Wind River Support Network

HomeDefectsLIN1022-6375
Fixed

LIN1022-6375 : LTS22 - tpm2_nvread failing

Created: Jan 23, 2024    Updated: Sep 5, 2024
Resolved Date: Aug 29, 2024
Found In Version: 10.22.33.13
Fix Version: 10.22.33.18
Severity: Critical
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

tpm2_nvread is failing with LTS22 RCPL13 and same command working fine with LTS22 RCPL 8.

=====

-> We can see that "tpm2-tss" package was upgraded in LTS22 RCPL00{*}11{*} which may have introduced this issue.
 * *tpm2-tss to version 3.2.2*

Refer - Latest Release Updates (windriver.com) (https://docs.windriver.com/bundle/Wind_River_Linux_Release_Notes_LTS_22/page/mac1674073763673.html)

=====
*Not working:*
root@spland18-node:~# uname -a
Linux spland18-node 5.15.136-rt61-LTS22 #1 SMP PREEMPT Tue Dec 5 08:39:42 IST 2023 x86_64 x86_64 x86_64 GNU/Linux
root@spland18-node:~# cat /etc/os-release
ID=wrlinux-ovp
NAME="Wind River Linux OVP LTS"
VERSION="10.22.33.13"
VERSION_ID=10.22.33.13
PRETTY_NAME="Wind River Linux OVP LTS 22.33 Update 13"
root@spland18-node:~# *tpm2 -v*
*tool="tpm2" version="5.2" tctis="libtss2-tctildr" tcti-default=tcti-abrmd*
root@spland18-node:~# tpm2_nvread --output /tmp/DevID-cert.der 0x01C90000
WARN: Reading full size of the NV index
ERROR:esys:../{*}tpm2-tss-3.2.2{*}/src/tss2-esys/esys_iutil.c:1096:esys_GetResourceObject() Error: Esys handle does not exist (70018).
ERROR: Esys_SequenceComplete(0x70018) - esapi:The ESYS_TR resource object is bad
ERROR: Failed to get shandle
ERROR: Failed to read NVRAM area at index 0x1C90000
ERROR: Unable to run tpm2_nvread
root@spland18-node:~# hexdump -C /tmp/DevID-cert.der
hexdump: /tmp/DevID-cert.der: No such file or directory
hexdump: all input file arguments failed

