Failed to instantiate TCTI - help wanted narrowing/scoping the issue
7flying opened this issue · 4 comments
Hello there, we are using tpm2-tss via the tss-esapi Rust wrapper and we are getting the following errors:
ERROR:tcti:src/tss2-tcti/tctildr.c:428:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
Error: Error initializing the TPM context
Caused by:
0: response code not recognized
1: response code not recognized
2: Response code value: 0xa0015
using
tpm2-tss-4.0.1-3.fc38.x86_64
tpm2-tools-5.5-3.fc38.x86_64
tpm2-tss-devel-4.0.1-3.fc38.x86_64
If I install tpm2-abrmd (tpm2-abrmd-3.0.0-2.fc38.x86_64 and tpm2-abrmd-devel-3.0.0-2.fc38.x86_64), because we are using abrmd, and we might need it (I'm just fishing over here, we did not install that RPM before) the error changes to the following:
** (process:64465): WARNING **: 14:52:50.869: Failed to create connection with service: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name com.intel.tss2.Tabrmd was not provided by any .service files
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: tabrmd
ERROR:tcti:src/tss2-tcti/tctildr.c:428:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
Error: Error initializing the TPM context
Caused by:
0: response code not recognized
1: response code not recognized
2: Response code value: 0xa0008
These are the two lines of Rust that cause the issue (just for the sake of completeness):
let tcti_conf = tss_esapi::tcti_ldr::TctiNameConf::Tabrmd(Default::default());
let _tss_context =
tss_esapi::Context::new(tcti_conf).context("Error initializing the TPM context")?;Can anyone help me understand what are those errors about?
Haven't found a reference about what those response codes would mean.
Thanks
A few thoughts. Using the tpm2-tools to figure out what the error code means:
$ tpm2 rc_decode 0xa0015
tcti:Functionality not supportedI would crank up logging. If you paste the output (especially on your first problem), we will surely have an easier time helping you.
TSS2_LOG=tcti+DEBUG ./your_executable
Thanks for the pointers.
Ran the binary with extra logging:
$ TSS2_LOG=tcti+DEBUG ./target/debug/experiments
debug:tcti:src/tss2-tcti/tctildr.c:161:tctildr_conf_parse() name_conf: "tabrmd:bus_name=com.intel.tss2.Tabrmd,bus_type=system"
debug:tcti:src/tss2-tcti/tctildr.c:179:tctildr_conf_parse() TCTI name: "tabrmd"
debug:tcti:src/tss2-tcti/tctildr.c:184:tctildr_conf_parse() TCTI conf: "bus_name=com.intel.tss2.Tabrmd,bus_type=system"
debug:tcti:src/tss2-tcti/tctildr-dl.c:314:tctildr_get_tcti() name: "tabrmd", conf: "bus_name=com.intel.tss2.Tabrmd,bus_type=system"
debug:tcti:src/tss2-tcti/tctildr-dl.c:92:handle_from_name() Could not load TCTI file: "tabrmd": tabrmd: cannot open shared object file: No such file or directory
debug:tcti:src/tss2-tcti/tctildr-dl.c:119:handle_from_name() Could not load TCTI file "tabrmd": libtss2-tcti-tabrmd.so.0: cannot open shared object file: No such file or directory
debug:tcti:src/tss2-tcti/tctildr-dl.c:133:handle_from_name() Failed to load TCTI for name "tabrmd": libtss2-tcti-tabrmd.so: cannot open shared object file: No such file or directory
ERROR:tcti:src/tss2-tcti/tctildr.c:430:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
Error: Error initializing the TPM context
Caused by:
0: response code not recognized
1: response code not recognized
2: Response code value: 0xa0015I ran a search on how to get libtss2-tcti-tabrmd.so.0 and I'm pointed to tpm2-abrmd; so I install it and run the bin again:
$ TSS2_LOG=tcti+DEBUG ./target/debug/experiments
debug:tcti:src/tss2-tcti/tctildr.c:161:tctildr_conf_parse() name_conf: "tabrmd:bus_name=com.intel.tss2.Tabrmd,bus_type=system"
debug:tcti:src/tss2-tcti/tctildr.c:179:tctildr_conf_parse() TCTI name: "tabrmd"
debug:tcti:src/tss2-tcti/tctildr.c:184:tctildr_conf_parse() TCTI conf: "bus_name=com.intel.tss2.Tabrmd,bus_type=system"
debug:tcti:src/tss2-tcti/tctildr-dl.c:314:tctildr_get_tcti() name: "tabrmd", conf: "bus_name=com.intel.tss2.Tabrmd,bus_type=system"
debug:tcti:src/tss2-tcti/tctildr-dl.c:92:handle_from_name() Could not load TCTI file: "tabrmd": tabrmd: cannot open shared object file: No such file or directory
** (process:11833): WARNING **: 09:17:20.095: Failed to create connection with service: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name com.intel.tss2.Tabrmd was not provided by any .service files
debug:tcti:src/tss2-tcti/tctildr.c:94:tcti_from_init() TCTI init for function 0x7fca3513d270 failed with a0008
debug:tcti:src/tss2-tcti/tctildr.c:124:tcti_from_info() Could not initialize TCTI named: tcti-abrmd
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:169:tcti_from_file() Could not initialize TCTI file: tabrmd
ERROR:tcti:src/tss2-tcti/tctildr.c:430:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
Error: Error initializing the TPM context
Caused by:
0: response code not recognized
1: response code not recognized
2: Response code value: 0xa0008I am not a rust developer, and unfortunately I don't have a ton of time, but...
Do you really need the tabrmd?
If your kernel provides the kernel-space resource manager (/dev/tpmrm0), you might want to use that, instead. Maybe this helps you deciding.
If you want to use the kernel rm, that should be tss_esapi::tcti_ldr::TctiNameConf::Device. Be careful, the default for DeviceConfig seems to be /dev/tpm0. You need /dev/tpmrm0.
For more info about tctis, see doc/tcti.md. tcti-tabrmd is not covered there, but to put it simply, it is the tcti to connect to the tabrm daemon.
If you want to use tabrmd
If you really want to use tabrmd, you should have a look at their INSTALL.md. I suspect your dbus is not configured properly. FYI: your tcti-tabrmd is configured with bus_name=com.intel.tss2.Tabrmd,bus_type=system.
Closing since I got all the info and help that I needed.
Thanks!