Stefan Berger

I have been able to reproduce this issue. The issue seems to be only related to ioctl(..., FIOASYNC, ...). This is the first ioctl on one of the file descriptors...

Further investigation seems to show that the pipe's PAL_HANDLE has been free()'d in pipe_destroy() and that's why the handle_array[1] above is corrupt. This seems to happen after the ipc handler...

The callpath libos_exit::thread_exit -> detach_all_fds -> detach_fd -> put_handle -> PalObjectDestroy() is the one responsible for the deletion of the PAL_HANDLE. The solution may be to implement maybe_uninstall_async_event() that 1)...

There was a pyright version release two days ago and nodeenv seems to not have changed in several months. We had builds today that succeeded. So maybe it's another dependency...

When I have private keys in the certs directory nothing like this happens when the EK cert is verified as part of the `-C add/update` tenant command. ~~What operation were...

@kkaarreell right, a malformed certificate or key throws this error. See PR #1488 for a resolution.

> @stefanberger just to confirm we can close this issue right? I think so.

> @whooo, @stefanberger it appears that PCR index 20, 21, 22 are in the authorization set for swtpm. Is that right? That's what it is now. Per the commit description:...

When I look at the below document Table 6 then my interpretation is that the patch I applied was a bugfix... which breaks backwards compatibility. https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-v1p05p_r14_pub.pdf

> It sure likes like it. Perhaps add a command line option to swtpm to retain the old behavior. I won't support this with a command line option but may...