Public bug reported: I am using 22.04 and am hitting a bug accessing the TPM during start-up to decrypt a LUKS encrypted drive (data drive, not system drive).
With a Virtualbox 22.04 VM, the problem only happens with the HWE kernel and occurs 8 out of 10 times. 2 out of 10 times the system boots correctly. When using the non HWE kernel it works 10 out of 10 times. With a physical server, Supermicro X10, the problem does not occur at all. My LUKS volume is named drive1. From journalctl -u systemd-cryptsetup@drive1.service Oct 10 07:42:08 tpm2-test systemd-cryptsetup[547]: Failed to unseal HMAC key in TPM: tpm:error(2.0): PCR have changed since checked The problem is discussed here - https://github.com/systemd/systemd/issues/24906 . This also discusses that people get different results with different kernels. I'll not go into too much detail as this problem is already resolved in newer versions of systemd. The fix for this problem was merged into Ubuntu's systemd 252.3-1. https://git.launchpad.net/ubuntu/+source/systemd/commit/src/shared/tpm2-util.c?h=ubuntu/lunar&id=28f8a776415a01cacec747d831f057d3f8b9f01b Can this fix be made available to 22.04 - systemd 249.11? ** Affects: systemd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/2039117 Title: Intermittent problem accessing TPM during 22.04 boot Status in systemd package in Ubuntu: New Bug description: I am using 22.04 and am hitting a bug accessing the TPM during start- up to decrypt a LUKS encrypted drive (data drive, not system drive). With a Virtualbox 22.04 VM, the problem only happens with the HWE kernel and occurs 8 out of 10 times. 2 out of 10 times the system boots correctly. When using the non HWE kernel it works 10 out of 10 times. With a physical server, Supermicro X10, the problem does not occur at all. My LUKS volume is named drive1. From journalctl -u systemd-cryptsetup@drive1.service Oct 10 07:42:08 tpm2-test systemd-cryptsetup[547]: Failed to unseal HMAC key in TPM: tpm:error(2.0): PCR have changed since checked The problem is discussed here - https://github.com/systemd/systemd/issues/24906 . This also discusses that people get different results with different kernels. I'll not go into too much detail as this problem is already resolved in newer versions of systemd. The fix for this problem was merged into Ubuntu's systemd 252.3-1. https://git.launchpad.net/ubuntu/+source/systemd/commit/src/shared/tpm2-util.c?h=ubuntu/lunar&id=28f8a776415a01cacec747d831f057d3f8b9f01b Can this fix be made available to 22.04 - systemd 249.11? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2039117/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
