Lennart Poettering
Lennart Poettering
oh, and regarding captive portals, we probably should have an explicit concept in resolved that scopes can be kept in a mode that ensures they are only accessible to clients...
does your PC have a TPM 2? Please provide boot-time logs, otherwise this is not actionable. i.e. add systemd.log_level=debug to the kernel cmdline, then paste "journalctl -b" output from after...
That OS of yours, never heard of, does it even include TPM drivers? We nowadays have a logic in place that checks if the firmware found and used a TPM...
please paste the whole journalctl -b output, not just the first page. i.e. use "journalctl -b | pastebin" or so to upload this to some pastebin (assuming you have some...
Your TPM firmware iface is borkerd: ``` June 19 18:06:35 ####-desktop kernel: tpm_crb MSFT0101:00: [Firmware Bug]: ACPI region does not cover the entire command/response buffer. [mem 0xdc795000-0xdc795fff flags 0x200] vs...
@alyssais @FoxKyong your issues seem different: you seem to have TPM support in your kernel, but are lacking the right drivers. This is really weird, most likely some kernel misconfiguration...
Ah, interesting, thanks for reporting back. So apparently the issue is known since 2019, and there was even work to deal with this: https://patchwork.kernel.org/project/linux-integrity/patch/[email protected]/ but afaics that work never concluded...
@ElvishJerricco I think disabling tpm support downstream is fine, but i'd just disable it altogether then, i.e. disable it fully when building systemd, because without tpm2-generator (but with tpm2 support...
lemme emphasize though: if you drop the generator, and then boot and are lucky and everything works, and then enroll your disk against the tpm2. And on the next boot...
Use "systemctl hybrid-sleep --when=…" instead. shutdown is a sysvinit compat command, we consider its interface private property of sysvinit and do not extend it. The native interface for systemd is...