Comment 7 for bug 1979185

Revision history for this message
daniel (acz-a) wrote :

Hey Michael.
Thank you very much for the support and debugging.

I want to inform you that prior to your update, I used the https://github.com/timchen119/tpm2-toolbox package to read the TPM DA lockout counter, using:
"""
sudo tpm2-toolbox.getcap properties-variable -T device:/dev/tpmrm0
"""
With every power off and on (power outage), the parameter TPM2_PT_LOCKOUT_COUNTER was incremented. When it reached 32 (0x20) the NUC was locked as I specified and as you assumed.

I have now reinstalled the NUC and upgraded snapd to edge channel.
It seems to have zeroed that parameter.
We are still testing it (powering off and on), to be 100% sure that it has solved the issue, I will update you on this matter.

Now, because our operatioal systems are used for an industrial embedded purpose, we need the snapd package on them to be set to the stable channel.

Do you have an estimation of when we would have an ubuntu-core 20 base image with this bugfix installed in it?

Again, thanks a lot for the support so far.

Daniel.