[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-discuss] QEMU-TPM with SeaBIOS

From: Jakob Bohm
Subject: Re: [Qemu-discuss] QEMU-TPM with SeaBIOS
Date: Wed, 15 Aug 2012 19:23:42 +0200
User-agent: Mozilla/5.0 (Windows NT 5.2; WOW64; rv:14.0) Gecko/20120713 Thunderbird/14.0

On 8/15/2012 9:40 AM, khan wahid wrote:
I want to build a trusted integrity measurement OS, so that a remote party can 
check the system's integrity. But I don't have a hardware TPM, so I run the TPM 
emulator (http://tpm-emulator.berlios.de/) and patched my Qemu and SeaBIOS with 
the TPM related Patches (provided by Mr. Stefan Berger) to test the integrity 
measurement in virtual machine based Linux. To launch a Linux through Qemu, at 
first I compiled Linux from the source with Kernel-IMA functionality. Now I 
have the following files-
The compiled kernel-IMA image at 
And the new initrd at /boot/initrd.img-
The patched bios.bin at /home/rrsuj/seabios-0.6.2/out/bios.bin

I first check that the TPM emulator is running, so that Qemu and SeaBIOS find a 
TPM (although virtual). Then I execute the following command -

#qemu-system-i386  -kernel  /home/rrsuj/linux-  
-initrd /boot/initrd.img-  -bios 
It tries to boot Linux, but gives error-
"VFS: cannot open root device "<NULL>" or unknown-block (8,1)"
"Please append a correct "root=" boot option;"

In other words, the default root device indicated by a few reserved bytes
near the start of your bzImage or dynamically set by code in your
initrd.img was blockdev major 8, minor 1 a.k.a. /dev/sda1, but neither your
bzImage nor any modules loaded by your initrd.img knew how to map
"blockdev 8,1" to "sda1".  So I guess you haven't loaded the relevant SCSI

So I did-
#qemu-system-i386 -kernel /home/rrsuj/Downloads/linux-  
-initrd /boot/initrd.img-  -append "root=/dev/sda1"  -bios 
but the error changes slightly-
"VFS: cannot open root device "sda1" or unknown-block (0,0)"
"Please append a correct "root=" boot option;"

So this time, neither your bzImage, nor any of the loaded modules knew
how to map "sda1" to "(8,1)", probably for the same reason as in your
first attempt.

The output of "sudo fdisk -l" is-
Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1        2686    21569536   83  Linux
/dev/sda2            2686        2808      979969    5  Extended
/dev/sda5            2686        2808      979968   82  Linux swap / Solaris

How did you run this command if you could not boot your vm?

I guess you ran this using a different kernel or initrd which did load the proper drivers.

So please tell me, what should I do? I had a plan to install TrustedGrub inside 
the virtual machine (the guest Linux), so that I can measure the total system 
from SeaBIOS to TrustedGrub to Linux-IMA. But it is not booting as I mentioned.
Thank you for your help.
Best regards

Jakob Bohm, CIO, partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. direct: +45 31 13 16 10 <call:+4531131610>
This message is only for its intended recipient, delete if misaddressed.
WiseMo - Remote Service Management for PCs, Phones and Embedded

reply via email to

[Prev in Thread] Current Thread [Next in Thread]