Open blueaxions opened 3 weeks ago
Hello, Running RHEL 8.6 on a Dell laptop with a STMicro TPM chip. I'm able to successfully initialize the TPM and create tokens and objects using the 'tpm2_ptool' command. I have the following variables set:
TPM2TOOLS_TCTI=device:/dev/tpmrm0 TPM2_PKCS11_TCTI=device:/dev/tpmrm0
I have the following packages installed:
tpm2-abrmd.x86_64 2.3.3-2.el8 @dvd-BaseOS-rhel8dot6 tpm2-abrmd-selinux.noarch 2.3.1-1.el8 @dvd-BaseOS-rhel8dot6 tpm2-pkcs11.x86_64 1.6.0-1.el8 @@commandline tpm2-pkcs11-tools.x86_64 1.6.0-1.el8 @@commandline tpm2-tools.x86_64 4.1.1-5.el8 @anaconda tpm2-tss.x86_64 2.3.2-4.el8 @anaconda p11-kit.x86_64 0.23.22-1.el8 @anaconda p11-kit-trust.x86_64 0.23.22-1.el8 @anaconda
Created the this file: /etc/pkcs11/modules/tpm2_pkcs11.module -rw-r--r--. 1 root root 39 Nov 1 16:23 /etc/pkcs11/modules/tpm2_pkcs11.module
Which has: module: libtpm2_pkcs11.so critical: no
Also, the TPM2 PKCS11 library is in this location:
total 644 drwxr-xr-x. 2 root root 144 Nov 1 10:01 . dr-xr-xr-x. 62 root root 49152 Nov 1 13:41 .. lrwxrwxrwx. 1 root root 23 Nov 22 2022 libtpm2_pkcs11.so -> libtpm2_pkcs11.so.0.0.0 lrwxrwxrwx. 1 root root 23 Nov 22 2022 libtpm2_pkcs11.so.0 -> libtpm2_pkcs11.so.0.0.0 -rwxr-xr-x. 1 root root 245304 Nov 22 2022 libtpm2_pkcs11.so.0.0.0 -rwxr-xr-x. 1 root root 247568 Jan 11 2021 p11-kit-trust.so
But none of the 'p11tool' or the 'p11-kit' commands work. For example, doing a p11-kit list-modules shows these errors:
p11-kit list-modules
]$ p11-kit list-modules WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) p11-kit-trust: p11-kit-trust.so library-description: PKCS#11 Kit Trust Module library-manufacturer: PKCS#11 Kit library-version: 0.23 token: System Trust manufacturer: PKCS#11 Kit model: p11-kit-trust serial-number: 1 hardware-version: 0.23 flags: write-protected token-initialized token: Default Trust manufacturer: PKCS#11 Kit model: p11-kit-trust serial-number: 1 hardware-version: 0.23 flags: write-protected token-initialized tpm2_pkcs11: libtpm2_pkcs11.so library-description: TPM2.0 Cryptoki library-manufacturer: tpm2-software.github.io library-version: 0.0 token: manufacturer: STMicro model: serial-number: 0000000000000000 hardware-version: 1.38 firmware-version: 74.8 flags: rng login-required
Or, running the p11tool shows these errors:
p11tool
$ p11tool --list-all --provider /usr/lib64/pkcs11/libtpm2_pkcs11.so WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) No matching objects found
Any help would be greatly appreciated!
TIA.
Best, potequity
Hello, Running RHEL 8.6 on a Dell laptop with a STMicro TPM chip. I'm able to successfully initialize the TPM and create tokens and objects using the 'tpm2_ptool' command. I have the following variables set:
TPM2TOOLS_TCTI=device:/dev/tpmrm0 TPM2_PKCS11_TCTI=device:/dev/tpmrm0
I have the following packages installed:
tpm2-abrmd.x86_64 2.3.3-2.el8 @dvd-BaseOS-rhel8dot6 tpm2-abrmd-selinux.noarch 2.3.1-1.el8 @dvd-BaseOS-rhel8dot6 tpm2-pkcs11.x86_64 1.6.0-1.el8 @@commandline tpm2-pkcs11-tools.x86_64 1.6.0-1.el8 @@commandline tpm2-tools.x86_64 4.1.1-5.el8 @anaconda tpm2-tss.x86_64 2.3.2-4.el8 @anaconda p11-kit.x86_64 0.23.22-1.el8 @anaconda p11-kit-trust.x86_64 0.23.22-1.el8 @anaconda
Created the this file: /etc/pkcs11/modules/tpm2_pkcs11.module -rw-r--r--. 1 root root 39 Nov 1 16:23 /etc/pkcs11/modules/tpm2_pkcs11.module
Which has: module: libtpm2_pkcs11.so critical: no
Also, the TPM2 PKCS11 library is in this location:
ls -al /usr/lib64/pkcs11/
total 644 drwxr-xr-x. 2 root root 144 Nov 1 10:01 . dr-xr-xr-x. 62 root root 49152 Nov 1 13:41 .. lrwxrwxrwx. 1 root root 23 Nov 22 2022 libtpm2_pkcs11.so -> libtpm2_pkcs11.so.0.0.0 lrwxrwxrwx. 1 root root 23 Nov 22 2022 libtpm2_pkcs11.so.0 -> libtpm2_pkcs11.so.0.0.0 -rwxr-xr-x. 1 root root 245304 Nov 22 2022 libtpm2_pkcs11.so.0.0.0 -rwxr-xr-x. 1 root root 247568 Jan 11 2021 p11-kit-trust.so
But none of the 'p11tool' or the 'p11-kit' commands work. For example, doing a
p11-kit list-modulesshows these errors:]$ p11-kit list-modules WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) p11-kit-trust: p11-kit-trust.so library-description: PKCS#11 Kit Trust Module library-manufacturer: PKCS#11 Kit library-version: 0.23 token: System Trust manufacturer: PKCS#11 Kit model: p11-kit-trust serial-number: 1 hardware-version: 0.23 flags: write-protected token-initialized token: Default Trust manufacturer: PKCS#11 Kit model: p11-kit-trust serial-number: 1 hardware-version: 0.23 flags: write-protected token-initialized tpm2_pkcs11: libtpm2_pkcs11.so library-description: TPM2.0 Cryptoki library-manufacturer: tpm2-software.github.io library-version: 0.0 token: manufacturer: STMicro model: serial-number: 0000000000000000 hardware-version: 1.38 firmware-version: 74.8 flags: rng login-required
Or, running the
p11toolshows these errors:$ p11tool --list-all --provider /usr/lib64/pkcs11/libtpm2_pkcs11.so WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) No matching objects found
Any help would be greatly appreciated!
TIA.
Best, potequity