Ubuntu
grub2 package

  1. Bug #1848892
  2. Comment #9

Comment 9 for bug 1848892

Revision history for this message
Mark Rijckenberg (markrijckenberg) wrote :

I have followed this troubleshooting procedure:

1) Booted to Windows 10 to install newest tpm firmware for my HP EliteBook 820 G4
 laptop using HP TPM Configuration Utility.
2) Booted to Ubuntu 19.10 (kernel 5.3.0-18-generic) with Secureboot enabled and TPM disabled
3) Purged and uninstalled all grub* packages (Yes, I know, pretty dangerous :-)
4) Only reinstalled following grub packages

~>apt list --installed|grep grub

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

grub-common/eoan,now 2.04-1ubuntu12 amd64 [installed,automatic]
grub-customizer/eoan,now 5.1.0-1 amd64 [installed]
grub-efi-amd64-bin/eoan,now 2.04-1ubuntu12 amd64 [installed,automatic]
grub-efi-amd64-signed/eoan,now 1.128+2.04-1ubuntu12 amd64 [installed]
grub-gfxpayload-lists/eoan,now 0.7 amd64 [installed,automatic]
grub-pc-bin/eoan,now 2.04-1ubuntu12 amd64 [installed,automatic]
grub-pc/eoan,now 2.04-1ubuntu12 amd64 [installed,automatic]
grub2-common/eoan,now 2.04-1ubuntu12 amd64 [installed]
grub2-splashimages/eoan,eoan,now 1.0.1+nmu1 all [installed]
grub2-themes-ubuntu-mate/eoan,eoan,now 0.3.7 all [installed]
grub2-themes-ubuntustudio/eoan,eoan,now 0.2 all [installed]
grub2/eoan,now 2.04-1ubuntu12 amd64 [installed]

5) Ran sudo update-grub2
6) Updated Ubuntu kernel to signed kernel version 5.3.0-19-generic

7) In UEFI, disabled SecureBoot and enabled TPM 2.0.

8) Successfully rebooted into Ubuntu 19.10 with TPM 2.0 enabled and SecureBoot disabled

~>dmesg | grep -i tpm
[ 0.000000] efi: ACPI=0xd9ffe000 ACPI 2.0=0xd9ffe014 TPMFinalLog=0xd9f76000 SMBIOS=0xd9765000 SMBIOS 3.0=0xd9763000 MEMATTR=0xd5f3c018 ESRT=0xd9766b18
[ 0.016058] ACPI: SSDT 0x00000000D9FEC000 0003B3 (v02 HPQOEM Tpm2Tabl 00001000 INTL 20160422)
[ 0.016061] ACPI: TPM2 0x00000000D9FEB000 000034 (v03 HPQOEM EDK2 00000002 01000013)
[ 4.129890] tpm_tis MSFT0101:00: 2.0 TPM (device-id 0x1B, rev-id 16)
~> uname -a
HP-EliteBook-820-G4 5.3.0-19-generic #20-Ubuntu SMP Fri Oct 18 09:04:39 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
$ ls -la /lib/modules/`uname -r`/kernel/drivers/char/tpm
total 172
drwxr-xr-x 3 root root 4096 Okt 22 10:58 .
drwxr-xr-x 9 root root 4096 Okt 22 10:58 ..
drwxr-xr-x 2 root root 4096 Okt 22 10:58 st33zp24
-rw-r--r-- 1 root root 11737 Okt 18 10:17 tpm_atmel.ko
-rw-r--r-- 1 root root 11697 Okt 18 10:17 tpm_i2c_atmel.ko
-rw-r--r-- 1 root root 16473 Okt 18 10:17 tpm_i2c_infineon.ko
-rw-r--r-- 1 root root 22721 Okt 18 10:17 tpm_i2c_nuvoton.ko
-rw-r--r-- 1 root root 22177 Okt 18 10:17 tpm_infineon.ko
-rw-r--r-- 1 root root 17017 Okt 18 10:17 tpm_nsc.ko
-rw-r--r-- 1 root root 11617 Okt 18 10:17 tpm_tis_spi.ko
-rw-r--r-- 1 root root 17361 Okt 18 10:17 tpm_vtpm_proxy.ko
-rw-r--r-- 1 root root 14585 Okt 18 10:17 xen-tpmfront.ko
$ ps -aux|grep tpm_dev
root 140 0.0 0.0 0 0 ? I< 12:52 0:00 [tpm_dev_wq]
$ ls -lart /sys/class/tpm/tpm0/
total 0
drwxr-xr-x 2 root root 0 Okt 22 13:22 ppi
drwxr-xr-x 2 root root 0 Okt 22 13:22 power
lrwxrwxrwx 1 root root 0 Okt 22 13:22 device -> ../../../MSFT0101:00
-r--r--r-- 1 root root 4096 Okt 22 13:22 dev
-rw-r--r-- 1 root root 4096 Okt 22 2019 uevent
lrwxrwxrwx 1 root root 0 Okt 22 2019 subsystem -> ../../../../../class/tpm
drwxr-xr-x 3 root root 0 Okt 22 2019 ..
drwxr-xr-x 4 root root 0 Okt 22 2019 .

* The command sudo tpm2_nvlist gives lots of output

However, I haven't succeeded in enabling Secureboot and TPM 2.0 at the same time.... On my laptop, I have to choose to either enable Secureboot or enable TPM 2.0, not both.