You are not logged in.

Pages: 1

#1 2026-04-14 08:26:37

JacoNIX97
Member
Registered: 2017-02-14
Posts: 43

TPM2 related systemd services fail at boot time but system works

Hi everyone, I have an installation on a ThinkPad T14s Gen 4 set up with: Secure boot (enrolled custom keys + microsoft keys), LVM on LUKS with volume unlocking using TPM2 + PIN at boot. The kernel is a UKI made with Ukify and mkinitcpio. The system boots normally and asks for the TPM2 PIN. Providing the correct PIN unlocks the LUKS volume and everything works as expected. The problem is that after unlocking the LUKS volume Systemd throws three errors:

[OK] Reached target Trusted Platform Module.
[FAILED] Failed to start TPN NVPCR Product ID Measurement.
See 'systemctl status systemd-pcrproduct.service' for details.
[FAILED] Failed to start Early TPM SRK Setup.
See 'systemctl status systemd-tpm2-setup-early.service' for details,
Starting TPN SRK Setup...
[FAILED] Failed to start TPM SRK Setup.
See systemctl status systemd-tpm2-setup.service' for details.

Using journalctl to check systemd-pcrproduct.service I get the error

Failed to unseal secret using TPM2: No such device or address

For systemd-tpm2-setup-early.service and systemd-tpm2-setup.service I get

Failed to unseal secret using TPM2: No such device or address
Failed to acquire anchor secret: No such device or address
Failed to unseal secret using TPM2: No such device or address
Failed to acquire anchor secret: No such device or address
Failed to unseal secret using TPM2: No such device or address
Failed to acquire anchor secret: No such device or address

My uki.conf file is the following:

[PCRSignature:all]
PCRPrivateKey=/etc/systemd/tpm2-pcr-private-key.pem
PCRPublicKey=/etc/systemd/tpm2-pcr-public-key.pem

[PCRSignature:initrd]
Phases=enter-initrd
PCRPrivateKey=/etc/systemd/tpm2-pcr-private-key-initrd.pem
PCRPublicKey=/etc/systemd/tpm2-pcr-public-key-initrd.pem

I have no [UKI] section as the signing for secure boot is done via sbctl via mkinitcpio hook.

What I tried to do:

I tried adding the [PCRSignature:all] section to the file as indicated by the Wiki (before I just had the inird section).
I tried to delete all keys, regenerate them using ukify genkey, rebuild the UKI with mkinitpcio -P and re-entroll the LUKS token.

This is the output of mkinitcpio -P:

==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'default'
==> Using default configuration file: '/etc/mkinitcpio.conf'
  -> -k /boot/vmlinuz-linux -U /efi/EFI/Linux/arch-linux.efi
==> Starting build: '6.19.11-arch1-1'
  -> Running build hook: [base]
  -> Running build hook: [systemd]
  -> Running build hook: [plymouth]
  -> Running build hook: [autodetect]
  -> Running build hook: [microcode]
  -> Running build hook: [modconf]
  -> Running build hook: [kms]
  -> Running build hook: [keyboard]
  -> Running build hook: [keymap]
  -> Running build hook: [sd-vconsole]
  -> Running build hook: [block]
  -> Running build hook: [sd-encrypt]
==> WARNING: Possibly missing firmware for module: 'qat_6xxx'
  -> Running build hook: [lvm2]
  -> Running build hook: [filesystems]
  -> Running build hook: [fsck]
==> Generating module dependencies
==> Creating zstd-compressed initcpio image
  -> Early uncompressed CPIO image generation successful
==> Initcpio image generation successful
==> Creating unified kernel image: '/efi/EFI/Linux/arch-linux.efi'
  -> Using ukify to build UKI
Using config file: /etc/kernel/uki.conf
+ /usr/lib/systemd/systemd-measure sign --osrel=/tmp/mkinitcpio.ptbJBA --cmdline=/tmp/mkinitcpio.3fSEaU --uname=/tmp/tmp.unametkkesn_x --linux=/boot/vmlinuz-linux --initrd=/tmp/mkinitcpio.aCNXhX --sbat=/tmp/tmp.sbatbeq8w5fu --private-key=/etc/systemd/tpm2-pcr-private-key.pem --public-key=/etc/systemd/tpm2-pcr-public-key.pem
+ /usr/lib/systemd/systemd-measure sign --osrel=/tmp/mkinitcpio.ptbJBA --cmdline=/tmp/mkinitcpio.3fSEaU --uname=/tmp/tmp.unametkkesn_x --linux=/boot/vmlinuz-linux --initrd=/tmp/mkinitcpio.aCNXhX --sbat=/tmp/tmp.sbatbeq8w5fu --private-key=/etc/systemd/tpm2-pcr-private-key-initrd.pem --public-key=/etc/systemd/tpm2-pcr-public-key-initrd.pem --phase=enter-initrd
Wrote unsigned /efi/EFI/Linux/arch-linux.efi
==> Unified kernel image generation successful
==> Running post hooks
  -> Running post hook: [sbctl]
Signing /efi/EFI/Linux/arch-linux.efi
✓ Signed /efi/EFI/Linux/arch-linux.efi
==> Post processing done

I re-enroll the key for the LUKS volume with the command:

sudo systemd-cryptenroll --wipe-slot tpm2 --tpm2-device auto --tpm2-public-key /etc/systemd/tpm2-pcr-public-key.pem --tpm2-with-pin yes --tpm2-public-key-pcrs 11 /dev/mydevice

Am I missing something? Do I need to enroll the other public key in the TPM also? I looked at the wiki but haven't found a solution.

Offline

#2 2026-04-15 08:20:07

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 74,555

Re: TPM2 related systemd services fail at boot time but system works

https://github.com/systemd/systemd/issues/40159

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

Pages: 1

Board footer

Powered by FluxBB