Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to start TPM2 Access Broker and Resource Management Daemon. #788

Open
kloczek opened this issue Aug 3, 2021 · 4 comments
Open

Failed to start TPM2 Access Broker and Resource Management Daemon. #788

kloczek opened this issue Aug 3, 2021 · 4 comments

Comments

@kloczek
Copy link

kloczek commented Aug 3, 2021
edited

I have some TPM issue and I'm struggling with find cause.

After I've started observing different TPM related issue like crashing chrome with debug messages like:

ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-tabrmd.so.0
ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0
ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such file or directory
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0

I found that swtpm test suite is failing and have similar TPM related messages on fwupd test suite as well I've started looking closer on TPM systemd services and tpm2-abrmd service is failing with:

[root@barrel ~]# systemctl status --full --lines=50 tpm2-abrmd
● tpm2-abrmd.service - TPM2 Access Broker and Resource Management Daemon
     Loaded: loaded (/usr/lib/systemd/system/tpm2-abrmd.service; disabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Tue 2021-08-03 01:10:11 BST; 5min ago
    Process: 47269 ExecStart=/usr/sbin/tpm2-abrmd (code=exited, status=74)
   Main PID: 47269 (code=exited, status=74)
        CPU: 16ms

Aug 03 01:10:11 barrel systemd[1]: Starting TPM2 Access Broker and Resource Management Daemon...
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: tcti_conf before: "(null)"
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: tcti_conf after: "device:/dev/tpm0"
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such f>
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: device
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: ERROR:tcti:src/tss2-tcti/tctildr.c:428:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: init_thread_func: failed to create TCTI with conf "device:/dev/tpm0", got RC: 0xa000a
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: g_bus_unown_name: assertion 'owner_id > 0' failed
Aug 03 01:10:11 barrel systemd[1]: tpm2-abrmd.service: Main process exited, code=exited, status=74/IOERR
Aug 03 01:10:11 barrel systemd[1]: tpm2-abrmd.service: Failed with result 'exit-code'.
Aug 03 01:10:11 barrel systemd[1]: Failed to start TPM2 Access Broker and Resource Management Daemon.
Aug 03 01:12:57 barrel systemd[1]: Dependency failed for TPM2 Access Broker and Resource Management Daemon.
Aug 03 01:12:57 barrel systemd[1]: tpm2-abrmd.service: Job tpm2-abrmd.service/start failed with result 'dependency'.

[root@barrel ~]# lsmod |grep tpm
tpm_vtpm_proxy         20480  0

I'm using SuperMicro HW and kernel 5.12.15.

May I ask for some help or at least some suggestion what could be wrong in my case?
@williamcroberts
Copy link
Member

Do you have /dev/tpm0?

What is the version of tpm2-abrmd?

tpm2-abrmd --version

@kloczek
Copy link
Author

kloczek commented Aug 5, 2021

No I haven't and installing tpm2-abrmd package caused that many thing stopped working by TPM2 errors.
I've installed tpm2-abrmd and its devel resources because build dependencies of other packages.
IMO it should not be like that absence of hardware component is causing such wide concequences.

Even after uninstall tpm2-abrmd still chrome fails on each tab an started with --debug shows me tpm2 errors.
I was completly surprised that chrome is trying use tpm.
Do you know what is going here?
Other sub subject. If there is no HW TPM2 module what about use swtpm? Do you maybe know how to setup that?

@williamcroberts
Copy link
Member

No I haven't and installing tpm2-abrmd package caused that many thing stopped working by TPM2 errors.
I've installed tpm2-abrmd and its devel resources because build dependencies of other packages.
IMO it should not be like that absence of hardware component is causing such wide concequences.

The tpm2-abrmd service should only start if /dev/tpm0 is present. This is controlled by a config file https://github.com/tpm2-software/tpm2-abrmd/blob/master/dist/tpm2-abrmd.service.in. But this is only present in version 2.4.0+.

Even after uninstall tpm2-abrmd still chrome fails on each tab an started with --debug shows me tpm2 errors.
I was completly surprised that chrome is trying use tpm.
Do you know what is going here?

Not really, perhaps you installed tpm2-pkcs11 and p11-kit and some integration was attempted there

Other sub subject. If there is no HW TPM2 module what about use swtpm? Do you maybe know how to setup that?

Yep you can use either:

See those projects for details on setup.

@kloczek
Copy link
Author

kloczek commented Aug 5, 2021

No I haven't and installing tpm2-abrmd package caused that many thing stopped working by TPM2 errors.
I've installed tpm2-abrmd and its devel resources because build dependencies of other packages.
IMO it should not be like that absence of hardware component is causing such wide concequences.

The tpm2-abrmd service should only start if /dev/tpm0 is present. This is controlled by a config file https://github.com/tpm2-software/tpm2-abrmd/blob/master/dist/tpm2-abrmd.service.in. But this is only present in version 2.4.0+.

This is the status which I had of the tpm2-abrmd service when it was started without HW TPM module.

[root@barrel ~]# systemctl status --full --lines=50 tpm2-abrmd
● tpm2-abrmd.service - TPM2 Access Broker and Resource Management Daemon
     Loaded: loaded (/usr/lib/systemd/system/tpm2-abrmd.service; disabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Tue 2021-08-03 01:10:11 BST; 5min ago
    Process: 47269 ExecStart=/usr/sbin/tpm2-abrmd (code=exited, status=74)
   Main PID: 47269 (code=exited, status=74)
        CPU: 16ms

Aug 03 01:10:11 barrel systemd[1]: Starting TPM2 Access Broker and Resource Management Daemon...
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: tcti_conf before: "(null)"
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: tcti_conf after: "device:/dev/tpm0"
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such f>
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: device
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: ERROR:tcti:src/tss2-tcti/tctildr.c:428:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: init_thread_func: failed to create TCTI with conf "device:/dev/tpm0", got RC: 0xa000a
Aug 03 01:10:11 barrel tpm2-abrmd[47269]: g_bus_unown_name: assertion 'owner_id > 0' failed
Aug 03 01:10:11 barrel systemd[1]: tpm2-abrmd.service: Main process exited, code=exited, status=74/IOERR
Aug 03 01:10:11 barrel systemd[1]: tpm2-abrmd.service: Failed with result 'exit-code'.
Aug 03 01:10:11 barrel systemd[1]: Failed to start TPM2 Access Broker and Resource Management Daemon.
Aug 03 01:12:57 barrel systemd[1]: Dependency failed for TPM2 Access Broker and Resource Management Daemon.
Aug 03 01:12:57 barrel systemd[1]: tpm2-abrmd.service: Job tpm2-abrmd.service/start failed with result 'dependency'.

[root@barrel ~]# lsmod |grep tpm
tpm_vtpm_proxy         20480  0

Even after uninstall tpm2-abrmd still chrome fails on each tab an started with --debug shows me tpm2 errors.
I was completly surprised that chrome is trying use tpm.
Do you know what is going here?

Not really, perhaps you installed tpm2-pkcs11 and p11-kit and some integration was attempted there

Uninstall tpm2-pkcs11 did not help and chrome still still crashes on all tabs :/
I have installed only tpm2-abrmd-selinux, tpm2-tss, tpm2-tss-devel.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@williamcroberts @kloczek