Discussion:
TPM2 on AMD Rizen (fTPM)
(too old to reply)
Andrea Cocito
2024-02-03 16:19:06 UTC
Permalink
Hi,

I’m trying to enable TPM support on a box in order to experiment a bit with it, but the driver does not seem to load and/or see the device.

In the firmware the “fTPM” option has been enabled, tried both with SCM enabled and disabled, basically I tried all the possible firmware options combinations with no success.

I have tpm_load=“YES” in /boot/loader.conf and also tried the hints suggested by the man page is /boot/device.hints

No way to have the tpm? device(s) appear, the best I achieved so far on dmesg in a verbose boot is:

Preloaded elf obj module "/boot/kernel.old/geom_mirror.ko" at 0xffffffff8196d8c0.
Preloaded elf obj module "/boot/kernel.old/tpm.ko" at 0xffffffff8196dfb0.

tpm0 failed to probe at iomem 0xfffffffffed40000-0xfffffffffed44fff on isa0
tpm1 failed to probe at iomem 0xfffffffffed40000-0xfffffffffed40fff on isa0


I am all but an expert about TPM architecture (this is why I am willing to play with it), but as far as I understand AMD’s fTPM is a TPM2 built into the CPU, I have no idea on which bus it should be seen and how.

So my questions are:
- Is AMD’s fTPM supported at all by the driver?
- Am I missing something very obvious?

I have been digging around for information quite a bit, but there does not seem to be much information around. Hope I am hitting the correct list (accept my apologies if it is not).

Thanks in advance for any advice.

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Andrea Cocito
2024-02-04 13:43:03 UTC
Permalink
Hello again,

First thing: apologies for my email client messing up with charset encoding, hope is fixed now.

Second, I add some detail/information.

The machine is a bare metal on Hetzner, I do not have many details, it’s an AMD Ryzen 9 3900 12-Core/24-Threads toy with some motherboard using American Megatrends firmware; unfortunately I have very limited access to the console (one hour upon request…).

As said the “fTPM” has been enabled in the firmare, and I also tried all the possible combinations of the settings in the firmware which could seem anyhow pertinent (SCM etc).

The kernel is a custom-built one, simply stripped down to include statically all used devices/modules and drop the rest, compiled with -march=native as all the userland; no problem in rebooting with the GENERIC kernel, but I cannot imagine how it could help.

Should any additional information be useful to give me some advice just ask, the machine is there to experiment.

Thanks for any advice,

A.
Post by Andrea Cocito
Hi,
I’m trying to enable TPM support on a box in order to experiment a bit with it, but the driver does not seem to load and/or see the device.
In the firmware the “fTPM” option has been enabled, tried both with SCM enabled and disabled, basically I tried all the possible firmware options combinations with no success.
I have tpm_load=“YES” in /boot/loader.conf and also tried the hints suggested by the man page is /boot/device.hints

Preloaded elf obj module "/boot/kernel.old/geom_mirror.ko" at 0xffffffff8196d8c0.
Preloaded elf obj module "/boot/kernel.old/tpm.ko" at 0xffffffff8196dfb0.

tpm0 failed to probe at iomem 0xfffffffffed40000-0xfffffffffed44fff on isa0
tpm1 failed to probe at iomem 0xfffffffffed40000-0xfffffffffed40fff on isa0

I am all but an expert about TPM architecture (this is why I am willing to play with it), but as far as I understand AMD’s fTPM is a TPM2 built into the CPU, I have no idea on which bus it should be seen and how.
- Is AMD’s fTPM supported at all by the driver?
- Am I missing something very obvious?
I have been digging around for information quite a bit, but there does not seem to be much information around. Hope I am hitting the correct list (accept my apologies if it is not).
Thanks in advance for any advice.
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Daniel Engberg
2024-02-04 15:13:33 UTC
Permalink
Hi,

Given the commit history I don't think it's supported yet.

https://cgit.freebsd.org/src/log/sys/dev/tpm

Best regards,

Daniel
 Hello again,
 
 First thing: apologies for my email client messing up with charset encoding, hope is fixed now.
 
 Second, I add some detail/information.
 
 The machine is a bare metal on Hetzner, I do not have many details, it’s an AMD Ryzen 9 3900 12-Core/24-Threads toy with some motherboard using American Megatrends firmware; unfortunately I have very limited access to the console (one hour upon request
).
 
 As said the “fTPM” has been enabled in the firmare, and I also tried all the possible combinations of the settings in the firmware which could seem anyhow pertinent (SCM etc).
 
