https://bugzilla.suse.com/show_bug.cgi?id=1222183 https://bugzilla.suse.com/show_bug.cgi?id=1222183#c1 --- Comment #1 from Alberto Planas Dominguez <aplanas@suse.com> --- (In reply to Andrei Borzenkov from comment #0) Hi Andrei, thanks a lot for the detailed bug report
Error: Unable to parse EVENT_EVENT_TAG event from TPM log ::: 04f9c: event type=EVENT_EVENT_TAG pcr=5 digests=4 data=32 bytes ::: sha1 01d4e1ca16f118f6fcd954e175c0116c4a4f746b ::: sha256 bdbea6dbc6791de89a483abc3a61af8e910249e7565682ff2011c910a490520a ::: sha384 12ebd339e16a134b0aeeb3114bd5b233f9f862037b7550c922a7c73686fa616995273aa751446 40d4fb911945d7b5f55 ::: sha512 7c4a18a73955640cde19777b87735f1ca928fe6ef6b54aa3a6d8117c8eaadbd6c00778165a9a3 20303644489c242c88a5b2ca6b20be1ffe75f70d5b930f647f6 ::: Data: ::: 0000 2a 58 bc f5 18 00 00 00 6c 00 6f 00 61 00 64 00 65 00 72 00 2e 00 63 00 6f 00 6e 00 66 00 00 00 *X......l.o.a.d.e.r...c.o.n.f... Fatal: Aborting. Error: Failed to install TPM predictions for
If I am not wrong this was fixed here: https://github.com/okirch/pcr-oracle/pull/50 Can you check that the version of pcr-oracle running in the snapshot that you are updating from contains this change? """ Tue Feb 20 18:16:53 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com> - Add fix_loader_conf.patch to measure the systemd-boot loader.conf file """
Apart from the obvious bug in pcr-oracle, this invalidates any claim of "immutability" of MicroOS - failed update makes it impossible to boot MicroOS without human intervention.
Yes, there is an issue here: systemd-boot started to measure loader.conf in v255. We updated the pcr-oracle version 20th of February, and the systemd v255 was populated in Factory two weeks ago, at the end of March. That should give 1 month of time for the update. I do not understand how is possible that you have a new systemd, but an old pcr-oracle. I will try to replicate the issue locally, downgrading my current installation. -- You are receiving this mail because: You are on the CC list for the bug.