You are not logged in.
- Topics: Active | Unanswered
#1 2023-03-10 21:38:18
- luser
- Member
- Registered: 2016-08-27
- Posts: 114
SOLVED - Failed to start TPM2 PCR Machine ID Measurement
Recently, I've noticed that I'm getting a red letter warning when booting: Failed to start TPM2 PCR Machine ID Measurement
This is annoying, because I've taken some pains to achieve a quiet boot.
The problem is that the machine only has an earlier generation TPM and doesn't have a TPM2 at all, so trying to work with a TPM2 is always going to fail.
I've seen the similar issue "TPM2 barrier not starting error...when I don't use TPM@," but the solutions there don't work.
BINARIES=(/usr/lib/libtss2-esys.so.0 /usr/lib/libtss2-rc.so.0 /usr/lib/libtss2-tcti-device.so.0)
Add sd-encrypt after systemd hook and rebuild.
systemd 253.1-3 does fix it...
I imagine that the "solutions" don't work, because there is no TPM2.
How can I prevent the error message from occurring, or failing that, is there a way to prevent the message from appearing at boot time?
Last edited by luser (2023-03-13 01:28:30)
luser: an epithet applied by Windows users to linux users
Offline
#2 2023-03-10 21:58:36
- loqs
- Member
- Registered: 2014-03-06
- Posts: 17,483
Re: SOLVED - Failed to start TPM2 PCR Machine ID Measurement
Please post the full system journal for a boot with the issue and the output of systemctl status systemd-pcrmachine.service
Offline
#3 2023-03-11 01:17:54
- luser
- Member
- Registered: 2016-08-27
- Posts: 114
Re: SOLVED - Failed to start TPM2 PCR Machine ID Measurement
Thanks for the reply!
$ journalctl -b
http://ix.io/4quK
$systemctl status systemd-pcrmachine.service
systemctl status systemd-pcrmachine.service
× systemd-pcrmachine.service - TPM2 PCR Machine ID Measurement
Loaded: loaded (/usr/lib/systemd/system/systemd-pcrmachine.service; static)
Active: failed (Result: exit-code) since Fri 2023-03-10 16:40:53 PST; 30min ago
Docs: man:systemd-pcrmachine.service(8)
Process: 183 ExecStart=/usr/lib/systemd/systemd-pcrphase --machine-id (code=exited, status=1/FAILURE)
Main PID: 183 (code=exited, status=1/FAILURE)
CPU: 9ms
Mar 10 16:40:53 epic8 systemd-pcrphase[183]: Failed to initialize TCTI context: tcti:IO failure
Mar 10 16:40:53 epic8 systemd-pcrphase[183]: ERROR:tcti:src/tss2-tcti/tcti-device.c:452:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory
Mar 10 16:40:53 epic8 systemd[1]: systemd-pcrmachine.service: Main process exited, code=exited, status=1/FAILURE
Mar 10 16:40:53 epic8 systemd[1]: systemd-pcrmachine.service: Failed with result 'exit-code'.
Mar 10 16:40:53 epic8 systemd[1]: Failed to start TPM2 PCR Machine ID Measurement.luser: an epithet applied by Windows users to linux users
Offline
#4 2023-03-11 08:29:18
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,842
Re: SOLVED - Failed to start TPM2 PCR Machine ID Measurement
Mar 10 16:40:52 archlinux kernel: tpm_tis 00:0a: 1.2 TPM (device-id 0xFE, rev-id 2)Mar 10 16:40:52 archlinux systemd-pcrphase[102]: No complete TPM2 support detected, exiting gracefully.
Mar 10 16:40:52 archlinux systemd-pcrphase[148]: No complete TPM2 support detected, exiting gracefully.
Mar 10 16:40:52 archlinux systemd[1]: systemd-pcrphase-initrd.service: Deactivated successfully.
Mar 10 16:40:53 epic8 systemd-pcrphase[183]: Failed to initialize TCTI context: tcti:IO failure
Mar 10 16:40:53 epic8 systemd-pcrphase[183]: ERROR:tcti:src/tss2-tcti/tcti-device.c:452:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory
Mar 10 16:40:53 epic8 systemd[1]: systemd-pcrmachine.service: Main process exited, code=exited, status=1/FAILURE
Mar 10 16:40:53 epic8 systemd[1]: systemd-pcrmachine.service: Failed with result 'exit-code'.
Mar 10 16:40:55 epic8 systemd-pcrphase[297]: No complete TPM2 support detected, exiting gracefully.
Mar 10 16:40:55 epic8 systemd-pcrphase[304]: No complete TPM2 support detected, exiting gracefully.systemctl status systemd-pcrphase-initrd.service
systemctl status systemd-pcrphase.serviceOffline
#5 2023-03-11 13:19:43
- loqs
- Member
- Registered: 2014-03-06
- Posts: 17,483
Re: SOLVED - Failed to start TPM2 PCR Machine ID Measurement
What if you edit systemd-pcrmachine.service to add the --graceful option.
Offline
#6 2023-03-13 01:15:29
- luser
- Member
- Registered: 2016-08-27
- Posts: 114
Re: SOLVED - Failed to start TPM2 PCR Machine ID Measurement
Hi, Seth and Logs, and thanks for the replies.
$ systemctl status systemd-pcrphase-initrd.service
○ systemd-pcrphase-initrd.service - TPM2 PCR Barrier (initrd)
Loaded: loaded (/usr/lib/systemd/system/systemd-pcrphase-initrd.service; static)
Active: inactive (dead) since Sun 2023-03-12 13:31:00 PDT; 4h 30min ago
Duration: 1.301s
Docs: man:systemd-pcrphase-initrd.service(8)
Main PID: 104 (code=exited, status=0/SUCCESS)
CPU: 6ms
Mar 12 13:31:00 archlinux systemd[1]: Stopping TPM2 PCR Barrier (initrd)...
Mar 12 13:31:00 archlinux systemd-pcrphase[154]: No complete TPM2 support detected, exiting gracefully.
Mar 12 13:31:00 archlinux systemd[1]: systemd-pcrphase-initrd.service: Deactivated successfully.
Mar 12 13:31:00 archlinux systemd[1]: Stopped TPM2 PCR Barrier (initrd).
Warning: journal has been rotated since unit was started and some journal files were not opened due to insufficient permissions, output may be incomplete.systemctl status systemd-pcrphase.service
● systemd-pcrphase.service - TPM2 PCR Barrier (User)
Loaded: loaded (/usr/lib/systemd/system/systemd-pcrphase.service; static)
Active: active (exited) since Sun 2023-03-12 13:31:05 PDT; 4h 35min ago
Docs: man:systemd-pcrphase.service(8)
Process: 470 ExecStart=/usr/lib/systemd/systemd-pcrphase --graceful ready (code=exited, status=0/SUCCESS)
Main PID: 470 (code=exited, status=0/SUCCESS)
CPU: 8ms
Mar 12 13:31:05 random7 systemd[1]: Starting TPM2 PCR Barrier (User)...
Mar 12 13:31:05 random7 systemd-pcrphase[470]: No complete TPM2 support detected, exiting gracefully.
Mar 12 13:31:05 random7 systemd[1]: Finished TPM2 PCR Barrier (User).logs, thank you for reminding me that I could have used
man systemd-pcrmachine.service
to find the --graceful option. It never occurred to me.
I edited it to modify the ExecStart line as below, and the problem is gone!!!
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/lib/systemd/systemd-pcrphase --machine-id --gracefulLast edited by luser (2023-03-13 01:28:05)
luser: an epithet applied by Windows users to linux users
Offline