 The kernel is a custom-built one, simply stripped down to include statically all used devices/modules and drop the rest, compiled with -march=native as all the userland; no problem in rebooting with the GENERIC kernel, but I cannot imagine how it could help.
 
 Should any additional information be useful to give me some advice just ask, the machine is there to experiment.
 
 Thanks for any advice,
 
 A.
 
  
   Hi,
  
   I’m trying to enable TPM support on a box in order to
  experiment a bit with it, but the driver does not seem to load
  and/or see the device.
  
   In the firmware the “fTPM” option has been enabled, tried
  both with SCM enabled and disabled, basically I tried all the
  possible firmware options combinations with no success.
  
   I have tpm_load=“YES” in /boot/loader.conf and also tried the
  hints suggested by the man page is /boot/device.hints
  
   No way to have the tpm? device(s) appear, the best I achieved so
  
   

  
   Preloaded elf obj module "/boot/kernel.old/geom_mirror.ko" at
  0xffffffff8196d8c0.
  
   Preloaded elf obj module "/boot/kernel.old/tpm.ko" at
  0xffffffff8196dfb0.
  
   

  
   tpm0 failed to probe at iomem
  0xfffffffffed40000-0xfffffffffed44fff on isa0
  
   tpm1 failed to probe at iomem
  0xfffffffffed40000-0xfffffffffed40fff on isa0
  
   

  
   I am all but an expert about TPM architecture (this is why I am
  willing to play with it), but as far as I understand AMD’s fTPM
  is a TPM2 built into the CPU, I have no idea on which bus it
  should be seen and how.
  
  
   - Is AMD’s fTPM supported at all by the driver?
  
   - Am I missing something very obvious?
  
   I have been digging around for information quite a bit, but there
  does not seem to be much information around. Hope I am hitting the
  correct list (accept my apologies if it is not).
  
   Thanks in advance for any advice.
Andrea Cocito
2024-02-06 15:25:37 UTC
Permalink
Thanks for the reference,

Despite a long search I had not seen that thread; it’s a lot helpful as it can head me at the pertinent parts in the source.

I’ll try to take a look at the code.

A.
Post by Andrea Cocito
Hello again,
First thing: apologies for my email client messing up with charset encoding, hope is fixed now.
Second, I add some detail/information.
The machine is a bare metal on Hetzner, I do not have many details, it’s an AMD Ryzen 9 3900 12-Core/24-Threads toy with some motherboard using American Megatrends firmware; unfortunately I have very limited access to the console (one hour upon request
).
As said the “fTPM” has been enabled in the firmare, and I also tried all the possible combinations of the settings in the firmware which could seem anyhow pertinent (SCM etc).
The kernel is a custom-built one, simply stripped down to include statically all used devices/modules and drop the rest, compiled with -march=native as all the userland; no problem in rebooting with the GENERIC kernel, but I cannot imagine how it could help.
Should any additional information be useful to give me some advice just ask, the machine is there to experiment.
Thanks for any advice,
A.
I have previously made an attempt but got nowhere: https://lists.freebsd.org/archives/freebsd-hackers/2023-June/002334.html
cheers,
Johannes
Post by Andrea Cocito
Hi,
I’m trying to enable TPM support on a box in order to experiment a bit with it, but the driver does not seem to load and/or see the device.
In the firmware the “fTPM” option has been enabled, tried both with SCM enabled and disabled, basically I tried all the possible firmware options combinations with no success.
I have tpm_load=“YES” in /boot/loader.conf and also tried the hints suggested by the man page is /boot/device.hints


Preloaded elf obj module "/boot/kernel.old/geom_mirror.ko" at 0xffffffff8196d8c0.
Preloaded elf obj module "/boot/kernel.old/tpm.ko" at 0xffffffff8196dfb0.


tpm0 failed to probe at iomem 0xfffffffffed40000-0xfffffffffed44fff on isa0
tpm1 failed to probe at iomem 0xfffffffffed40000-0xfffffffffed40fff on isa0


I am all but an expert about TPM architecture (this is why I am willing to play with it), but as far as I understand AMD’s fTPM is a TPM2 built into the CPU, I have no idea on which bus it should be seen and how.
- Is AMD’s fTPM supported at all by the driver?
- Am I missing something very obvious?
I have been digging around for information quite a bit, but there does not seem to be much information around. Hope I am hitting the correct list (accept my apologies if it is not).
Thanks in advance for any advice.
Loading...