Description of problem:
TPM2 responses are printed as numbers only, which is only understandable with 3rd party documentation at hand (could not find any file in "tpm2-tools" describing these error codes).
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. run a command that returns a TPM2 error
# tpm2_create -H 0x81010001 -g sha256 -G rsa
Create Object Failed ! ErrorCode: 0x18b
# tpm2_nvdefine -x 0x1500016 -a 0x40000001 -s 32 -t 0x2000A
ERROR: Failed to define NV area at index 0x1500016 (22020118).Error:0x9a2
TPM2 errors as both numbers and strings
What about /usr/bin/tpm2_rc_decode?
description: Error produced by the TPM
format 1 error code
description: authorization failure without DA implications
Yes, that is the information you are looking for, when seeing such an error code.
Not sure if the pure existence of this tool is enough, especially as it's never mentioned in the manual pages of the individual tpm2_* commands (just "RETURNS 0 on success or 1 on failure.", no "run tpm2_rc_decode if you see a numerical TPM error"). And most Linux tools format their error messages by something like strerror() or perror(), right?
What do you think?