*Working:*
root@spland18-node:~# uname -a
Linux spland18-node 5.15.106-rt59-LTS22 #1 SMP PREEMPT Thu Nov 30 13:09:34 IST 2023 x86_64 x86_64 x86_64 GNU/Linux
root@spland18-node:~# cat /etc/os-release
ID=wrlinux-ovp
NAME="Wind River Linux OVP LTS"
VERSION="10.22.33.8"
VERSION_ID=10.22.33.8
PRETTY_NAME="Wind River Linux OVP LTS 22.33 Update 8"
root@spland18-node:~# tpm2 -v
tool="tpm2" version="5.2" tctis="libtss2-tctildr" tcti-default=tcti-abrmd
root@spland18-node:~# *tpm2_nvread --output /tmp/DevID-cert.der 0x01C90000*
*WARN: Reading full size of the NV index*
root@spland18-node:~# hexdump -C /tmp/DevID-cert.der
00000000 30 82 03 d9 30 82 02 c1 a0 03 02 01 02 02 10 52 |0...0..........R|
00000010 29 d9 ef 9b 51 48 9b 8b a4 48 1d 4d be 7c 02 30 |)...QH...H.M.|.0|
00000020 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 |...*.H........0.|
00000030 86 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 0b |.1.0...U....US1.|
00000040 30 09 06 03 55 04 08 0c 02 43 41 31 12 30 10 06 |0...U....CA1.0..|
00000050 03 55 04 07 0c 09 53 75 6e 6e 79 76 61 6c 65 31 |.U....Sunnyvale1|
00000060 1e 30 1c 06 03 55 04 0a 0c 15 4a 75 6e 69 70 65 |.0...U....Junipe|
00000070 72 20 4e 65 74 77 6f 72 6b 73 20 49 6e 63 2e 31 |r Networks Inc.1|
00000080 13 30 11 06 03 55 04 0b 0c 0a 4a 75 6e 69 70 65 |.0...U....Junipe|
00000090 72 20 43 41 31 21 30 1f 06 03 55 04 03 0c 18 49 |r CA1!0...U....I|
000000a0 6e 69 74 69 61 6c 44 65 76 69 63 65 49 44 52 53 |nitialDeviceIDRS|
000000b0 41 32 30 34 38 43 41 30 20 17 0d 32 32 31 31 32 |A2048CA0 ..22112|
000000c0 33 30 34 33 38 32 30 5a 18 0f 32 31 32 32 31 31 |3043820Z..212211|
000000d0 32 33 30 34 34 38 32 30 5a 30 2e 31 15 30 13 06 |23044820Z0.1.0..|
000000e0 03 55 04 05 13 0c 46 4e 34 36 32 32 41 4e 30 30 |.U....FN4622AN00|
000000f0 31 35 31 15 30 13 06 03 55 04 03 0c 0c 53 52 58 |151.0...U....SRX|
00000100 31 35 35 30 2d 43 48 41 53 30 82 01 22 30 0d 06 |1550-CHAS0.."0..|
00000110 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f |.*.H............|
00000120 00 30 82 01 0a 02 82 01 01 00 e3 18 00 4d cc da |.0...........M..|
00000130 bf a7 da d3 02 4a 5f c0 18 58 b1 ee 13 39 be 9d |.....J_..X...9..|
00000140 29 ca 97 7d be 4a 9e b1 87 e5 56 18 d6 2c f2 10 |)..}.J....V..,..|
00000150 6f fb 3e e4 12 90 f4 51 35 b6 25 1c d9 b5 03 b1 |o.>....Q5.%.....|
00000160 91 c9 08 45 1c 42 70 2a 5d e3 a0 57 c0 17 da a2 |...E.Bp*]..W....|
00000170 aa 95 7c bd ff 5e c5 3d 84 f6 fd d8 76 39 ae c8 |..|..^.=....v9..|
00000180 fa 8c ee 11 ef 7a 68 05 b8 1a 02 84 b5 bd b0 0f |.....zh.........|
00000190 db d5 34 be 7e 17 be 29 bd 17 28 51 41 3f c7 75 |..4.~..)..(QA?.u|
000001a0 d0 a5 51 53 b5 25 38 36 ff 2d cb 22 76 87 e6 69 |..QS.%86.-."v..i|
000001b0 8f c6 a0 ca 51 9a 30 db 2d 67 fe ef 56 21 2a 5f |....Q.0.-g..V!*_|
000001c0 be 0e 64 97 35 61 55 7f 5a 36 bf 5a 05 d2 bf 59 |..d.5aU.Z6.Z...Y|
000001d0 1a dc 13 d9 79 77 7b f2 84 c8 d7 eb 84 f6 c5 a9 |....yw{.........|
000001e0 97 d2 0b b9 3d 4b 0c 24 66 7b 9c 7a f6 55 f7 9b |....=K.$f{.z.U..|
000001f0 72 73 a7 c0 c8 d8 5e 97 71 8f 18 c1 ce 7c 20 5d |rs....^.q....| ]|
00000200 6d bf 2b 2b 3c 65 4d e7 a3 a9 5e f5 10 3a 12 50 |m.++<eM...^..:.P|
00000210 cf fd 3c d3 13 34 e8 4a 2e 68 5b 03 b3 0d 0f 7e |..<..4.J.h[....~|
00000220 30 7e 6d bf cd 52 58 2c ae e9 02 03 01 00 01 a3 |0~m..RX,........|
00000230 81 97 30 81 94 30 0b 06 03 55 1d 0f 04 04 03 02 |..0..0...U......|
00000240 05 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b |..0...U.%..0...+|
00000250 06 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 |.........+......|
00000260 02 30 26 06 03 55 1d 11 04 1f 30 1d a0 1b 06 08 |.0&..U....0.....|
00000270 2b 06 01 05 05 07 08 04 a0 0f 30 0d 06 05 67 81 |+.........0...g.|
00000280 05 01 02 04 04 27 b3 c2 5e 30 1d 06 03 55 1d 0e |.....'..^0...U..|
00000290 04 16 04 14 aa 31 61 89 b5 47 7b e0 e4 ee 2e 30 |.....1a..G

