Wow Aki thanks!! Yes super helpful and informative, linking everything together! It seems you know your way around this stuff. I'll get there soon!
I'm pretty sure i reset the SRK a couple months ago when I was first trying to figure this all out. After a reboot, I don't see the 0x0902 error every 10s but, iirc, it starts later at some point, i guess after running out of memory for whatever reason! Yep after 5 hours uptime, it started like this:
The boot loader is grub,
but if that's what has to happen, so be it. If there's a guide out there about how to switch an encrypted system from grub to systemd and it's written at least half as good as you could, it might suffice!
I'm pretty sure i reset the SRK a couple months ago when I was first trying to figure this all out. After a reboot, I don't see the 0x0902 error every 10s but, iirc, it starts later at some point, i guess after running out of memory for whatever reason! Yep after 5 hours uptime, it started like this:
[Dec19 01:22] tpm tpm0: A TPM error (357) occurred flushing context[Dec19 01:23] tpm tpm0: tpm2_load_context: failed with a TPM error 0x0902[ +10.243274] tpm tpm0: tpm2_load_context: failed with a TPM error 0x0902[Dec19 01:24] tpm tpm0: tpm2_load_context: failed with a TPM error 0x0902[ +10.242888] tpm tpm0: tpm2_load_context: failed with a TPM error 0x0902[ +10.235881] tpm tpm0: tpm2_load_context: failed with a TPM error 0x0902[ +10.243115] tpm tpm0: tpm2_load_context: failed with a TPM error 0x0902ℯ𝓉𝒸. ℯ𝓉𝒸.
The boot loader is grub,
grub-efi-amd64 2.12-5 actually. bootctl is not a found command. apt-file says it's part of systemd but there's no /usr/bin/bootctl and I've systemd v257-2 installed. apt-file also says it's part of systemd-boot? but that conflicts with grub doesn't it? Idk if I want to mess with that right now, being this system has got the full disk encryption going and idek what voodoo is making that all work it's completely different than when I last did it a decade ago, but I found several scripts from a Redditor to sign the kernels with ukify and update the boot order or something, it all works seamless and so far so good...but if that's what has to happen, so be it. If there's a guide out there about how to switch an encrypted system from grub to systemd and it's written at least half as good as you could, it might suffice!
Statistics: Posted by scar — 2024-12-19 13:18 — Replies 2 — Views 144