尝试清除芯片时出现TPM2.0错误

时间:2018-04-10 07:57:44

标签: tpm ubuntu-17.10

我在Ubuntu 17.10上发现了tpm2.0芯片。我在1.1.0版中使用了tpm2-tools软件包。 (我的笔记本电脑上有物理芯片)。但是,当我尝试清除芯片时,我遇到了错误。

$ tpm2_takeownership -c
Clear Failed ! ErrorCode: 0x921

我也推出了tpmtest,并且错误更多。

9 - DICTIONARY ATTACK LOCK RESET TEST
DICTIONARY ATTACK LOCK RESET TEST:
    passing case:   FAILED!  TPM Error: 0x921

16 - POLICY TESTS
POLICY TESTS:
Policy Test: PASSWORD
    passing case:   PASSED!
    passing case:   PASSED!
    passing case:   PASSED!
    passing case:   PASSED!
    passing case:   PASSED!
    passing case:   PASSED!
    passing case:   FAILED!  TPM Error: 0x9a2

24 - QUOTE CONTROL TESTS
QUOTE CONTROL TESTS:
    passing case:   FAILED!  TPM Error: 0x184

我在tpmclient中测试失败了。

$ tpmclient
[...]
STARTUP TESTS:
passing case:   PASSED!
passing case:   FAILED!  TPM Error: 0x100

我检查了resourcemgr服务是否已被充分激活。我在tpm(tpm2_create,tpm2_load,tpm2_rsaencrypt,tpm2_sign等等)上尝试了一些基本命令,然后就可以了。

这是tpm2_rc_decode的输出:

$ tpm2_rc_decode 0x921
error layer
  hex: 0x0
  identifier: TSS2_TPM_ERROR_LEVEL
  description: Error produced by the TPM
format 0 warning code
  hex: 0x21
  name: TPM_RC_LOCKOUT
  description: authorizations for objects subject to DA protection are not allowed at this time because the TPM is in DA lockout mode

$ tpm2_rc_decode 0x9a2
error layer
  hex: 0x0
  identifier: TSS2_TPM_ERROR_LEVEL
  description: Error produced by the TPM
format 1 error code
  hex: 0x22
  identifier: TPM_RC_BAD_AUTH
  description: authorization failure without DA implications
session
  hex: 0x100
  identifier: TPM_RC_1
  description:  (null) 

$ tpm2_rc_decode 0x184
error layer
  hex: 0x0
  identifier: TSS2_TPM_ERROR_LEVEL
  description: Error produced by the TPM
format 1 error code
  hex: 0x04
  identifier: TPM_RC_VALUE
  description: value is out of range or is not correct for the context
handle
  hex:0x100
  identifier:  TPM_RC_1
  description:  (null)

$ tpm2_rc_decode 0x100
error layer
  hex: 0x0
  identifier: TSS2_TPM_ERROR_LEVEL
  description: Error produced by the TPM
format 0 error code
  hex: 0x00
  name: TPM_RC_INITIALIZE
  description: TPM not initialized

我是tpm技术的新手,所以我想知道这些错误是来自tpm本身还是来自tpm2-tools软件包。谢谢你的帮助!

1 个答案:

答案 0 :(得分:0)

RC = 0x100确实不是100%错误。 我看一下tpm2-tss的来源。在他们的集成测试中,测试启动时会忽略该错误(并且只有该错误)(文件:test / integration / main-sapi.c test / integration / main-esapi.c)

此外,他们在标头中将错误描述为“ TPM未由TPM2_Startup初始化或已初始化”。因此,很可能您的错误只是初始化重复。

相关问题
最新问题