tpm2-tools icon indicating copy to clipboard operation
tpm2-tools copied to clipboard

Published 20 hours ago verified publisher icon tpm2-software

TPM causes issues with Evolution

Open fansari opened this issue 3 years ago • 8 comments
trafficstars

Please check my bug report given here:

https://bugzilla.redhat.com/show_bug.cgi?id=2129915

fansari avatar Sep 27 '22 12:09 fansari

This means that something is configured to use tpm2 software and that the tpm2-abrmd service is not running:

> ** (evolution:23454): WARNING **: 17:27:17.254: Failed to create connection with service: Timeout was reached
> ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-tabrmd.so.0

I think you either need to configure FAPI to use something that isn't tpm2-abrmd or ensure the service is started/installed. FAPI could be configured to use the in-kernel resource manager /dev/tpmrm0, but IIUC it should try searching different ways to access a TPM, isn't that right @AndreasFuchsTPM ?

williamcroberts avatar Sep 27 '22 13:09 williamcroberts

The tpm2-abrmd is running but I could not figure out what is wrong with the FAPI stuff.

I have noticed a FAPI error in anothter context:

https://github.com/tpm2-software/tpm2-tools/issues/3111

But so far there is no answer to this. Maybe this is related.

Can I disable Evolution from trying to access TPM?

fansari avatar Sep 27 '22 13:09 fansari

The tpm2-abrmd is running but I could not figure out what is wrong with the FAPI stuff.

I have noticed a FAPI error in anothter context:

#3111

That seems unrelated.

But so far there is no answer to this. Maybe this is related.

Can I disable Evolution from trying to access TPM?

That would be a question for Evolution team.

williamcroberts avatar Sep 27 '22 13:09 williamcroberts

I have bought this module:

https://www.amazon.de/gp/product/B09P8899H3

Only thing working so far is SSH key.

This FAPI stuff is still a riddle to me. There is only this error described in the ticket and I have no idea how to move on.

fansari avatar Sep 27 '22 13:09 fansari

I have bought this module:

https://www.amazon.de/gp/product/B09P8899H3

Only thing working so far is SSH key.

This FAPI stuff is still a riddle to me. There is only this error described in the ticket and I have no idea how to move on.

Me too, I don't use FAPI often, wait for @AndreasFuchsTPM he probably has some really good insight since he is the curator of FAPI. I see him later today, ill bug him about this.

williamcroberts avatar Sep 27 '22 13:09 williamcroberts

Meanwhile I figured out how to get this FAPI working. But this TCTI error is still there.

I have opened this ticket:

https://github.com/tpm2-software/tpm2-tss/issues/2427

fansari avatar Sep 29 '22 13:09 fansari

This could be solved by this setting in ~/.bashrc:

export TPM2_PKCS11_TCTI=device:/dev/tpmrm0

But it would be interesting to know why this is necessary.

fansari avatar Oct 08 '22 16:10 fansari

This could be solved by this setting in ~/.bashrc:

export TPM2_PKCS11_TCTI=device:/dev/tpmrm0

But it would be interesting to know why this is necessary.

Yeah it should just figure it out. But it causes it to bypass tpm2-arbmd so no timeout there waiting for the failure. I still don't understand why tpm2-abrmd is timing out.

williamcroberts avatar Oct 21 '22 17:10 williamcroberts