Bug 1854774
| Summary: | [Lenovo 8.4 FEAT] tpm2-tools - Update with latest bug fixes | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Rick <rhsu5> |
| Component: | tpm2-tools | Assignee: | Jerry Snitselaar <jsnitsel> |
| Status: | CLOSED ERRATA | QA Contact: | Vilém Maršík <vmarsik> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 8.4 | CC: | ahuang12, bhu, core-kernel-mgr, jsnitsel, kshieh, mknutson, rvr, yehs1 |
| Target Milestone: | alpha | Keywords: | FutureFeature, Triaged |
| Target Release: | 8.4 | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-18 15:03:33 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1848158, 1898189, 1916350, 1916352 | ||
commit 34f7d1a18af94f47cef728c0630d0cb395c63a49 tpm2-tools-4.1.1-2.el8.x86_64 from 8.4 beta is working, but version 4.1.1 is from January, and according to the date when this bug was created, "latest version" should be at least 4.1.3 . Jerry, why there is no newer version?
-------
verification log tpm2-tools-4.1.1-2.el8.x86_64 on 8.4 beta:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: TEST PROTOCOL
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Package : crypto
beakerlib RPM : beakerlib-1.20-1.el8bkr.noarch
Test name : /kernel/crypto/tpm/tpm2
Test version : 0.1
Test started : 2020-12-17 19:53:50 EST
Test finished : 2020-12-17 19:53:53 EST (still running)
Test duration : 3 seconds
Distro : Red Hat Enterprise Linux release 8.4 Beta (Ootpa)
Hostname : lenovo-sr650-02.lab.eng.rdu2.redhat.com
Architecture : x86_64
CPUs : 48 x Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz
RAM size : 63750 MB
HDD size : 1450.78 GB
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Test description
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Runs different tpm2-tools tests against a TPM2 HW.
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Setup
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [ 19:53:50 ] :: [ PASS ] :: Command 'udevadm trigger --action=change' (Expected 0, got 0)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Duration: 1s
:: Assertions: 1 good, 0 bad
:: RESULT: PASS (Setup)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Presence
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [ 19:53:51 ] :: [ PASS ] :: Command 'tpm2_pcrread -T tabrmd' (Expected 0, got 0)
:: [ 19:53:51 ] :: [ PASS ] :: 24 PCRS (Assert: "48" should be >= "24")
:: [ 19:53:51 ] :: [ PASS ] :: File /dev/tpm0 should exist
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Duration: 0s
:: Assertions: 3 good, 0 bad
:: RESULT: PASS (Presence)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Functionality
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [ 19:53:52 ] :: [ PASS ] :: Command 'tpm2_nvreadpublic -T tabrmd' (Expected 0, got 0)
:: [ 19:53:53 ] :: [ PASS ] :: random number generator (Expected 0, got 0)
:: [ 19:53:53 ] :: [ PASS ] :: random number count (Assert: '20' should equal '20')
:: [ 19:53:53 ] :: [ PASS ] :: hashing (Expected 0, got 0)
:: [ 19:53:53 ] :: [ PASS ] :: extending PCR (Expected 0, got 0)
:: [ 19:53:53 ] :: [ PASS ] :: PCR value changed (Assert: " 4 : 0x427D20205861AE625CCE93220C6D6555024CD838" should not equal " 4 : 0xE40E2528B60DEA94CD4D74814D27C85DE47F2626")
:: [ 19:53:53 ] :: [ PASS ] :: tpm2_rc_decode 0x9a2 -> authorization failure (Assert: '1' should equal '1')
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Duration: 2s
:: Assertions: 7 good, 0 bad
:: RESULT: PASS (Functionality)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Data RW
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Duration: 0s
:: Assertions: 0 good, 0 bad
:: RESULT: PASS (Data RW)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Cleanup
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Duration: 0s
:: Assertions: 0 good, 0 bad
:: RESULT: PASS (Cleanup)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: /kernel/crypto/tpm/tpm2
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [ 19:53:53 ] :: [ LOG ] :: JOURNAL XML: /var/tmp/beakerlib-DLNcQPt/journal.xml
:: [ 19:53:53 ] :: [ LOG ] :: JOURNAL TXT: /var/tmp/beakerlib-DLNcQPt/journal.txt
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Duration: 3s
:: Phases: 5 good, 0 bad
:: OVERALL RESULT: PASS (/kernel/crypto/tpm/tpm2)
# rpm -q tpm2-tools tpm2-tss tpm2-abrmd
tpm2-tools-4.1.1-2.el8.x86_64
tpm2-tss-2.3.2-3.el8.x86_64
tpm2-abrmd-2.3.3-2.el8.x86_64
This was just backporting of bugfixes since we did a major rebase last release. 0001-Fix-ESYS_TR-hierarchy-transition.patch 0001-Refactor-fix_esys_hierarchies.patch 0001-tpm2_alg_util.c-fix-a-bug-where-the-string-rsa3072-w.patch 0001-tpm2_create.c-Fix-an-issue-where-userwithauth-attr-c.patch 0001-tpm2_hierarchycontrol-Fixed-bug-where-hierarchycontr.patch 0001-tpm2_nvdefine.c-Fixed-error-reporting-message.patch 0001-tpm2_policyor-Silent-failure-bug-fix-for-invalid-uns.patch Same with tpm2-tss bug. (In reply to Jerry Snitselaar from comment #9) > This was just backporting of bugfixes since we did a major rebase last > release. I see, but the bugs ask for updating to latest upstream version, which didn't happen. From this point of view, the bug has not been fixed. What do we do? Opening another bug for upstream sync, or at least renaming this bug, from "update to latest version" to something like "backport patches" ? Every minor release the bug is filed asking for the latest upstream. When asked specifically what is wanted, the response is any relevant fixes. I'll change the bug subjects. Thanks, considering verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (tpm2-tools bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:1663 |
1. Feature Overview a. Name of feature: tpm2-tools - Update to latest version b. Feature description: TPM userspace tool for TPM 2.0 2. Feature Details a. Architectures: 64-bit Intel EM64T/AMD64 b. Bugzilla dependencies: c. Drivers or hardware dependencies, including a specific platform or CPU: TPM 2.0 chipset d. Library or other software dependencies: e. Upstream acceptance information, including Linus's kernel version in which the feature appears and the date on which this feature was accepted or is targeted for acceptance into Linus's kernel: f. External links: https://github.com/01org/tpm2-tools g. Severity (H,M,L): High h. Feature required by date (for example, the date on which hardware requiring this feature is planned for launch): RHEL8.4 alpha version 3. Business Justification a. Why is this feature needed? Align with the latest fixes b. What hardware or software does this enable? TPM2.0 c. If hardware, is it on-board in a system (eg, LOM) or an add-on card? on-board or add-on d. Business impact? Lenovo server platform needs this. e. What market problems / audience does it address? 4. QE Test Plan 5. Primary contact at Red Hat, email, phone (chat) a. Monte Knutson b. mknutson c. office: 919-890-8413 6. Primary contact at Partner, email, phone (chat) a. Rick Hsu b. rhsu5 c. office