tpm2-tools
tpm2-tools copied to clipboard
tpm2-software
tpm2_createek command execute failed in ubuntu 19.04 After package building
Hi, guys, I download two packages (tpm2-tools-5.2.tar.gz , tpm2-tss-3.2.0.tar.gz) from the github. Compiling and Installed them in ubuntu 19.04. The packaing building commands are easy: (1) ./configure --prefix=/usr (2) make && make install After that, I run some commands, like tpm2_createek for example , it always report errors: root@keylime-u19:/tmp# tpm2_clear root@keylime-u19:/tmp# tpm2_createek -c 0x81010001 -G rsa -u ekpub.pem -f pem ERROR:tcti:src/tss2-tcti/tcti-device.c:199:tcti_device_receive() Failed to get response size fd 3, got errno 2: No such file or directory ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:334:Esys_EvictControl_Finish() Received a non-TPM Error ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:114:Esys_EvictControl() Esys Finish ErrorCode (0x000a000a) ERROR: Esys_EvictControl(0xA000A) - tcti:IO failure ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR: Unable to run tpm2_createek
Meanwhile ome commands like tpm2_pcrread and tpm2_getrandom always get right.
The same operations in ubuntu18.04 and ubuntu20.04 can get right result and no errors happened. Can anyone give me some hints where is my miss-operation, or maybe needed some dependent softewares?
root@keylime-u19:~/build# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 19.04 Release: 19.04 Codename: disco
It is interesting that you do not run into tcti errors with other tools. As for the options you used in the tpm2_createek call above, if you have set owner-auth and endorsement-hierarchy-auth, please specify it with -P and -w
Before i run the command tpm3_createek, I executed tpm2_clear. I am sure i have not set owner-auth or endorsement-hierarchy-auth by myself. Are there some commands can reset the tpm2 which will clean the auth-value ?
tpm2_clear requires lockout or platform-hierarchy auth and not owner-auth. If lockout auth is not set, a clear will always succeed. tpm2_getcap --properties-variable can reveal if auths are set.
Hi all,
I have facing similar issue while use this command "tpm2_createek" as below error by using ;
-c with persistent handle value
user@localhost:/usr/lib/modules/6.0.0-iotg-next-221012t034811z/kernel/drivers/char/tpm$ sudo tpm2_createek -c 0x81010009 -G rsa -u ekpub.pem -f pem ERROR:tcti:src/tss2-tcti/tcti-device.c:198:tcti_device_receive() Failed to get response size fd 3, got errno 14: Bad address ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:334:Esys_EvictControl_Finish() Received a non-TPM Error ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:114:Esys_EvictControl() Esys Finish ErrorCode (0x000a000a) ERROR: Esys_EvictControl(0xA000A) - tcti:IO failure ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR: Unable to run tpm2_createek
I also try using -c with file path, also face same error
user@localhost:/usr/lib/modules/6.0.0-iotg-next-221012t034811z/kernel/drivers/char/tpm$ sudo tpm2_createek -c endorsement_key.ctx -G rsa -u ekpub_2.pem -f pem ERROR:tcti:src/tss2-tcti/tcti-device.c:198:tcti_device_receive() Failed to get response size fd 3, got errno 14: Bad address ERROR:esys:src/tss2-esys/api/Esys_ContextSave.c:251:Esys_ContextSave_Finish() Received a non-TPM Error ERROR:esys:src/tss2-esys/api/Esys_ContextSave.c:92:Esys_ContextSave() Esys Finish ErrorCode (0x000a000a) ERROR: Esys_ContextSave(0xA000A) - tcti:IO failure ERROR: Error saving tpm context for handle ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR:esys:src/tss2-esys/esys_iutil.c:1145:iesys_check_sequence_async() Esys called in bad sequence. ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order ERROR: Unable to run tpm2_createek
Anyone knows why this error trigger?