{....0| 000002a0 31 f5 c8 aa df 7a cc 69 30 1f 06 03 55 1d 23 04 |1....z.i0...U.#.| 000002b0 18 30 16 80 14 e4 16 25 58 0a 9b 23 b9 a4 1c cc |.0.....%X..#....| 000002c0 d2 bc ff de ad c7 03 39 ac 30 0d 06 09 2a 86 48 |.......9.0...*.H| 000002d0 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 27 1f 3c |.............'.<| 000002e0 a6 a1 a3 2f 3f eb 81 4b 16 47 58 21 e2 3c db ca |.../?..K.GX!.<..| 000002f0 90 dd d3 e8 3b 8b 9e 61 cb a2 42 4e c3 41 de 40 |....;..a..BN.A.@| 00000300 ce ed e5 2f 40 88 5b 70 52 72 d4 b0 cf 2d 17 43 |.../@.[pRr...-.C| 00000310 8f 59 c8 69 a6 ae a3 7f 01 f1 c9 70 af bb c9 df |.Y.i.......p....| 00000320 ce 92 7f 2e f5 ac bc ca 66 61 86 82 ae d5 db 21 |........fa.....!| 00000330 07 7b 9c 3e 35 1c 06 7f fa 23 99 7d 6d a2 d5 ea |.\\{.>5....#.}

m...|
00000340 68 99 6a 92 65 fa 78 e4 7c 06 47 78 0f e0 ca c4 |h.j.e.x.|.Gx....|
00000350 68 23 1c a2 53 b8 e4 27 d6 b2 f5 d6 43 16 a1 76 |h#..S..'....C..v|
00000360 d0 72 a4 bd 38 e2 d2 a4 11 fd 1c 28 d9 dd f9 30 |.r..8......(...0|
00000370 3c 3f 43 ea 91 d5 f4 e2 45 8e 49 09 88 a4 41 e0 |<?C.....E.I...A.|
00000380 0c b5 1c 5f d6 8e c3 2b 37 4d 84 d4 fc d9 5a 10 |..._...+7M....Z.|
00000390 cc c1 64 94 ff 4e d8 83 2a 01 ec c2 65 ad 83 f4 |..d..N..*...e...|
000003a0 3d eb c0 c9 05 73 24 b6 00 a1 16 7f 1c 2a 66 60 |=....s$......*f`|
000003b0 a3 4c bc 40 42 4d 10 17 69 7e c5 e9 f4 6d 51 ac |.L.@BM..i~...mQ.|
000003c0 e4 87 2a 25 12 74 72 55 40 92 09 5a 0c 64 e2 b1 |..*%.trU@..Z.d..|
000003d0 6e 3d 54 d3 ee ab f9 0b 6b 52 e6 d7 c8 |n=T.....kR...|
000003dd

Workaround

NA

Steps to Reproduce

-> This issue is currently reproducible in customer environment. 

LTS22 RCPL0013 OVP Host.

Project configration:
$ --dl-layers --distros wrlinux-ovp --machines intel-x86-64 --templates feature/initramfs-integrated,feature/initramfs-install,feature/kdump,feature/kexec,feature/sysklogd,feature/dpdk,feature/package-management, feature/{*}tpm2{*}

$ . ./environment-setup-x86_64-wrlinuxsdk-linux
$ . ./oe-init-build-env build

$ vi conf/local.conf
DISTRO = "wrlinux-ovp"
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-rt"

$ bitbake wrlinux-image-ovp-kvm

-> Deploy kernel and rootfs on intel-x86-64 target.
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube