[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [xen-unstable bisection] complete build-i386
branch xen-unstable xen branch xen-unstable job build-i386 test xen-build Tree: qemu git://xenbits.xen.org/staging/qemu-xen-unstable.git Tree: qemuu git://xenbits.xen.org/staging/qemu-upstream-unstable.git Tree: xen git://xenbits.xen.org/xen.git *** Found and reproduced problem changeset *** Bug is in tree: xen git://xenbits.xen.org/xen.git Bug introduced: 5c3705c900581af6f30be124ab8fb64603bdca03 Bug not present: 0b182202fef8ebfc093a00ead9414a683eb8807c commit 5c3705c900581af6f30be124ab8fb64603bdca03 Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Date: Mon Apr 21 13:22:57 2014 -0400 vtpmmgr: add TPM group support This is a complete rewrite of the disk format and key hierarchy for the TPM Manager. The new format supports multiple groups of vTPMs which define the permitted configurations where a given vTPM's keys are available, allowing upgrades of critical components while retaining the secrecy of cryptographic keys. New features of the TPM Manager are explained in the README and in the definitions of the management commands in vtpm_manager.h. New features for vTPMs: 1. The size of the state blob for a vTPM is expanded from 52 to 64 bytes in order to support future vTPMs using SHA-2/3 instead of SHA-1. 2. vTPMs can obtain a quote from the physical TPM with certain resettable PCRs set to include information about the vTPM. This can be used by a vTPM to provide evidence of its integrity, including the secrecy of its EK, and for deep quotes. Some additional changes made by this rewrite that may impact existing users: 1. The value of WELLKNOWN_OWNER_AUTH was incorrect for the physical TPM; the convention is to use all zero bits for well-known authentication values, not all one bits. 2. Randomly generating the owner auth value for the physical TPM is no longer supported, as it prevents later creation or certification of AIKs (which the old manager did not support). 3. The vTPM Manager needs to be provisioned with a PCR composite and an upgrade authority's public key before it will save data across boots. The current implementation still has some limitations: * 5 valid system PCR selections per group * The vTPM Manager's disk can use at most 2MB of space * The vTPM domain's build hash is always set to null/zero Most of the code relating to upgrade and rollback protection is currently stubbed out, but future versions can add: * Support for using the TPM's monotonic counter to prevent rollback of vTPM data by taking and restoring disk snapshots * Masking the master disk encryption key using a value stored in the TPM's NVRAM so that revocation of old data is possible without relying on all previously authorized software stacks to respect the monotonic counter's value Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> For bisection revision-tuple graph see: http://www.chiark.greenend.org.uk/~xensrcts/results/bisect.xen-unstable.build-i386.xen-build.html Revision IDs in each graph node refer, respectively, to the Trees above. ---------------------------------------- Searching for failure / basis pass: 25984 fail [host=moss-bug] / 25960 [host=grain-weevil] 25954 [host=grain-weevil] 25945 [host=lace-bug] 25938 [host=grain-weevil] 25931 [host=lace-bug] 25923 [host=field-cricket] 25919 ok. Failure / basis pass flights: 25984 / 25919 Tree: qemu git://xenbits.xen.org/staging/qemu-xen-unstable.git Tree: qemuu git://xenbits.xen.org/staging/qemu-upstream-unstable.git Tree: xen git://xenbits.xen.org/xen.git Latest 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 c7ee02d23fde573f0bb145610c984b64d71d20cb Basis pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 01feb234d0cb3bff248694d99397fb63a9757490 Generating revisions with ./adhoc-revtuple-generator git://xenbits.xen.org/staging/qemu-xen-unstable.git#7f5b3c338e0f8938ba575dec18255dcbee0c2ee2-7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 git://xenbits.xen.org/staging/qemu-upstream-unstable.git#65fc9b78ba3d868a26952db0d8e51cecf01d47b4-65fc9b78ba3d868a26952db0d8e51cecf01d47b4 git://xenbits.xen.org/xen.git#01feb234d0cb3bff248694d99397fb63a9757490-c7ee02d23fde573f0bb145610c984b64d71d20cb Cloning into bare repository /export/home/osstest/repos/xen... Cloning into bare repository /export/home/osstest/repos/xen... Loaded 1001 nodes in revision graph Searching for test results: 25905 [host=lace-bug] 25915 [host=grain-weevil] 25917 [host=lace-bug] 25912 [host=field-cricket] 25919 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 01feb234d0cb3bff248694d99397fb63a9757490 25923 [host=field-cricket] 25991 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 cda12fa0cee7023878598ff8ced3613b57576ce3 26002 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 0b182202fef8ebfc093a00ead9414a683eb8807c 25954 [host=grain-weevil] 25931 [host=lace-bug] 25975 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 01feb234d0cb3bff248694d99397fb63a9757490 25938 [host=grain-weevil] 25992 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 a0453db0c6ead85e0e2143c133268bcc5a017f73 25960 [host=grain-weevil] 25945 [host=lace-bug] 25982 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 bf70db7cea3794cf2f3c8d714b460bba86b04791 26003 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 5c3705c900581af6f30be124ab8fb64603bdca03 25974 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 208ae82a265c065b7f39ca38b4ba25c14d2df0f0 25984 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 c7ee02d23fde573f0bb145610c984b64d71d20cb 25967 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 8cfc8e520679e029bed51ccc2540a136fc0fbd9b 25983 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 5ff49ec44b0fa74b624fe2291e563a858c606087 26004 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 0b182202fef8ebfc093a00ead9414a683eb8807c 25973 [host=lace-bug] 25966 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 bf70db7cea3794cf2f3c8d714b460bba86b04791 25995 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 0b182202fef8ebfc093a00ead9414a683eb8807c 26005 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 5c3705c900581af6f30be124ab8fb64603bdca03 25985 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 208ae82a265c065b7f39ca38b4ba25c14d2df0f0 25997 pass 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 01feb234d0cb3bff248694d99397fb63a9757490 25989 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 5c3705c900581af6f30be124ab8fb64603bdca03 25998 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 c7ee02d23fde573f0bb145610c984b64d71d20cb 26001 fail 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 5c3705c900581af6f30be124ab8fb64603bdca03 Searching for interesting versions Result found: flight 25919 (pass), for basis pass Result found: flight 25984 (fail), for basis failure Repro found: flight 25997 (pass), for basis pass Repro found: flight 25998 (fail), for basis failure 0 revisions at 7f5b3c338e0f8938ba575dec18255dcbee0c2ee2 65fc9b78ba3d868a26952db0d8e51cecf01d47b4 0b182202fef8ebfc093a00ead9414a683eb8807c No revisions left to test, checking graph state. Result found: flight 25995 (pass), for last pass Result found: flight 26001 (fail), for first failure Repro found: flight 26002 (pass), for last pass Repro found: flight 26003 (fail), for first failure Repro found: flight 26004 (pass), for last pass Repro found: flight 26005 (fail), for first failure *** Found and reproduced problem changeset *** Bug is in tree: xen git://xenbits.xen.org/xen.git Bug introduced: 5c3705c900581af6f30be124ab8fb64603bdca03 Bug not present: 0b182202fef8ebfc093a00ead9414a683eb8807c Cloning into bare repository /export/home/osstest/repos/xen... commit 5c3705c900581af6f30be124ab8fb64603bdca03 Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Date: Mon Apr 21 13:22:57 2014 -0400 vtpmmgr: add TPM group support This is a complete rewrite of the disk format and key hierarchy for the TPM Manager. The new format supports multiple groups of vTPMs which define the permitted configurations where a given vTPM's keys are available, allowing upgrades of critical components while retaining the secrecy of cryptographic keys. New features of the TPM Manager are explained in the README and in the definitions of the management commands in vtpm_manager.h. New features for vTPMs: 1. The size of the state blob for a vTPM is expanded from 52 to 64 bytes in order to support future vTPMs using SHA-2/3 instead of SHA-1. 2. vTPMs can obtain a quote from the physical TPM with certain resettable PCRs set to include information about the vTPM. This can be used by a vTPM to provide evidence of its integrity, including the secrecy of its EK, and for deep quotes. Some additional changes made by this rewrite that may impact existing users: 1. The value of WELLKNOWN_OWNER_AUTH was incorrect for the physical TPM; the convention is to use all zero bits for well-known authentication values, not all one bits. 2. Randomly generating the owner auth value for the physical TPM is no longer supported, as it prevents later creation or certification of AIKs (which the old manager did not support). 3. The vTPM Manager needs to be provisioned with a PCR composite and an upgrade authority's public key before it will save data across boots. The current implementation still has some limitations: * 5 valid system PCR selections per group * The vTPM Manager's disk can use at most 2MB of space * The vTPM domain's build hash is always set to null/zero Most of the code relating to upgrade and rollback protection is currently stubbed out, but future versions can add: * Support for using the TPM's monotonic counter to prevent rollback of vTPM data by taking and restoring disk snapshots * Masking the master disk encryption key using a value stored in the TPM's NVRAM so that revocation of old data is possible without relying on all previously authorized software stacks to respect the monotonic counter's value Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> Revision graph left in /home/xc_osstest/results/bisect.xen-unstable.build-i386.xen-build.{dot,ps,png,html}. ---------------------------------------- 26005: tolerable ALL FAIL flight 26005 xen-unstable real-bisect [real] http://www.chiark.greenend.org.uk/~xensrcts/logs/26005/ Failures :-/ but no regressions. Tests which did not succeed, including tests which could not be run: build-i386 4 xen-build fail baseline untested jobs: build-i386 fail ------------------------------------------------------------ sg-report-flight on osstest.cam.xci-test.com logs: /home/xc_osstest/logs images: /home/xc_osstest/images Logs, config files, etc. are available at http://www.chiark.greenend.org.uk/~xensrcts/logs Test harness code can be found at http://xenbits.xensource.com/gitweb?p=osstest.git;a=summary _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |