[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] vTPM Manager VM launch failure: operation not permitted
on 2017/9/13 18:42, Wei Liu wrote: Cc VTPM maintainers On Sun, Sep 10, 2017 at 03:07:04PM -0400, Ronny Ko wrote:Hi, I'm a PhD student from Harvard University having a trouble in running vTPM manager. I cannot successfully launch vTPM manager in Xen, because when I command "sudo xl create vtpm-manager.cfg" to launch a virtual TPM VM, I get the following error: libxl: error: libxl_create.c:1295:domcreate_launch_dm: Domain 10:failed give domain access to iomeim range fed44-fed44: Operation not permitted In Xen, virtual TPM is a standalone VM that communicates with DOMu. "vtpm-manager.cfg" is Xen's configuration file for virtual TPM manager VM, whose contents are as follows: ============ vtpm-manager.cfg ================ kernel="/usr/local/lib/xen/boot/vtpmmgr-stubdom.gz" # vTPM manager code image memory=16 # 16M RAM size disk=["file:/home/skyer/Desktop/xen/vtpmmgr-stubdom.img,hda,w"] # disk storage name="vtpmmgr" # Just a nick name iomem=["fed44,1"] # This means, map physical memory from 0xfed44000-0xfed44fff for I/O, which is to be used by virtual TPM manager to communicate with the physical TPM device. =========================================== Ronny, is your physical TPM device v1.2 or v2.0?for tpm1.2.. , commands that are sent to the TPM through the register set at address FED4.0000 are implicitly associated with locality 0. try 'iomem=["fed40,1"]' and make sure Dom0 's TPM driver is _not_ loaded... Quan My kernel is compiled with CONFIG_IO_STRICT_DEVMEM flag disabled, so iomem shouldn't be blocked by the kernel. I tried to map not only 0xfed44000, but also any other random addresses for testing, but all of them give the same error message as above. I'm launching the vTPM manager VM not from inside a DOMu Linux VM, but from inside the Linux kernel directly loaded by Xen-4.9.0 (which I suppose to be DOM0 Linux VM), and I believe this is the correct way to launch vTPM manager. In particular, I get the iomem() "operation not allowed" error at the source code line; ioctl(fd, IOCTL_PRIVCMD_HYPERCALL, hypercall); In ioctl(fd, IOCTL_PRIVCMD_HYPERCALL, hypercall), - "fd" is the special privileged Command device - "IOCTL_PRIVCMD_HYPERCALL" denotes that this is a privileged hypercall command - "hypercall" is an object containing the information of: { hypercall_command_index, target_DOM_id, iomem_start_page, iomem_page_count, allow_or_deny_access}. When I launch the vTPM manager, target_DOM_id = the ID of vTPM manager, iomem_start_page = 0xfed40, iomem_page_count = 5, and allow_or_deny_access = 1, and this ioctl() gives an "operation-not-allowed" error. But if I hard-code DOM_id = 0 just for a test, this error goes away, but then I get a 0xfed0 memory mapping failure error later on. To summarize, I cannot find the reason why the vTPM manager VM crashes with "Operation not permitted". If anyone has a clue, please give me some help. Thanks very much. Ronny _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |