Bug 2008179

Summary: tpm2_createprimary fails
Product: [Fedora] Fedora Reporter: Jonathan Lebon <jlebon>
Component: tpm2-tssAssignee: Peter Robinson <pbrobinson>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 36CC: bhu, bstinson, bugzilla, dustymabe, fmartine, francois.rigault, gmarr, jlebon, jsnitsel, jwboyer, jwiedman, ksrot, miabbott, pbrobinson, pwhalen, robatino, rvr, scorreia, shoracek, travier, vmarsik, walters, yunying.sun
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard: RejectedBlocker AcceptedFreezeException
Fixed In Version: tpm2-tss-3.2.0-0.3.rc0.fc36 tpm2-tss-3.2.0-0.3.rc0.fc37 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1989321 Environment:
Last Closed: 2022-02-09 00:13:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1953784, 1953785    

Description Jonathan Lebon 2021-09-27 13:54:46 UTC 
+++ This bug was initially created as a clone of Bug #1989321 +++

We're working on a C9S CoreOS (https://github.com/openshift/os/issues/604) and and our LUKS+TPM test is failing: https://github.com/openshift/os/issues/605

I suspect this may actually be an OpenSSL 3 interaction, but basically:

```
[root@cosa-devsh ~]# rpm -q tpm2-tools
tpm2-tools-5.0-6.el9.x86_64
[root@cosa-devsh ~]# tpm2_createprimary 
ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:328:iesys_cryptossl_hmac_start() ErrorCode (0x00070001) EVP_PKEY_new_mac_key 
ERROR:esys_crypto:src/tss2-esys/esys_crypto.c:185:iesys_crypto_authHmac() Error ErrorCode (0x00070001) 
ERROR:esys:src/tss2-esys/esys_iutil.c:1243:iesys_compute_hmac() HMAC error ErrorCode (0x00070001) 
ERROR:esys:src/tss2-esys/esys_iutil.c:1341:iesys_gen_auths() Error while computing hmacs ErrorCode (0x00070001) 
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:237:Esys_CreatePrimary_Async() Error in computation of auth values ErrorCode (0x00070001) 
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:110:Esys_CreatePrimary() Error in async function ErrorCode (0x00070001) 
ERROR: Esys_CreatePrimary(0x70001) - esapi:Catch all for all errors not otherwise specified
ERROR: Unable to run tpm2_createprimary
[root@cosa-devsh ~]# 
```

This works fine on current Fedora CoreOS and RHEL8 CoreOS.  This is in qemu with swtpm.  The test framework is in https://github.com/coreos/coreos-assembler/

--- Additional comment from Jonathan Lebon on 2021-09-20 10:49:10 EDT ---

This is also affecting Fedora CoreOS rawhide too now. It's breaking any test which uses TPM2:

```
$ clevis luks bind -f -k /tmp/ignition-luks-1495034653 -d /run/ignition/dev_aliases/dev/disk/by-partlabel/varlog sss '{"pins":{"tpm2":{}},"t":1}'
Warning: Value 512 is outside of the allowed entropy range, adjusting it.
ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:327:iesys_cryptossl_hmac_start() ErrorCode (0x00070001) EVP_PKEY_new_mac_key
ERROR:esys_crypto:src/tss2-esys/esys_crypto.c:185:iesys_crypto_authHmac() Error ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/esys_iutil.c:1244:iesys_compute_hmac() HMAC error ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/esys_iutil.c:1354:iesys_gen_auths() Error while computing hmacs ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:244:Esys_CreatePrimary_Async() Error in computation of auth values ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:110:Esys_CreatePrimary() Error in async function ErrorCode (0x00070001)
ERROR: Esys_CreatePrimary(0x70001) - esapi:Catch all for all errors not otherwise specified
ERROR: Unable to run tpm2_createprimary
Creating TPM2 primary key failed!
Invalid input!
Usage: jose jwe fmt -i JWE [-I CT] [-o JWE] [-O CT] [-c]
Converts a JWE between serialization formats
...
Failed to import token from file.
Error saving metadata to LUKS2 header in device /run/ignition/dev_aliases/dev/disk/by-partlabel/varlog
Unable to update metadata; operation cancelled
Error adding new binding to /run/ignition/dev_aliases/dev/disk/by-partlabel/varlog
```

Started happening with tpm2-tss-3.1.0-4.fc36, which was rebuilt for OpenSSL 3.0.0. So based on that and the stderr, I agree with Colin this is likely an OpenSSL-related issue.

