Bug 1664499

Summary: [Lenovo 8.1 FEAT] tpm2-abrmd - Update the to latest upstream version
Product: Red Hat Enterprise Linux 8 Reporter: xiaochun lee <lixc17>
Component: tpm2-abrmdAssignee: Jerry Snitselaar <jsnitsel>
Status: CLOSED ERRATA QA Contact: Vilém Maršík <vmarsik>
Severity: high Docs Contact:
Priority: unspecified    
Version: 8.1CC: hwkernel-mgr, lixc17, smeisner
Target Milestone: alphaKeywords: FutureFeature, Rebase
Target Release: 8.1   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-05 21:27:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1682416    
Bug Blocks: 1613899, 1615852, 1645798, 1654309, 1701002, 1710589    

Description xiaochun lee 2019-01-09 02:35:03 UTC 
1. Feature Overview:
a) Name of feature:
tpm2-abrmd - Update to latest version
b) Feature Description:
Access Broker and Resources Manager daemon for TPM 2.0
2. Feature Details:
a) Architectures:
64-bit Intel EM64T/AMD64
b) Bugzilla Dependencies:
c) Drivers or hardware dependencies:
TPM 2.0 chipset
d) Upstream acceptance information:
e) External links:
https://github.com/intel/tpm2-abrmd
f) Severity (H,M,L):
High
g) Feature Needed by:
RHEL8.1 alpha version
3. Business Justification: (Some partners prefer to include this information in Comment #1, so it can be made private if the bug is opened to other partners.)
a) Why is this feature needed?
tpm2-tools dependency 
b) What hardware does this enable?
TPM 2.0 chipset
c) Is this hardware on-board in a system (eg, LOM) or an add-on card?
d) Business impact?
All Lenovo platform need this.
e) Other business drivers:

4. Primary contact at Red Hat, email, phone (chat)
Monte Knutson
mknutson 
office: 919-890-8413 

5. Primary contact at Partner, email, phone (chat)
Xiaochun Lee
lixc17
+8618610686857
Comment 3 Vilém Maršík 2019-07-19 20:09:28 UTC 
We ship tpm2-abrmd-2.1.1 , that was released by upstream in March 2019. This is newer than the latest version requested in the time when this bug was created.
 
TPM2 tests succeeded on Red Hat Enterprise Linux release 8.1 Beta (Ootpa) with kernel 4.18.0-117.el8.x86_64, tpm2-tools-3.1.4-5.el8.x86_64, tpm2-tss-2.0.0-5.el8.x86_64, tpm2-abrmd-2.1.1-3.el8.x86_64, and tpm2-abrmd-selinux-2.0.0-3.el8.noarch :

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   TEST PROTOCOL
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

    Package       : crypto
    beakerlib RPM : beakerlib-1.18-6.el8bkr.noarch
    Test name     : /kernel/crypto/tpm/tpm2
    Test version  : 0.1-2
    Test built    : 2018-09-07 12:22:40 EDT
    Test started  : 2019-07-19 15:27:28 EDT
    Test finished : 2019-07-19 15:27:32 EDT (still running)
    Test duration : 4 seconds
    Distro        : Red Hat Enterprise Linux release 8.1 Beta (Ootpa)
    Hostname      : lenovo-sr650-02.lab.eng.rdu2.redhat.com
    Architecture  : x86_64
    CPUs          : 48 x Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz
    RAM size      : 63798 MB
    HDD size      : 1450.78 GB

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Test description
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Runs different tpm2-tools tests against a TPM2 HW.


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Setup
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 15:27:29 ] :: [   PASS   ] :: starting tpm2-abrmd (Expected 0, got 0)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Duration: 1s
::   Assertions: 1 good, 0 bad
::   RESULT: PASS (Setup)


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Presence
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 15:27:31 ] :: [   PASS   ] :: Command 'tpm2_pcrlist' (Expected 0, got 0)
:: [ 15:27:31 ] :: [   PASS   ] :: 24 PCRS (Assert: "48" should be >= "24")
:: [ 15:27:31 ] :: [   PASS   ] :: File /dev/tpm0 should exist
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Duration: 1s
::   Assertions: 3 good, 0 bad
::   RESULT: PASS (Presence)


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Functionality
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 15:27:31 ] :: [   PASS   ] :: Command 'tpm2_nvlist' (Expected 0, got 0)
:: [ 15:27:31 ] :: [   PASS   ] :: random number generator (Expected 0, got 0)
:: [ 15:27:31 ] :: [   PASS   ] :: random number count (Assert: '20' should equal '20')
:: [ 15:27:31 ] :: [   PASS   ] :: hashing (Expected 0, got 0)
:: [ 15:27:31 ] :: [   PASS   ] :: extending PCR (Expected 0, got 0)
:: [ 15:27:31 ] :: [   PASS   ] :: PCR value changed (Assert: "  4  : b2a83b0ebf2f8374299a5b2bdfc31ea955ad7236" should not equal "  4  : a84a7c9530a8c4d4a5852d6263d0e8ec1633fb01")
:: [ 15:27:31 ] :: [   PASS   ] :: tpm2_rc_decode 0x9a2 -> BAD_AUTH (Assert: '1' should equal '1')
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Duration: 0s
::   Assertions: 7 good, 0 bad
::   RESULT: PASS (Functionality)


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Data RW
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Duration: 0s
::   Assertions: 0 good, 0 bad
::   RESULT: PASS (Data RW)


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Cleanup
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Duration: 0s
::   Assertions: 0 good, 0 bad
::   RESULT: PASS (Cleanup)


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   /kernel/crypto/tpm/tpm2
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 15:27:32 ] :: [   LOG    ] :: JOURNAL XML: /var/tmp/beakerlib-SJHxZc4/journal.xml
:: [ 15:27:32 ] :: [   LOG    ] :: JOURNAL TXT: /var/tmp/beakerlib-SJHxZc4/journal.txt
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Duration: 4s
::   Phases: 5 good, 0 bad
::   OVERALL RESULT: PASS (/kernel/crypto/tpm/tpm2)

It looks that at least the basic functionality is working. Setting verified.
Comment 5 errata-xmlrpc 2019-11-05 21:27:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:3512