5a138fa63f0ec58a2ebd9be12e400c22ceefffa7 1105 [] 8 ed3cc112f2f583be1c4866f21628d35844239500 1205 [] 8 0c58b59507f08ebfe876aa8fca53a8ff6744c582 1305 [] 5 2431ed60130faeaf3a045f21963f71cacd46a029 04 [OS Event Separator] 8 2431ed60130faeaf3a045f21963f71cacd46a029 04 [OS Event Separator] 8 fac33a1fc0ad42c07d00322d64c23f67567f334a 1005 []
OK, update the patch for Ubuntu.
$ cd .. $ mv grub-0.97 grub-0.97-ima $ apt-get source grub $ cd grub-0.97 $ dpkg-buildpackage -rfakeroot -us -uc $ files="configure.ac stage1/stage1.h stage1/stage1.S stage2/asm.S stage2/boot.c stage2/builtins.c stage2/shared.h stage2/start.S stage2/stage1_5.c stage2/stage2.c stage2/ima.h stage2/ima.c stage2/start_eltorito.S stage2/Makefile.am" $ for file in $files ; do diff -urN grub-0.97/$file grub-0.97-ima/$file >> grub-0.97-29ubuntu45-ima-1.1.0.0.patch; done $ rm -rf grub-0.97 $ apt-get source grub $ cp grub-0.97-29ubuntu45-ima-1.1.0.0.patch grub-0.97/debian/patches/ $ echo "# This patch supports IMA" >> grub-0.97/debian/patches/00list $ echo "grub-0.97-29ubuntu45-ima-1.1.0.0.patch" >> grub-0.97/debian/patches/00list $ mv grub-0.97/debian/rules grub-0.97/debian/rules.orig $ sed -e 's/--disable-auto-linux-mem-opt/--disable-auto-linux-mem-opt --enable-ima/g' grub-0.97/debian/rules.orig > grub-0.97/debian/rules $ chmod +x grub-0.97/debian/rules $ cd grub-0.97 $ dpkg-buildpackage -rfakeroot -us -uc $ cd .. $ sudo dpkg -i grub_0.97-29ubuntu45_i386.deb $ grep TCG /usr/lib/grub/i386-pc/* Binary file /usr/lib/grub/i386-pc/stage1 matches Binary file /usr/lib/grub/i386-pc/stage2 matches Binary file /usr/lib/grub/i386-pc/stage2_eltorito matches
OK.
Download source package and test the kernel build.
$ sudo apt-get build-dep linux-image-debug-$(uname -r) $ apt-get source linux-image-debug-$(uname -r) $ cd linux-2.6.27 $ cp /boot/config-$(uname -r) .config $ make oldconfig $ CONCURRENCY_LEVEL=2 UBUNTUBUILD=1 DEBIAN_SRCTOP=./ fakeroot make-kpkg -initrd kernel_image kernel_headers modules_image $ dpkg-buildpackage -rfakeroot -us -uc
OK?
Ubuntu package does not support GTK. to enable GTK feature (popup password), re-build the trousers with GTK option.
$ sudo apt-get build-dep trousers $ apt-get source trousers $ cd trousers-0.3.1 $ dpkg-buildpackage -rfakeroot -us -uc
OLD instruction
$ wget http://iij.dl.sourceforge.jp/openpts/32519/OpenPlatformTrustServices-0.1.2.tar.gz $ tar xzvf OpenPlatformTrustServices-0.1.2.tar.gz $ mv OpenPlatformTrustServices-0.1.2 openplatformtrustservices-0.1.2 $ munetoh@munetoh-laptop:~/sandbox$ mv OpenPlatformTrustServices-0.1.2.tar.gz openplatformtrustservices-0.1.2.tar.gz $ cd openplatformtrustservices-0.1.2 $ dh_make -e munetoh@sourceforge.jp -f ../openplatformtrustservices-0.1.2.tar.gz $ sudo make setup-jars
Add "(MAKE) all" in debian/rules.
$ dpkg-buildpackage -rfakeroot $ cd .. $ sudo dpkg -i openplatformtrustservices_0.1.2-1_i386.deb
Build process needs to fix later.
$ wget http://osdn.dl.sourceforge.jp/openpts/32520/OpenPlatformTrustServices-tcdemo-0.1.2.tar.gz $ tar xzvf OpenPlatformTrustServices-tcdemo-0.1.2.tar.gz $ mv OpenPlatformTrustServices-tcdemo-0.1.2 openplatformtrustservices-tcdemo-0.1.2 $ mv OpenPlatformTrustServices-tcdemo-0.1.2.tar.gz openplatformtrustservices-tcdemo-0.1.2.tar.gz $ cd openplatformtrustservices-tcdemo-0.1.2 $ dh_make -e munetoh@sourceforge.jp -f ../openplatformtrustservices-tcdemo-0.1.2.tar.gz $ sudo make setup-jars
Fix debian/rules to have.
$ sudo dpkg-buildpackage -rfakeroot $ cd .. $ sudo dpkg -i openplatformtrustservices-tcdemo_0.1.2-1_i386.deb
Take TPM ownership. here, SRK password is null.
$ tpm_takeownership Enter owner password: ******** Confirm password: ******** Enter SRK password: Confirm password:
Current demo package does not support Ubuntu.
$ sudo cp -r openplatformtrustservices-tcdemo-0.1.2/sampledata/knoppix /opt/OpenPlatformTrustServices/tcdemo $ sudo cp openplatformtrustservices-tcdemo-0.1.2/sampledata/server/* /opt/OpenPlatformTrustServices/tcdemo/ $ cd /opt/OpenPlatformTrustServices/tcdemo $ cp TCDEMO_UserTool.desktop /home/$USER/Desktop/ export JAVA_HOME=/usr/lib/jvm/java-6-sun-1.6.0.10 $ /opt/OpenPlatformTrustServices/bin/openpts manifest --create --platform --model platform_model.properties --prop ./tcdemo.properties log4j:WARN No appenders could be found for logger (com.ibm.trl.tcg.pts.eventlog.IML). log4j:WARN Please initialize the log4j system properly. Internal Error java.lang.Exception: no Trans? at com.ibm.trl.tcg.pts.engine.FiniteStateMachine.generateRuntimeModelByEventlog(Unknown Source) at com.ibm.trl.tcg.pts.integrity.ReferenceManifest.generatePlatformReferenceManifest(Unknown Source) at com.ibm.trl.tcg.pts.integrity.ReferenceManifest.generatePlatformReferenceManifestByProp(Unknown Source) at com.ibm.trl.tcg.pts.integrity.ReferenceManifest.main(Unknown Source) at com.ibm.trl.tcg.pts.PlatformTrustServices.main(Unknown Source) Uhmmm, Current BIOS (Thinkpad X200) transition was not supported yet. $ /opt/OpenPlatformTrustServices/bin/openpts manifest --create --knoppix --model knoppix_model.properties --prop ./tcdemo.properties log4j:WARN No appenders could be found for logger (com.ibm.trl.tcg.pts.integrity.ReferenceManifest). log4j:WARN Please initialize the log4j system properly. Internal Error java.lang.Exception: Grub Install path is not found. .//usr/share/grub/i386-pc at com.ibm.trl.tcg.pts.eventlog.RuntimeDigest.<init>(Unknown Source) at com.ibm.trl.tcg.pts.integrity.ReferenceManifest.generateKnoppixReferenceManifest(Unknown Source) at com.ibm.trl.tcg.pts.integrity.ReferenceManifest.generateKnoppixReferenceManifestByProp(Unknown Source) at com.ibm.trl.tcg.pts.integrity.ReferenceManifest.main(Unknown Source) at com.ibm.trl.tcg.pts.PlatformTrustServices.main(Unknown Source) $ sudo /opt/OpenPlatformTrustServices/bin/openpts manifest --create --runtime --model runtime_model.properties --prop ./tcdemo.properties log4j:WARN No appenders could be found for logger (com.ibm.trl.tcg.pts.integrity.ReferenceManifest). log4j:WARN Please initialize the log4j system properly. $ sudo make start-client-admin-gcj $ sudo make start-client-user-gcj
EOF
Fork
edit