Moving to tpm2-tss since it seems like the error actually lies in libtss2.

Wasn't sure if you preferred we cloned this to Fedora rawhide or you'd rather keep it all in this RHBZ. Can do the clone if you'd like.

--- Additional comment from Timothée Ravier on 2021-09-21 06:21:09 EDT ---

I'm raising the severity as this will prevent us from shipping RHEL 9 in RHCOS.
Comment 1 Peter Robinson 2021-09-27 14:32:00 UTC 
Looks like this might be fixed upstream with commit: https://github.com/tpm2-software/tpm2-tss/commit/362fda1daa398da2944e76013c215500761d46a5

But there's other OpenSSL fixes that may be required.
Comment 2 Dusty Mabe 2021-10-06 14:57:43 UTC 
Is it worth pulling back that patch to our RPM and running a test?
Comment 3 Sergio Correia 2021-12-19 02:34:32 UTC 
(In reply to Peter Robinson from comment #1)
> Looks like this might be fixed upstream with commit:
> https://github.com/tpm2-software/tpm2-tss/commit/
> 362fda1daa398da2944e76013c215500761d46a5
> 
> But there's other OpenSSL fixes that may be required.

We ran into this issue when running somes test for the keylime project[1]. This is also the likely cause of some clevis tests failing for IoT in rawhide.

Perhaps you could apply these patches [2] that went into CentOS Stream 9?

[1] https://github.com/keylime/keylime/pull/811#issuecomment-996014741
[2] https://gitlab.com/redhat/centos-stream/rpms/tpm2-tss/-/merge_requests/2
Comment 4 Peter Robinson 2021-12-19 11:56:07 UTC 
There's a new 3.2 release with support for openssl due next week.
Comment 5 Peter Robinson 2021-12-19 11:56:34 UTC 
support for openssl 3
Comment 6 François Rigault 2022-01-05 06:13:14 UTC 
this breaks functionalities like systemd-creds (https://github.com/systemd/systemd/issues/21747) or systemd-cryptenroll
also the tpm2-tss-engine seems to be replaced with https://github.com/tpm2-software/tpm2-openssl for OpenSSL 3 support.
Is there a way tpm support can be fixed in time for Fedora 36 release?
Comment 7 Fedora Blocker Bugs Application 2022-01-10 17:21:39 UTC 
Proposed as a Blocker for 36-beta by Fedora user dustymabe using the blocker tracking app because:

 Using a TPM2 should work.
Comment 8 Chris Murphy 2022-02-07 18:10:19 UTC 
(In reply to Sergio Correia from comment #3)
> We ran into this issue when running somes test for the keylime project[1].
> This is also the likely cause of some clevis tests failing for IoT in
> rawhide.

If this is confirmed, it's likely a final release blocker per https://fedoraproject.org/wiki/Fedora_35_Final_Release_Criteria#Automatic_partition_decryption_.28Clevis.29
Comment 9 Geoffrey Marr 2022-02-07 20:59:05 UTC 
Discussed during the 2022-02-07 blocker review meeting: [0]

The decision to classify this bug as a "RejectedBlocker (Beta)" and an "AcceptedFreezeException (Beta)" was made as this does not appear to violate any Beta criteria, but it is useful functionality and would be a showstopper for anyone using it on F35 who upgrades to F36, so accepted as an FE issue.

[0] https://meetbot.fedoraproject.org/fedora-blocker-review/2022-02-07/f36-blocker-review.2022-02-07-17.00.txt
Comment 10 Ben Cotton 2022-02-08 20:07:35 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 36 development cycle.
Changing version to 36.
Comment 11 Fedora Update System 2022-02-09 00:15:05 UTC 
FEDORA-2022-5204b0e8fb has been pushed to the Fedora 37 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 12 Fedora Update System 2022-02-09 00:16:13 UTC 
FEDORA-2022-385d633906 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-385d633906
Comment 13 Fedora Update System 2022-02-09 16:50:46 UTC 
FEDORA-2022-385d633906 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 14 Paul Whalen 2022-02-09 20:03:41 UTC 
Fixed clevis decryption in IoT with tpm2-tss-3.2.0-0.3.rc0.fc36