-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resource manager failed to start - NUC7i7-BNH #509
Comments
It should work with a firmware TPM2.0. I wonder if this is a permission issue on /dev/tpm0. What are the permissions on /dev/tpm0? |
tpm device is not listed in the dev folder. i.e ls /dev/tp* doesn't give result Below is error I recieved $ systemctl status tpm2-abrmd.service Jul 27 14:24:25 intel-desktop systemd[1]: Failed to start TPM2 Access Broker and Resource Management Daemon. |
@karimulla1993 first: update kernel to get tpm2 support, there is none in Ubuntu 16.04 base kernel if I recall correctly, at least /dev/tpmrm0 support was added in much later kernels. Perform e.g. second: if above did not help at all, review BIOS and ensure TPM related options are enabled. |
Thanks, Now I was able to locate the device in /dev/tpm0 was successfully able to start the abrmd service. |
@karimulla1993 I think tpm2_takeownership -c is supposed to work on a fresh device. Getting more verbose information:
Alternative way of running tpm2_tools, without abrmd:
|
Tried as below and getting error And also tried changing the cmd to rectify above and still ended up getting error Tried same command after changing permissions for tpm0 and tpmrm0 to 777 (just in case if that is the issue), ended up with a different error code Also tried clearing the TPM from BIOS menu as mentioned in the NUC data sheet by removing jumper but the issue still persists |
Okay so 0x98e means the authorization failed. I think maybe that means the tpm might be initialised with a password other than the well known secret. Perhaps you successfully took ownership of it before with a password, so the TPM now expects your password instead of the well known secret? 0x921 appears to mean you've tried too many times, TPM is now in lockdown mode and needs to rest a few hours before more attempts are accepted. Ways forward:
|
Also, use tpm2_getcap to learn about how the TPM lockout works on the particular TPM. I'm not 100% how to unlock a locked TPM, I think you have to wait until the lockout releases and then provide the unlock password with |
-----Original Message-----
From: karimulla1993 ***@***.***
Sent: Wednesday, August 1, 2018 4:09 AM
To: tpm2-software/tpm2-abrmd ***@***.***>
Cc: Roberts, William C ***@***.***>; Comment
***@***.***>
Subject: Re: [tpm2-software/tpm2-abrmd] Resource manager failed to start -
NUC7i7-BNH (#509)
Tried as below and getting error
$ tpm2_takeownership -c --tcti device:/dev/tpmrm0 invalid TCTI, see --help
Can you run help, perhaps it's not finding the device tcti shared library, are you on master or
An older release?
…
And also tried changing the cmd to rectify above and still ended up getting error $
tpm2_takeownership -c -d:/dev/tpmrm0
ERROR: Clearing Failed! TPM error code: 0x98e
Tried same command after changing permissions for tpm0 and tpmrm0 to 777
(just in case if that is the issue), ended up with a different error code
ERROR: Clearing Failed! TPM error code: 0x921
Also tried clearing the TPM from BIOS menu as mentioned in the NUC data sheet
by removing jumper but the issue still persists
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub <https://github.com/tpm2-
software/tpm2-abrmd/issues/509#issuecomment-409538989> , or mute the
thread <https://github.com/notifications/unsubscribe-auth/AQ7bB-
il5oONSiAM3oWcGSUHz9TfDAbRks5uMYxogaJpZM4VjZtK> .
<https://github.com/notifications/beacon/AQ7bB79yw955r3LWOAyjrYN-
5Y6NUcYJks5uMYxogaJpZM4VjZtK.gif>
|
Getting the following error on running command below, after performing following steps:
couldn't understand what is the exact issue in setting password after clearing the TPM. |
Sorry for doing this but it looks like the issue initially brought up here has been resolved by a kernel upgrade on the platform. The discussion has devolved into an issue with setting authorization values and this should take place on the mailing list or possibly in the tools issue tracker. AFAIK the tabrmd is no longer involved and this thread should be closed. |
Hi , I have an NUC717-BNH mini pC which has the fTPM(firmware TPM2.0) . I have installed the tpm2-tss, tpm2-abrmd and tpm2-tools . Where I try to start the rm service using sudo service tpm2-abrmd start , I get an could not Connect error and something related to com.intel.tss2.Tabrmd . Does these tools support the fTPM ?.
I am using Ubuntu 16.04 and i see there is no device /dev/tpm0
The text was updated successfully, but these errors were encountered: