The latest go-tpm2[1] seems to support SM3_256. I tried to build test snapd and kernel snaps but got a dependency issue. The latest secboot[2] still uses old go-tpm2 API.
I applied the attached patch in comment#17 to go-tpm2[3] which is currently used by snapd. And, I built a test image with patched snapd and kernel snaps. Unfortunately, the FDE function still doesn't work with this test image. The new error message is: the-tool[334]: panic: crypto: requested hash function #0 is unavailable. (For details, please refer to the attached photo in comment#18) As the commit in comment#15 mentioned, the TPM spec currently has one hash algorithm with no corresponding crypto.Hash[4] value (SM3). Whilst it's not possible to use this algorithm in go-tpm2 right now even though there is a go implementation of it. So, the UC image doesn't support SM3_256 now because Go cryptography libraries[4] doesn't support it. --- [1] https://github.com/canonical/go-tpm2/blob/master/types_interface.go#L61 [2] https://github.com/snapcore/secboot [3] go-tpm2, comment id: 32171bd353b113ff4793dc3c65a019d749674bc6 [4] https://cs.opensource.google/go/x/crypto -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1938678 Title: [intel] [tgl-h][iotg] [hwe-tpm] Ubuntu Core hangs during bootup on TGL-H To manage notifications about this bug go to: https://bugs.launchpad.net/intel/+bug/1938678/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs