Here is my test code:

//////////////////////////////////

#!/bin/env bash

function pause() {
   read -s -n 1 -p "Press any key to continue ..."
   echo ""
}

function check_return() {
   if [ $? != 0 ]; then
      echo failed with return code: $?
      exit 1
   fi
}


echo tpm2 startup
tpm2_startup -c
check_return

echo Clear the Authorization value.
tpm2_clear
check_return

echo Create the local keystore folder
if [ ! -d  ${HOME}/.local/share/tpm2-tss/user/keystore ]; then
mkdir -p ${HOME}/.local/tpm2-tss/user/keystore
fi

echo Set the algothrims for the SRK hierarchy.
key_alg="rsa2048:aes256ctr"
hash_alg="sha256"
pswd=12345

echo Create the primary key object for SRK. This will take a while...
tpm2_createprimary -Q -G "${key_alg}" -g "${hash_alg}" -C o -c srk.ctx
check_return

echo Create an AES key object with CTR mode
tpm2_create -C srk.ctx -G aes256ctr -p ${pswd} -u aes256_key.pub -r aes256_key.priv
check_return

echo Load it into TPM module memory
tpm2_load -Q -C srk.ctx -u aes256_key.pub -r aes256_key.priv -n aes256ctr_key -c aes256_key.ctx
check_return

echo Erase/evict any key at 0x81010000 if there is
tpm2_evictcontrol -C o 0x81010000 > /dev/null 2>&1

echo Make the key persistent with handle 0x81010000
tpm2_evictcontrol -C o -c aes256_key.ctx 0x81010000
check_return

echo AES encryption and decryption test.
echo "test data" > test.data

echo Create an IV data file
iv_part1=`od -Ad -N8 -t u -i /dev/random | awk '{ print $2; exit }'`
iv_part2=`od -Ad -N8 -t u -i /dev/random | awk '{ print $2; exit }'`
iv=${iv_part1}${iv_part2}
iv=${iv:0:15}
echo ${iv} > iv.input
cat iv.input

pause

echo Encrypt the test data file with the persistent key handle
tpm2_encryptdecrypt -c 0x81010000 --iv=iv.input:iv.output -p ${pswd} -o enc_test.data test.data
check_return

echo Decrypt the encrypted test file with the persistent key handle
tpm2_encryptdecrypt -d -c 0x81010000 -p ${pswd} --iv-iv.input:iv.output -o dec_test.data enc_test.data
check_return

diff dec_test.data test.data > /dev/null
if [ $? != 0 ]; then
   echo tpm2 encrypt/decrypt with key handle failed!
   exit 1
fi
echo
echo ==================E=N=D=====================
echo

On Fri, Apr 9, 2021 at 11:11 AM Chat Overlay Streaming <benzhu88899@gmail.com> wrote:
Hi there,
I tried to use the TPM2 AES256 / AES256CTR to encrypt a file. When I ran the following command, I got an error message in an infinite loop and had to reboot my machine.

$ tpm2_encryptdecrypt -c 0x81010000 --iv=iv.input:iv.output -p ${pswd} -o enc_test.data test.data

The error message was
   tpm tpm0 invalid count value ffffffff 1000
   tpm tpm0 invalid count value ffffffff 1000 
   ...
   tpm tpm0 invalid count value ffffffff 1000

Digging the location where the error message comes from, I found it was in the tpm driver file: file tpm-interface.c

static ssize_t tpm_try_transmit(struct tpm_chip *chip, void *buf, size_t bufsiz)
{
struct tpm_header *header = buf;
...

count = be32_to_cpu(header->length); // ---> count = ffffffff  
...

if (count > bufsiz) {   // ---> bufsiz = 1000
    dev_err(&chip->dev,
                  "invalid count value %x %zx\n", count, bufsiz);
     
return -E2BIG;
 }
....
}

My question is did someone meet the same problem? And how can I debug this problem?
I double checked the tpm2-abrmd service. It was running okay.

The builds for my test are:
1. rpi-kernel: 5.4.y
2. tpm2-tss: 3.0.x
3. tpm2-abrmd: 2.3.2
4. tpm2-tools: 4.2.X
5. tpm2-tss-engine: v1.1.x

My test environments:
RPI 3B & 4B
AES in the TPM was enabled.

Attached is my test script.

Thanks a lot,
Ben