Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

systemd-cryptenroll fails due to policy digest mismatch #2386

Closed
kreeuwijk opened this issue Mar 25, 2024 · 11 comments
Closed

systemd-cryptenroll fails due to policy digest mismatch #2386

kreeuwijk opened this issue Mar 25, 2024 · 11 comments
Labels
bug Something isn't working uki verified

Comments

@kreeuwijk
Copy link

Kairos version:

PRETTY_NAME="Ubuntu 23.10"
NAME="Ubuntu"
VERSION_ID="23.10"
VERSION="23.10 (Mantic Minotaur)"
VERSION_CODENAME=mantic
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=mantic
LOGO=ubuntu-logo
KAIROS_TARGETARCH="amd64"
KAIROS_BUG_REPORT_URL="https://github.com/kairos-io/kairos/issues"
KAIROS_NAME="kairos-core-ubuntu-23.10"
KAIROS_ID_LIKE="kairos-core-ubuntu-23.10"
KAIROS_IMAGE_REPO="quay.io/kairos/ubuntu:23.10-core-amd64-generic-v3.0.1-15-g02ed6ce"
KAIROS_ARTIFACT="kairos-ubuntu-23.10-core-amd64-generic-v3.0.1-15-g02ed6ce"
KAIROS_FLAVOR="ubuntu"
KAIROS_MODEL="generic"
KAIROS_PRETTY_NAME="kairos-core-ubuntu-23.10 v3.0.1-15-g02ed6ce"
KAIROS_IMAGE_LABEL="23.10-core-amd64-generic-v3.0.1-15-g02ed6ce"
KAIROS_ID="kairos"
KAIROS_FLAVOR_RELEASE="23.10"
KAIROS_HOME_URL="https://github.com/kairos-io/kairos"
KAIROS_GITHUB_REPO="kairos-io/kairos"
KAIROS_VERSION="v3.0.1-15-g02ed6ce"
KAIROS_VERSION_ID="v3.0.1-15-g02ed6ce"
KAIROS_VARIANT="core"
KAIROS_RELEASE="v3.0.1-15-g02ed6ce"
KAIROS_REGISTRY_AND_ORG="quay.io/kairos"
KAIROS_SOFTWARE_VERSION_PREFIX="k3s"

KAIROS_NAME="kairos-core-ubuntu"
KAIROS_VERSION="v3.0.0"
KAIROS_ID="ubuntu"
KAIROS_ID_LIKE="kairos-core-ubuntu"
KAIROS_VERSION_ID="v3.0.0"
KAIROS_PRETTY_NAME="kairos-core-ubuntu v3.0.0"
KAIROS_BUG_REPORT_URL="https://github.com/spectrocloud/CanvOS/issues"
KAIROS_HOME_URL="https://github.com/spectrocloud/CanvOS"
KAIROS_IMAGE_REPO="spectrocloud/CanvOS"
KAIROS_IMAGE_LABEL="latest"
KAIROS_GITHUB_REPO=""
KAIROS_VARIANT="ubuntu"
KAIROS_FLAVOR="ubuntu"
KAIROS_ARTIFACT="kairos-core-ubuntu-v3.0.0"

CPU architecture, OS, and Version:

Linux edge-0727e70076d411e88be2548351533800 6.5.0-26-generic #26-Ubuntu SMP PREEMPT_DYNAMIC Tue Mar  5 21:19:28 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux

Describe the bug
When flashing the device after enrolling the secure boot keys, partition encryption fails to succeed, throwing the error

Current policy digest does not match stored policy digest, cancelling TPM2 authentication attempt.

To Reproduce

  1. Enroll secure boot keys
  2. Boot ISO from USB key, failure happens at the end

Expected behavior
Partition encryption succeeds normally.

Logs

# SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --tpm2-public-key=/run/systemd/tpm2-pcr-public-key.pem --tpm2-signature=/run/systemd/tpm2-pcr-signature.json --tpm2-device=auto /dev/nvme0n1p2
Allocating context for crypt device /dev/nvme0n1p2.
Trying to open and read device /dev/nvme0n1p2 with direct-io.
Initialising device-mapper backend library.
Trying to load LUKS2 crypt type from device /dev/nvme0n1p2.
Crypto backend (OpenSSL 3.0.10 1 Aug 2023 [default][legacy]) initialized in cryptsetup library version 2.6.1.
Detected kernel Linux 6.5.0-26-generic x86_64.
Loading LUKS2 header (repair disabled).
Acquiring read lock for device /dev/nvme0n1p2.
Opening lock resource file /run/cryptsetup/L_259:5
Verifying lock handle for /dev/nvme0n1p2.
Device /dev/nvme0n1p2 READ lock taken.
Trying to read primary LUKS2 header at offset 0x0.
Opening locked device /dev/nvme0n1p2
Verifying locked device handle (bdev)
LUKS2 header version 2 of size 16384 bytes, checksum sha256.
Checksum:26737c944c9744549b8b548273572d249070941a09572a3b16ffe9ff43f27e1e (on-disk)
Checksum:26737c944c9744549b8b548273572d249070941a09572a3b16ffe9ff43f27e1e (in-memory)
Trying to read secondary LUKS2 header at offset 0x4000.
Reusing open ro fd on device /dev/nvme0n1p2
LUKS2 header version 2 of size 16384 bytes, checksum sha256.
Checksum:57f7c900183ec6b29aea9cb9af5b4ed8c20d0c2e9e3346c4e6081293b17faee9 (on-disk)
Checksum:57f7c900183ec6b29aea9cb9af5b4ed8c20d0c2e9e3346c4e6081293b17faee9 (in-memory)
Device size 67108864, offset 16777216.
Device /dev/nvme0n1p2 READ lock released.
PBKDF argon2id, time_ms 2000 (iterations 0), max_memory_kb 1048576, parallel_threads 4.
Requesting JSON for token 0.
Requesting JSON for token 1.
Requesting JSON for token 2.
Requesting JSON for token 3.
Requesting JSON for token 4.
Requesting JSON for token 5.
Requesting JSON for token 6.
Requesting JSON for token 7.
Requesting JSON for token 8.
Requesting JSON for token 9.
Requesting JSON for token 10.
Requesting JSON for token 11.
Requesting JSON for token 12.
Requesting JSON for token 13.
Requesting JSON for token 14.
Requesting JSON for token 15.
Requesting JSON for token 16.
Requesting JSON for token 17.
Requesting JSON for token 18.
Requesting JSON for token 19.
Requesting JSON for token 20.
Requesting JSON for token 21.
Requesting JSON for token 22.
Requesting JSON for token 23.
Requesting JSON for token 24.
Requesting JSON for token 25.
Requesting JSON for token 26.
Requesting JSON for token 27.
Requesting JSON for token 28.
Requesting JSON for token 29.
Requesting JSON for token 30.
Requesting JSON for token 31.
🔐 Please enter current passphrase for disk /dev/nvme0n1p2: *********Failed to adjust kernel keyring key timeout: Permission denied
Added key to kernel keyring as 829700873.

Keyslot 0 priority 1 != 2 (required), skipped.
Trying to open LUKS2 keyslot 0.
Running keyslot key derivation.
Reading keyslot area [0x8000].
Acquiring read lock for device /dev/nvme0n1p2.
Opening lock resource file /run/cryptsetup/L_259:5
Verifying lock handle for /dev/nvme0n1p2.
Device /dev/nvme0n1p2 READ lock taken.
Reusing open ro fd on device /dev/nvme0n1p2
Device /dev/nvme0n1p2 READ lock released.
Verifying key from keyslot 0, digest 0.
Using TPM2 TCTI driver 'device' with device '/dev/tpmrm0'.
Loaded TCTI module 'tcti-device' (TCTI module for communication with Linux kernel interface.) [Version 2]
TPM successfully started up.
Creating primary key on TPM.
Successfully created ECC primary key on TPM.
Generating primary key on TPM2 took 241ms.
Starting HMAC encryption session.
Starting authentication session.
PCR 7 value: 3a79e6e678cbc9bd0aefe3d91df5f27d2d034c1c
PCR 11 value: 780ab8bb552a00651b701ce644fb4b3a781135c8
PCR 7 value: c3f2413617308bd087135b4cfba38147a4da1f5fb35ac8cba4fd96b46dc782a3
PCR 11 value: 75f7e5e6b21b6950f5fb847b0c167b5336d8d4325762cae0b5585ce94f0442f1
TPM2 device supports SHA256 PCR bank and SHA256 PCRs are valid, yay!
Configuring public key based PCR policy.
Configuring hash-based PCR policy.
Acquiring policy digest.
Session policy digest: c10a46c6c88f8e13674fe3a969f69092d861a00ddb71d29d81aee6d17a5a3709
Not adding TPM2 entropy to the kernel random pool again.
Generating secret key data.
Creating HMAC key.
Marshalling private and public part of HMAC key.
Completed TPM2 key sealing in 5.265503s.
Requesting JSON for token 0.
Requesting JSON for token 1.
Requesting JSON for token 2.
Requesting JSON for token 3.
Requesting JSON for token 4.
Requesting JSON for token 5.
Requesting JSON for token 6.
Requesting JSON for token 7.
Requesting JSON for token 8.
Requesting JSON for token 9.
Requesting JSON for token 10.
Requesting JSON for token 11.
Requesting JSON for token 12.
Requesting JSON for token 13.
Requesting JSON for token 14.
Requesting JSON for token 15.
Requesting JSON for token 16.
Requesting JSON for token 17.
Requesting JSON for token 18.
Requesting JSON for token 19.
Requesting JSON for token 20.
Requesting JSON for token 21.
Requesting JSON for token 22.
Requesting JSON for token 23.
Requesting JSON for token 24.
Requesting JSON for token 25.
Requesting JSON for token 26.
Requesting JSON for token 27.
Requesting JSON for token 28.
Requesting JSON for token 29.
Requesting JSON for token 30.
Requesting JSON for token 31.
PCR policy hash not yet enrolled, enrolling now.
Unsealing for verification...
Unmarshalling private part of HMAC key.
Unmarshalling public part of HMAC key.
Using TPM2 TCTI driver 'device' with device '/dev/tpmrm0'.
Loaded TCTI module 'tcti-device' (TCTI module for communication with Linux kernel interface.) [Version 2]
TPM successfully started up.
Creating primary key on TPM.
Successfully created ECC primary key on TPM.
Generating primary key on TPM2 took 240ms.
Loading HMAC key into TPM.
Starting HMAC encryption session.
Starting authentication session.
PCR 7 value: c3f2413617308bd087135b4cfba38147a4da1f5fb35ac8cba4fd96b46dc782a3
PCR 11 value: 75f7e5e6b21b6950f5fb847b0c167b5336d8d4325762cae0b5585ce94f0442f1
Configuring public key based PCR policy.
Configuring hash-based PCR policy.
Acquiring policy digest.
Session policy digest: 9dbb5158fffe341048cfe48aeb3d70997226c81cc6c025167d945b83f9367219
Current policy digest does not match stored policy digest, cancelling TPM2 authentication attempt.
Releasing crypt device /dev/nvme0n1p2 context.
Releasing device-mapper backend.
Closing read only fd for /dev/nvme0n1p2.

Additional context
Using a Lenovo ThinkCentre M910q
@kreeuwijk kreeuwijk added bug Something isn't working triage Add this label to issues that should be triaged and prioretized in the next planning call unconfirmed labels Mar 25, 2024
@mauromorales mauromorales removed the triage Add this label to issues that should be triaged and prioretized in the next planning call label Mar 25, 2024
@mudler
Copy link
Member

mudler commented Mar 25, 2024

@kreeuwijk with which version of the osbuilder image the keys were generated with?

@kreeuwijk
Copy link
Author

@mudler quay.io/kairos/osbuilder-tools:v0.200.8

@kreeuwijk
Copy link
Author 

         +uki-genkey | [----------] 100% FROM quay.io/kairos/osbuilder-tools:v0.200.8
         +uki-genkey | ARCH=amd64 BASE_IMAGE=quay.io/kairos/ubuntu:23.10-core-amd64-generic-master-uki CUSTOM_TAG=dwx-edge-tb HTTPS_PROXY= HTTP_PROXY= IMAGE_REGISTRY=harbor.dreamworx.nl/library IMAGE_REPO=ubuntu ISO_NAME=palette-edge-installer IS_UKI=true K8S_DISTRIBUTION=rke2 MY_ORG=Dreamworx OS_DISTRIBUTION=ubuntu OS_VERSION=23.10 PE_VERSION=v0.0.0-b4757928 PLATFORM=linux/amd64 PROXY_CERT_PATH= STYLUS_BASE=gcr.io/spectro-dev-public/stylus-framework-linux-amd64:v0.0.0-b4757928 UPDATE_KERNEL=false
         +uki-genkey | --> RUN /entrypoint.sh genkey "$MY_ORG" -o /keys
         +uki-genkey | + enki --config-dir /config genkey Dreamworx -o /keys
         +uki-genkey | INFO[2024-03-23T13:52:52Z] Starting enki version v0.0.25
         +uki-genkey | INFO[2024-03-23T13:52:52Z] Generating PK
         +uki-genkey | INFO[2024-03-23T13:52:52Z] PK generated at /keys/PK.key and /keys/PK.pem
         +uki-genkey | INFO[2024-03-23T13:52:52Z] Converting PK.pem to DER
         +uki-genkey | INFO[2024-03-23T13:52:52Z] PK generated at /keys/PK.der
         +uki-genkey | INFO[2024-03-23T13:52:52Z] Generating KEK
         +uki-genkey | INFO[2024-03-23T13:52:52Z] KEK generated at /keys/KEK.key and /keys/KEK.pem
         +uki-genkey | INFO[2024-03-23T13:52:52Z] Converting KEK.pem to DER
         +uki-genkey | INFO[2024-03-23T13:52:52Z] KEK generated at /keys/KEK.der
         +uki-genkey | INFO[2024-03-23T13:52:52Z] Generating db
         +uki-genkey | INFO[2024-03-23T13:52:52Z] db generated at /keys/db.key and /keys/db.pem
         +uki-genkey | INFO[2024-03-23T13:52:52Z] Converting db.pem to DER
         +uki-genkey | INFO[2024-03-23T13:52:52Z] db generated at /keys/db.der
         +uki-genkey | INFO[2024-03-23T13:52:52Z] Generating policy encryption key
         +uki-genkey | ARCH=amd64 BASE_IMAGE=quay.io/kairos/ubuntu:23.10-core-amd64-generic-master-uki CUSTOM_TAG=dwx-edge-tb HTTPS_PROXY= HTTP_PROXY= IMAGE_REGISTRY=harbor.dreamworx.nl/library IMAGE_REPO=ubuntu ISO_NAME=palette-edge-installer IS_UKI=true K8S_DISTRIBUTION=rke2 MY_ORG=Dreamworx OS_DISTRIBUTION=ubuntu OS_VERSION=23.10 PE_VERSION=v0.0.0-b4757928 PLATFORM=linux/amd64 PROXY_CERT_PATH= STYLUS_BASE=gcr.io/spectro-dev-public/stylus-framework-linux-amd64:v0.0.0-b4757928 UPDATE_KERNEL=false
         +uki-genkey | --> SAVE ARTIFACT /keys +uki-genkey/keys AS LOCAL ./
              output | --> exporting outputs
              output | sent 1 file stat)
              output | [----------] 100% exporting outputs

@jimmykarily
Copy link
Contributor

Relevant? systemd/systemd#31925

@mudler mudler added triage Add this label to issues that should be triaged and prioretized in the next planning call and removed triage Add this label to issues that should be triaged and prioretized in the next planning call labels Mar 27, 2024
@Itxaka
Copy link
Member

Itxaka commented Mar 27, 2024

a working manual enrollment

 SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --tpm2-public-key=
/run/systemd/tpm2-pcr-public-key.pem --tpm2-signature=/run/systemd/tpm2-pcr-sign
ature.json --tpm2-device=auto /dev/sda2
Allocating context for crypt device /dev/sda2.
Trying to open and read device /dev/sda2 with direct-io.
Initialising device-mapper backend library.
Trying to load LUKS2 crypt type from device /dev/sda2.
Crypto backend (OpenSSL 3.0.10 1 Aug 2023 [default][legacy]) initialized in cryp
tsetup library version 2.6.1.
Detected kernel Linux 6.5.0-26-generic x86_64.
Loading LUKS2 header (repair disabled).
Acquiring read lock for device /dev/sda2.
Opening lock resource file /run/cryptsetup/L_8:2
Verifying lock handle for /dev/sda2.
Device /dev/sda2 READ lock taken.
Trying to read primary LUKS2 header at offset 0x0.
Opening locked device /dev/sda2
Verifying locked device handle (bdev)
LUKS2 header version 2 of size 16384 bytes, checksum sha256.
Checksum:804f40ff03ae143703a5a837f9d58bf93fac89e869cb89a7dc3a9066a545830b (on-di
sk)
Checksum:804f40ff03ae143703a5a837f9d58bf93fac89e869cb89a7dc3a9066a545830b (in-me
mory)
Trying to read secondary LUKS2 header at offset 0x4000.
Reusing open ro fd on device /dev/sda2
LUKS2 header version 2 of size 16384 bytes, checksum sha256.
Checksum:4f251ce77268c3d0cb847bfeae0d8ec63ee760a02efe94f5c4c7da97ff6d9d31 (on-di
sk)
Checksum:4f251ce77268c3d0cb847bfeae0d8ec63ee760a02efe94f5c4c7da97ff6d9d31 (in-me
mory)
Device size 67108864, offset 16777216.
Device /dev/sda2 READ lock released.
Only 1 active CPUs detected, PBKDF threads decreased from 4 to 1.
Not enough physical memory detected, PBKDF max memory decreased from 1048576kB t
o 590918kB.
PBKDF argon2id, time_ms 2000 (iterations 0), max_memory_kb 590918, parallel_thre
ads 1.
Requesting JSON for token 0.
Requesting JSON for token 1.
Requesting JSON for token 2.
Requesting JSON for token 3.
Requesting JSON for token 4.
Requesting JSON for token 5.
Requesting JSON for token 6.
Requesting JSON for token 7.
Requesting JSON for token 8.
Requesting JSON for token 9.
Requesting JSON for token 10.
Requesting JSON for token 11.
Requesting JSON for token 12.
Requesting JSON for token 13.
Requesting JSON for token 14.
Requesting JSON for token 15.
Requesting JSON for token 16.
Requesting JSON for token 17.
Requesting JSON for token 18.
Requesting JSON for token 19.
Requesting JSON for token 20.
Requesting JSON for token 21.
Requesting JSON for token 22.
Requesting JSON for token 23.
Requesting JSON for token 24.
Requesting JSON for token 25.
Requesting JSON for token 26.
Requesting JSON for token 27.
Requesting JSON for token 28.
Requesting JSON for token 29.
Requesting JSON for token 30.
Requesting JSON for token 31.
🔐  Please enter current passphrase for disk /dev/sda2: ****Added key to kernel k
eyring as 411928511.

Keyslot 0 priority 1 != 2 (required), skipped.
Trying to open LUKS2 keyslot 0.
Running keyslot key derivation.
Reading keyslot area [0x8000].
Acquiring read lock for device /dev/sda2.
Opening lock resource file /run/cryptsetup/L_8:2
Verifying lock handle for /dev/sda2.
Device /dev/sda2 READ lock taken.
Reusing open ro fd on device /dev/sda2
Device /dev/sda2 READ lock released.
Verifying key from keyslot 0, digest 0.
Using TPM2 TCTI driver 'device' with device '/dev/tpmrm0'.
Loaded TCTI module 'tcti-device' (TCTI module for communication with Linux kerne
l interface.) [Version 2]
TPM successfully started up.
Creating primary key on TPM.
Successfully created ECC primary key on TPM.
Generating primary key on TPM2 took 9ms.
Starting HMAC encryption session.
Starting authentication session.
PCR 7 value: 1fca8b423567e18e2cf3af35fd495b2d214e0179
PCR 11 value: 0382cfb2ad8d8313f4f0ffab8be7226facb88156
PCR 7 value: dd56d208848618081a712a9fe9a0d4b12fb48c93fea54e2df8dd7bfd7348289c
PCR 11 value: e11dbc399fbd46fcce5b48590bbab8f43a129a2dc9759ae46109e0d9a0f75b3b
TPM2 device supports SHA256 PCR bank and SHA256 PCRs are valid, yay!
Configuring public key based PCR policy.
Configuring hash-based PCR policy.
Acquiring policy digest.
Session policy digest: 0e97263a1de6e1c06c6b0016ad0ab5d7a36d4c01c30f2bb7d05d557be
e866bcb
Not adding TPM2 entropy to the kernel random pool again.
Generating secret key data.
Creating HMAC key.
Marshalling private and public part of HMAC key.
Completed TPM2 key sealing in 306.549ms.
Requesting JSON for token 0.
Requesting JSON for token 1.
Requesting JSON for token 2.
Requesting JSON for token 3.
Requesting JSON for token 4.
Requesting JSON for token 5.
Requesting JSON for token 6.
Requesting JSON for token 7.
Requesting JSON for token 8.
Requesting JSON for token 9.
Requesting JSON for token 10.
Requesting JSON for token 11.
Requesting JSON for token 12.
Requesting JSON for token 13.
Requesting JSON for token 14.
Requesting JSON for token 15.
Requesting JSON for token 16.
Requesting JSON for token 17.
Requesting JSON for token 18.
Requesting JSON for token 19.
Requesting JSON for token 20.
Requesting JSON for token 21.
Requesting JSON for token 22.
Requesting JSON for token 23.
Requesting JSON for token 24.
Requesting JSON for token 25.
Requesting JSON for token 26.
Requesting JSON for token 27.
Requesting JSON for token 28.
Requesting JSON for token 29.
Requesting JSON for token 30.
Requesting JSON for token 31.
PCR policy hash not yet enrolled, enrolling now.
Unsealing for verification...
Unmarshalling private part of HMAC key.
Unmarshalling public part of HMAC key.
Using TPM2 TCTI driver 'device' with device '/dev/tpmrm0'.
Loaded TCTI module 'tcti-device' (TCTI module for communication with Linux kerne
l interface.) [Version 2]
TPM successfully started up.
Creating primary key on TPM.
Successfully created ECC primary key on TPM.
Generating primary key on TPM2 took 10ms.
Loading HMAC key into TPM.
Starting HMAC encryption session.
Starting authentication session.
PCR 7 value: dd56d208848618081a712a9fe9a0d4b12fb48c93fea54e2df8dd7bfd7348289c
PCR 11 value: e11dbc399fbd46fcce5b48590bbab8f43a129a2dc9759ae46109e0d9a0f75b3b
Configuring public key based PCR policy.
Configuring hash-based PCR policy.
Acquiring policy digest.
Session policy digest: 0e97263a1de6e1c06c6b0016ad0ab5d7a36d4c01c30f2bb7d05d557be
e866bcb
Unsealing HMAC key.
Completed TPM2 key unsealing in 376.500ms.
PBKDF pbkdf2-sha512, time_ms 0 (iterations 1000).
Adding new keyslot -1 by passphrase, volume key provided by key (-1).
Selected keyslot 1.
Keyslot 1 assigned to digest 0.
Trying to allocate LUKS2 keyslot 1.
Found area 290816 -> 548864
Reusing PBKDF values (no benchmark flag is set).
Calculating attributes for LUKS2 keyslot 1.
Acquiring write lock for device /dev/sda2.
Opening lock resource file /run/cryptsetup/L_8:2
Verifying lock handle for /dev/sda2.
Device /dev/sda2 WRITE lock taken.
Checking context sequence id matches value stored on disk.
Reusing open ro fd on device /dev/sda2
Running keyslot key derivation.
Updating keyslot area [0x47000].
Opening locked device /dev/sda2
Verifying locked device handle (bdev)
Device size 67108864, offset 16777216.
Device /dev/sda2 WRITE lock already held.
Trying to write LUKS2 header (16384 bytes) at offset 0.
Reusing open rw fd on device /dev/sda2
Checksum:4527a045157b1fdc386ebf10661200b803e2b2998fd5ca02c6a89c22049b1596 (in-me
mory)
Trying to write LUKS2 header (16384 bytes) at offset 16384.
Reusing open rw fd on device /dev/sda2
Checksum:8b6547aff5a50dfcf24ff7b6013d4e44dbceb9f7b3dd97452ee3dc6838beaea6 (in-me
mory)
Device /dev/sda2 WRITE lock released.
Adding token text <{"type":"systemd-tpm2","keyslots":["1"],"tpm2-blob":"AJ4AIIUl
NPOLPicxsgJKzzwo/6OIZslOiZTo34Y8Y3R31wrLABC5WBMXDtSMmZnv8YsVVbqXG7d0n93Bjfl1b1WL
3szFp7wPImR5pIv5fz51jueEPJvRfJJGrC+m9tMFnmK87ukw2oohgshQg+oEkt6qKbK59RJ0Ikm6NWqB
Y5FLNS9+r1vVRWXTVU4s3a2wHPP+ESjHx6cTFONx2a5+wwBOAAgACwAAABIAIA6XJjod5uHAbGsAFq0K
tdejbUwBww8rt9BdVXvuhmvLABAAIKpW7srDiQoqyH+OjRNqpMK7xrWD/rvS9w2J6yFf4yqR","tpm2-
pcrs":[7],"tpm2-pcr-bank":"sha256","tpm2-primary-alg":"ecc","tpm2-policy-hash":"
0e97263a1de6e1c06c6b0016ad0ab5d7a36d4c01c30f2bb7d05d557bee866bcb","tpm2-pin":fal
se,"tpm2_pubkey_pcrs":[11],"tpm2_pubkey":"LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTU
lJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF5dDBOTWZFNlBJMUtDTXA2Tn
pnWgpPeVovTjNabFB6N3Zic3FiL29lV1pUd0tvTEZDZldsV0tseXBjNG90NFJUbXJoMUQ3Yzl0ZCtad3
ArWVpya0RGCkVwS3JueVhhenBZOHRva3Y2WmgwdFpMVFpudno2VXpiN0t3TmdRNUsydlg3a2FvNFRBZD
dBWUhwYUN0SU9IdEkKSlZoOC9mbXRDOEIxR2VWc215TVJPSU9tK0l5UU8rVnN2ekMzTWJVOW14bDJCR0
NzQUN4UCs5TWR1ZklMTWxZOQozdy82REpLc0xFMmxUWVE1U1YrdDdMNzlraG84b0xQc2k5dTRBTFdFMG
FvRzZLVkIxNTVBS2tDOW9uNE14aDZ4Clc5YjdWM1VtWEVlZ0hnKzRpVE9uQVkrdDFaWWhJOGU2WEpGNU
s2bXoyY2wzbFE5QU5hVVAvUzladDVkME1PQzYKV1FJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS
0tCg=="}>
Updating JSON for token -1.
Trying to load /lib/x86_64-linux-gnu/cryptsetup/libcryptsetup-token-systemd-tpm2
.so.
Loading symbol cryptsetup_token_open@CRYPTSETUP_TOKEN_1.0.
Loading symbol cryptsetup_token_buffer_free@CRYPTSETUP_TOKEN_1.0.
Loading symbol cryptsetup_token_validate@CRYPTSETUP_TOKEN_1.0.
Loading symbol cryptsetup_token_dump@CRYPTSETUP_TOKEN_1.0.
Loading symbol cryptsetup_token_open_pin@CRYPTSETUP_TOKEN_1.0.
Loading symbol cryptsetup_token_version@CRYPTSETUP_TOKEN_1.0.
Token handler systemd-tpm2-1.0 systemd-v253 (253.5-1ubuntu6.1) loaded successful
ly.
Device size 67108864, offset 16777216.
Acquiring write lock for device /dev/sda2.
Opening lock resource file /run/cryptsetup/L_8:2
Verifying lock handle for /dev/sda2.
Device /dev/sda2 WRITE lock taken.
Checking context sequence id matches value stored on disk.
Reusing open ro fd on device /dev/sda2
Trying to write LUKS2 header (16384 bytes) at offset 0.
Reusing open rw fd on device /dev/sda2
Checksum:da398008d7339ccc1f30eb9632c2ffbb1dfbddff470f6db9d598a75ef31bed2d (in-me
mory)
Trying to write LUKS2 header (16384 bytes) at offset 16384.
Reusing open rw fd on device /dev/sda2
Checksum:5ad308a55f4405bb43516ae07ee6ce7a6a46488e149528846242d7a0aaeeae2a (in-me
mory)
Device /dev/sda2 WRITE lock released.
New TPM2 token enrolled as key slot 1.
Releasing crypt device /dev/sda2 context.
Releasing device-mapper backend.
Closing read only fd for /dev/sda2.
Closing read write fd for /dev/sda2.
Unloading systemd-tpm2 token handler.

