RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1570890 - tpm2-tools: numeric error codes without any text explanation
Summary: tpm2-tools: numeric error codes without any text explanation
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: tpm2-tools
Version: 7.5
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Jerry Snitselaar
QA Contact: Vilém Maršík
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-23 16:25 UTC by Vilém Maršík
Modified: 2019-10-22 06:58 UTC (History)
0 users

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-10-22 06:58:58 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Vilém Maršík 2018-04-23 16:25:50 UTC
Description of problem:
TPM2 responses are printed as numbers only, which is only understandable with 3rd party documentation at hand (could not find any file in "tpm2-tools" describing these error codes).

Version-Release number of selected component (if applicable):
tpm2-tools-3.0.1-1.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1. run a command that returns a TPM2 error

Actual results:
# tpm2_create -H 0x81010001 -g sha256 -G rsa
ERROR:
Create Object Failed ! ErrorCode: 0x18b
# tpm2_nvdefine -x 0x1500016 -a 0x40000001 -s 32 -t 0x2000A
ERROR: Failed to define NV area at index 0x1500016 (22020118).Error:0x9a2



Expected results:
TPM2 errors as both numbers and strings

Additional info:

Comment 2 Jerry Snitselaar 2018-04-23 16:59:46 UTC
What about /usr/bin/tpm2_rc_decode?

tpm2_rc_decode 0x9a2
error layer
  hex: 0x0
  identifier: TSS2_TPM_ERROR_LEVEL
  description: Error produced by the TPM
format 1 error code
  hex: 0x22
  identifier: TPM_RC_BAD_AUTH
  description: authorization failure without DA implications
session
  hex: 0x100
  identifier: TPM_RC_1
  description:  (null)

Comment 3 Vilém Maršík 2018-04-24 10:55:45 UTC
Yes, that is the information you are looking for, when seeing such an error code.

Not sure if the pure existence of this tool is enough, especially as it's never mentioned in the manual pages of the individual tpm2_* commands (just "RETURNS 0 on success or 1 on failure.", no "run tpm2_rc_decode if you see a numerical TPM error"). And most Linux tools format their error messages by something like strerror() or perror(), right? 

What do you think?


Note You need to log in before you can comment on or make changes to this bug.