Date: Sun, 04 Feb 2024 16:13:33 +0100 From: Daniel Engberg <daniel.engberg.lists@pyret.net> To: Andrea Cocito <andrea@cocito.eu> Cc: freebsd-hackers@freebsd.org Subject: Re: TPM2 on AMD Rizen (fTPM) Message-ID: <d6c8cba2c9348e9fc226f83ef5662094@mail.infomaniak.com> In-Reply-To: <71AF606D-1685-43E5-9455-E1882EAECE96@cocito.eu> References: <51A26E14-9374-4B1A-9DA1-A9E2A2B4E2EA@cocito.eu> <71AF606D-1685-43E5-9455-E1882EAECE96@cocito.eu>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Hi, Given the commit history I don't think it's supported yet. https://cgit.freebsd.org/src/log/sys/dev/tpm Best regards, Daniel On 2024-02-04T14:43:03.000+01:00, Andrea Cocito <andrea@cocito.eu> wrote: > Hello again, > > First thing: apologies for my email client messing up with charset encoding, hope is fixed now. > > Second, I add some detail/information. > > The machine is a bare metal on Hetzner, I do not have many details, it’s an AMD Ryzen 9 3900 12-Core/24-Threads toy with some motherboard using American Megatrends firmware; unfortunately I have very limited access to the console (one hour upon request…). > > As said the “fTPM” has been enabled in the firmare, and I also tried all the possible combinations of the settings in the firmware which could seem anyhow pertinent (SCM etc). > > The kernel is a custom-built one, simply stripped down to include statically all used devices/modules and drop the rest, compiled with -march=native as all the userland; no problem in rebooting with the GENERIC kernel, but I cannot imagine how it could help. > > Should any additional information be useful to give me some advice just ask, the machine is there to experiment. > > Thanks for any advice, > > A. > >> On 3 Feb 2024, at 18:21, Andrea Cocito <andrea@cocito.eu> wrote: >> >> Hi, >> >> I’m trying to enable TPM support on a box in order to >> experiment a bit with it, but the driver does not seem to load >> and/or see the device. >> >> In the firmware the “fTPM” option has been enabled, tried >> both with SCM enabled and disabled, basically I tried all the >> possible firmware options combinations with no success. >> >> I have tpm_load=“YES” in /boot/loader.conf and also tried the >> hints suggested by the man page is /boot/device.hints >> >> No way to have the tpm? device(s) appear, the best I achieved so >> far on dmesg in a verbose boot is: >> >> … >> >> Preloaded elf obj module "/boot/kernel.old/geom_mirror.ko" at >> 0xffffffff8196d8c0. >> >> Preloaded elf obj module "/boot/kernel.old/tpm.ko" at >> 0xffffffff8196dfb0. >> >> … >> >> tpm0 failed to probe at iomem >> 0xfffffffffed40000-0xfffffffffed44fff on isa0 >> >> tpm1 failed to probe at iomem >> 0xfffffffffed40000-0xfffffffffed40fff on isa0 >> >> … >> >> I am all but an expert about TPM architecture (this is why I am >> willing to play with it), but as far as I understand AMD’s fTPM >> is a TPM2 built into the CPU, I have no idea on which bus it >> should be seen and how. >> >> So my questions are: >> >> - Is AMD’s fTPM supported at all by the driver? >> >> - Am I missing something very obvious? >> >> I have been digging around for information quite a bit, but there >> does not seem to be much information around. Hope I am hitting the >> correct list (accept my apologies if it is not). >> >> Thanks in advance for any advice. [-- Attachment #2 --] <div>Hi,<br></div><div><br></div><div>Given the commit history I don't think it's supported yet.<br></div><div><a href="https://cgit.freebsd.org/src/log/sys/dev/tpm" target="_blank" rel="noopener noreferrer" data-ik="ik-secure">https://cgit.freebsd.org/src/log/sys/dev/tpm</a><br></div><div><br></div><div>Best regards,<br></div><div>Daniel<br></div><div ><div><br></div></div><div><br></div><div class="ik_mail_quote answerContentMessage"><div>On 2024-02-04T14:43:03.000+01:00, Andrea Cocito <andrea@cocito.eu> wrote:<br></div><blockquote class="ws-ng-quote"><pre style="white-space: normal;"><div>Hello again,<br></div><div><br></div><div>First thing: apologies for my email client messing up with charset encoding, hope is fixed now.<br></div><div><br></div><div>Second, I add some detail/information.<br></div><div><br></div><div>The machine is a bare metal on Hetzner, I do not have many details, it’s an AMD Ryzen 9 3900 12-Core/24-Threads toy with some motherboard using American Megatrends firmware; unfortunately I have very limited access to the console (one hour upon request…).<br></div><div><br></div><div>As said the “fTPM” has been enabled in the firmare, and I also tried all the possible combinations of the settings in the firmware which could seem anyhow pertinent (SCM etc).<br></div><div><br></div><div>The kernel is a custom-built one, simply stripped down to include statically all used devices/modules and drop the rest, compiled with -march=native as all the userland; no problem in rebooting with the GENERIC kernel, but I cannot imagine how it could help.<br></div><div><br></div><div>Should any additional information be useful to give me some advice just ask, the machine is there to experiment.<br></div><div><br></div><div>Thanks for any advice,<br></div><div><br></div><div>A.<br></div><div><br></div><div><br></div><blockquote class="ws-ng-quote"><div> On 3 Feb 2024, at 18:21, Andrea Cocito <<a class="defaultMailLink" href="mailto:andrea@cocito.eu">andrea@cocito.eu</a>> wrote:<br></div><div> <br></div><div> Hi,<br></div><div> <br></div><div> I’m trying to enable TPM support on a box in order to experiment a bit with it, but the driver does not seem to load and/or see the device.<br></div><div> <br></div><div> In the firmware the “fTPM” option has been enabled, tried both with SCM enabled and disabled, basically I tried all the possible firmware options combinations with no success.<br></div><div> <br></div><div> I have tpm_load=“YES” in /boot/loader.conf and also tried the hints suggested by the man page is /boot/device.hints<br></div><div> <br></div><div> No way to have the tpm? device(s) appear, the best I achieved so far on dmesg in a verbose boot is:<br></div><div> …<br></div><div> Preloaded elf obj module "/boot/kernel.old/geom_mirror.ko" at 0xffffffff8196d8c0.<br></div><div> Preloaded elf obj module "/boot/kernel.old/tpm.ko" at 0xffffffff8196dfb0.<br></div><div> …<br></div><div> tpm0 failed to probe at iomem 0xfffffffffed40000-0xfffffffffed44fff on isa0<br></div><div> tpm1 failed to probe at iomem 0xfffffffffed40000-0xfffffffffed40fff on isa0<br></div><div> …<br></div><div> <br></div><div> I am all but an expert about TPM architecture (this is why I am willing to play with it), but as far as I understand AMD’s fTPM is a TPM2 built into the CPU, I have no idea on which bus it should be seen and how.<br></div><div> <br></div><div> So my questions are:<br></div><div> - Is AMD’s fTPM supported at all by the driver?<br></div><div> - Am I missing something very obvious?<br></div><div> <br></div><div> I have been digging around for information quite a bit, but there does not seem to be much information around. Hope I am hitting the correct list (accept my apologies if it is not).<br></div><div> <br></div><div> Thanks in advance for any advice.<br></div></blockquote></pre></blockquote></div><div><br></div>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d6c8cba2c9348e9fc226f83ef5662094>