@Itxaka
Copy link
Member

Itxaka commented Apr 5, 2024

Opened upstream to see if systemd folks can guide us on the core issue on this: systemd/systemd#32114

@Itxaka
Copy link
Member

Itxaka commented Apr 5, 2024 

systemd v253 used trial mode to compute the policy digest for signed PCR policies. Trial mode is known to be bugged on some TPM implementations, at least according to one [comment in the code](https://github.com/systemd/systemd/blob/v253/src/shared/tpm2-util.c?rgh-link-date=2024-04-05T09%3A30%3A46Z#L1113-L1121).

Almost the entire TPM code was rewritten in systemd v254, amongst which, trial mode is no longer used.

If we test with a fedora 39 based build and it works then we know this was the original issue. Otherwise we reopen the upstream issue.

@kreeuwijk
Copy link
Author

It indeed works with Fedora 39, thanks for clarifying.

@Itxaka
Copy link
Member

Itxaka commented Apr 6, 2024

Then closing this as there is not much that we can do if the TPM hardware doesnt preoperly work with systemd 253 other than wait for ubuntu 24.04/10?

@Itxaka Itxaka closed this as completed Apr 6, 2024
@github-project-automation github-project-automation bot moved this from Todo 🖊 to Done ✅ in 🧙Issue tracking board Apr 6, 2024
@jimmykarily
Copy link
Contributor

Created tickets to bump Ubuntu and Fedora to latest versions:

Let's see what versions of systemd they come with.

@kreeuwijk
Copy link
Author

It look like Ubuntu 24.04 will have Systemd v255, so that's unexpected good news
https://blueprints.launchpad.net/ubuntu/noble/amd64/systemd

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working uki verified
Projects
🧙Issue tracking board
Archived in project
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mauromorales @Itxaka @mudler @jimmykarily @kreeuwijk