[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-discuss] QEMU-TPM with SeaBIOS
|
From: |
Jakob Bohm |
|
Subject: |
Re: [Qemu-discuss] QEMU-TPM with SeaBIOS |
|
Date: |
Wed, 15 Aug 2012 19:23:42 +0200 |
|
User-agent: |
Mozilla/5.0 (Windows NT 5.2; WOW64; rv:14.0) Gecko/20120713 Thunderbird/14.0 |
On 8/15/2012 9:40 AM, khan wahid wrote:
Hi,
I want to build a trusted integrity measurement OS, so that a remote party can
check the system's integrity. But I don't have a hardware TPM, so I run the TPM
emulator (http://tpm-emulator.berlios.de/) and patched my Qemu and SeaBIOS with
the TPM related Patches (provided by Mr. Stefan Berger) to test the integrity
measurement in virtual machine based Linux. To launch a Linux through Qemu, at
first I compiled Linux from the source with Kernel-IMA functionality. Now I
have the following files-
The compiled kernel-IMA image at
/home/rrsuj/linux-2.6.32.59/arch/x86/boot/bzImage
And the new initrd at /boot/initrd.img-2.6.32.59
The patched bios.bin at /home/rrsuj/seabios-0.6.2/out/bios.bin
I first check that the TPM emulator is running, so that Qemu and SeaBIOS find a
TPM (although virtual). Then I execute the following command -
#qemu-system-i386 -kernel /home/rrsuj/linux-2.6.32.59/arch/x86/boot/bzImage
-initrd /boot/initrd.img-2.6.32.59 -bios
/home/rrsuj/Downloads/seabios/seabios-0.6.2/out/bios.bin
It tries to boot Linux, but gives error-
"VFS: cannot open root device "<NULL>" or unknown-block (8,1)"
"Please append a correct "root=" boot option;"
In other words, the default root device indicated by a few reserved bytes
near the start of your bzImage or dynamically set by code in your
initrd.img was blockdev major 8, minor 1 a.k.a. /dev/sda1, but neither your
bzImage nor any modules loaded by your initrd.img knew how to map
"blockdev 8,1" to "sda1". So I guess you haven't loaded the relevant SCSI
driver.
So I did-
#qemu-system-i386 -kernel /home/rrsuj/Downloads/linux-2.6.32.59/arch/x86/boot/bzImage
-initrd /boot/initrd.img-2.6.32.59 -append "root=/dev/sda1" -bios
/home/rrsuj/Downloads/seabios/seabios-0.6.2/out/bios.bin
but the error changes slightly-
"VFS: cannot open root device "sda1" or unknown-block (0,0)"
"Please append a correct "root=" boot option;"
So this time, neither your bzImage, nor any of the loaded modules knew
how to map "sda1" to "(8,1)", probably for the same reason as in your
first attempt.
The output of "sudo fdisk -l" is-
Device Boot Start End Blocks Id System
/dev/sda1 * 1 2686 21569536 83 Linux
/dev/sda2 2686 2808 979969 5 Extended
/dev/sda5 2686 2808 979968 82 Linux swap / Solaris
How did you run this command if you could not boot your vm?
I guess you ran this using a different kernel or initrd which did load
the proper drivers.
So please tell me, what should I do? I had a plan to install TrustedGrub inside
the virtual machine (the guest Linux), so that I can measure the total system
from SeaBIOS to TrustedGrub to Linux-IMA. But it is not booting as I mentioned.
Thank you for your help.
Best regards
--
Jakob Bohm, CIO, partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. direct: +45 31 13 16 10
<call:+4531131610>
This message is only for its intended recipient, delete if misaddressed.
WiseMo - Remote Service Management for PCs, Phones and Embedded