[tpm2] Re: {External} Re: tpm2_nvdefine fails with inconsistent attributes...

No reason sounds like an easy enough feature to add. Do you want to send a patch up? ________________________________ From: Sievert, James <james.sievert(a)bsci.com&gt; Sent: Friday, December 3, 2021 9:10 AM To: Kenneth Goldman <kgoldman(a)us.ibm.com&gt; Cc: tpm2(a)lists.01.org <tpm2(a)lists.01.org&gt; Subject: [tpm2] Re: {External} Re: tpm2_nvdefine fails with inconsistent attributes... That was it. Thanks, Ken. According to the documentation for tpm2_nvdefine, the defaults for the platform hierarchy are PPREAD and PPWRITE. Strangely, PLATFORMCREATE is not included. The following is sufficient: tpm2_nvdefine 0x01000025 -C p -s 1 -a "ppwrite|ppread|platformcreate" Is there some reason the defaults for the platform hierarchy don’t include PLATFORMCREATE? From: Kenneth Goldman <kgoldman(a)us.ibm.com&gt; Sent: Friday, December 3, 2021 9:52 AM To: Sievert, James <james.sievert(a)bsci.com&gt; Cc: tpm2(a)lists.01.org Subject: {External} [tpm2] Re: tpm2_nvdefine fails with inconsistent attributes... My guess is that you do not set the TPMA_NVA_PLATFORMCREATE attribute. The IBM utility sets it for you when the platform hierarchy authorizes the command, since it must be set. -- Ken Goldman kgoldman@us.ibm.com<mailto:kgoldman@us.ibm.com> 914-945-2415 (862-2415) [Inactive hide details for "Sievert, James" ---12/03/2021 09:37:25 AM---Hi, I’m using tpm2-tools 4.1.1 on Ubuntu 20.04. I’m i]"Sievert, James" ---12/03/2021 09:37:25 AM---Hi, I’m using tpm2-tools 4.1.1 on Ubuntu 20.04. I’m issuing the following command which is returnin From: "Sievert, James" <james.sievert@bsci.com<mailto:james.sievert@bsci.com>> To: "tpm2@lists.01.org<mailto:tpm2@lists.01.org>" <tpm2@lists.01.org<mailto:tpm2@lists.01.org>> Date: 12/03/2021 09:37 AM Subject: [EXTERNAL] [tpm2] tpm2_nvdefine fails with inconsistent attributes... ________________________________ Hi, I’m using tpm2-tools 4.1.1 on Ubuntu 20.04. I’m issuing the following command which is returning an inconsistent attributes error: bsci@ip-10-132-42-225:~$ tpm2_nvdefine 0x1000025 -C p -s 1 ‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍ Hi, I’m using tpm2-tools 4.1.1 on Ubuntu 20.04. I’m issuing the following command which is returning an inconsistent attributes error: bsci@ip-10-132-42-225:~$ tpm2_nvdefine 0x1000025 -C p -s 1 WARNING:esys:src/tss2-esys/api/Esys_NV_DefineSpace.c:333:Esys_NV_DefineSpace_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_NV_DefineSpace.c:122:Esys_NV_DefineSpace() Esys Finish ErrorCode (0x00000182) ERROR: Failed to define NV area at index 0x1000025 ERROR: Esys_NV_DefineSpace(0x182) - tpm:handle(1):inconsistent attributes ERROR: Unable to run tpm2_nvdefine and yes, I am attempting to define the index using the platform hierarchy. ? This does work using the IBM utilities. Here are the current properties: bsci@ip-10-132-42-225:~$ tpm2_getcap properties-variable TPM2_PT_PERSISTENT: ownerAuthSet: 0 endorsementAuthSet: 0 lockoutAuthSet: 0 reserved1: 0 disableClear: 0 inLockout: 0 tpmGeneratedEPS: 0 reserved2: 0 TPM2_PT_STARTUP_CLEAR: phEnable: 1 shEnable: 1 ehEnable: 1 phEnableNV: 1 reserved1: 0 orderly: 0 TPM2_PT_HR_NV_INDEX: 0x6 TPM2_PT_HR_LOADED: 0x0 TPM2_PT_HR_LOADED_AVAIL: 0x3 TPM2_PT_HR_ACTIVE: 0x0 TPM2_PT_HR_ACTIVE_AVAIL: 0x40 TPM2_PT_HR_TRANSIENT_AVAIL: 0x3 TPM2_PT_HR_PERSISTENT: 0x0 TPM2_PT_HR_PERSISTENT_AVAIL: 0x11 TPM2_PT_NV_COUNTERS: 0x0 TPM2_PT_NV_COUNTERS_AVAIL: 0xD TPM2_PT_ALGORITHM_SET: 0x0 TPM2_PT_LOADED_CURVES: 0x2 TPM2_PT_LOCKOUT_COUNTER: 0x0 TPM2_PT_MAX_AUTH_FAIL: 0x20 TPM2_PT_LOCKOUT_INTERVAL: 0x1C20 TPM2_PT_LOCKOUT_RECOVERY: 0x15180 TPM2_PT_AUDIT_COUNTER_0: 0x0 TPM2_PT_AUDIT_COUNTER_1: 0x0 Any insight would be appreciated. Thanks!_______________________________________________ tpm2 mailing list -- tpm2@lists.01.org<mailto:tpm2@lists.01.org> To unsubscribe send an email to tpm2-leave@lists.01.org<mailto:tpm2-leave@lists.01.org> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s