283877 – Trusted Platform Module driver fails to initialize firmware TPM

Bug 283877 - Trusted Platform Module driver fails to initialize firmware TPM

Summary: Trusted Platform Module driver fails to initialize firmware TPM

Status:	Open

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	14.1-RELEASE
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	freebsd-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2025-01-06 03:57 UTC by Brett
Modified:	2025-01-19 15:49 UTC (History)
CC List:	2 users (show)

See Also:	193578

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brett 2025-01-06 03:57:12 UTC

Opening a new bug as suggested in Bug 193578, since this TPM problem still persists.

The TPM driver fails to load on two of my computers: an HP Z440 and a Dell Latitude E7450.  The HP has a firmware TPM 2.0 and the Dell has TPM 1.2.  I am not sure if the Dell's TPM is firmware or hardware, yet additional exploration suggests that it is firmware as well.


HP Z440:

FreeBSD 14.1-RELEASE-p5

(/dev/tpm0 does not appear)

tpm0: <Trusted Platform Module> iomem 0xfed40000-0xfed44fff on acpi0
tpm: device 0x001a15d1 rev 0x10
WARNING: Device "tpm" is Giant locked and may be deleted before FreeBSD 15.0.

Specs:
Intel(R) Xeon(R) CPU E5-2640 v4 @ 2.40GHz
Microarchitecture:   Broadwell
Technology:          14nm
Cores:               10 cores (20 threads)
AVX:                 AVX,AVX2
FMA:                 FMA3
L1i Size:            32KB (320KB Total)
L1d Size:            32KB (320KB Total)
L2 Size:             256KB (2.5MB Total)
L3 Size:             25MB



Dell Latitude E7450:

FreeBSD 14.1-RELEASE-p6

(neither /dev/tpm nor /dev/tpm0 appears)

tpm2: <Trusted Platform Module> on acpi0
device_attach: tpm2 attach returned 6
tpm2: <Trusted Platform Module> on acpi0
device_attach: tpm2 attach returned 6
tpm2: <Trusted Platform Module> on acpi0
device_attach: tpm2 attach returned 6
tpm2: <Trusted Platform Module> on acpi0
device_attach: tpm2 attach returned 6

Specs:
Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
Microarchitecture:   Broadwell
Technology:          14nm
Cores:               2 cores (4 threads)
AVX:                 AVX,AVX2
FMA:                 FMA3
L1i Size:            32KB (64KB Total)
L1d Size:            32KB (64KB Total)
L2 Size:             256KB (512KB Total)
L3 Size:             3MB

Comment 1 Mark Johnston freebsd_committer

2025-01-10 21:09:42 UTC

Are you able to test with a 15.0-CURRENT snapshot?  I see some commits to the TPM driver which might be relevant, that aren't (yet) in the stable/14 branch.

Comment 2 Brett 2025-01-11 01:36:40 UTC

I tested 15.0-CURRENT on the Dell Latitude E7450, but the error was still present.  I did not try this on my HP Z440 since it is my production machine.

Comment 3 Mark Johnston freebsd_committer

2025-01-17 16:19:17 UTC

It looks a bit like tpm_request_locality() is failing when called from tpm_tis12_init().  There are some debug prints there, unfortunately gated behind #ifdef TPM_DEBUG.  If you're able to compile your own kernel, it'd be useful to define TPM_DEBUG at the top of tpm.c and recompile.

Comment 4 Brett 2025-01-19 15:49:15 UTC

Using my Dell E7450, I uncommented the "define TPM_DEBUG" line and compiled my version of the GENERIC kernel.  The only change I made was to add "define TPM" to the kernel config.  However, the compile failed with the following lines:

/usr/src/sys/dev/tpm/tpm.c:863:45: error: format specifies type 'int' but the argument has type 'size_t' (aka 'unsigned long') [-Werror,-Wformat]
  863 |         printf("tpm_tis12_write: wrote %d byte\n", cnt);
      |                                        ~~          ^~~
      |                                        %zu
/usr/src/sys/dev/tpm/tpm.c:1197:48: error: format specifies type 'int' but the argument has type 'ssize_t' (aka 'long') [-Werror,-Wformat]
 1197 |         printf("tpmread: len %d, io count %d\n", len, uio->uio_resid);
      |                                           ~~          ^~~~~~~~~~~~~~
      |                                           %zd
/usr/src/sys/dev/tpm/tpm.c:1203:51: error: format specifies type 'unsigned int' but the argument has type 'ssize_t' (aka 'long') [-Werror,-Wformat]
 1203 |                 printf("tpmread: bad residual io count 0x%x\n", uio->uio_resid);
      |                                                          ~~     ^~~~~~~~~~~~~~
      |                                                          %zx
/usr/src/sys/dev/tpm/tpm.c:1254:36: error: format specifies type 'int' but the argument has type 'ssize_t' (aka 'long') [-Werror,-Wformat]
 1254 |         printf("tpmwrite: io count %d\n", uio->uio_resid);
      |                                    ~~     ^~~~~~~~~~~~~~
      |                                    %zd


I made the requested changes to the printf statements, and the kernel compile completed successfully.  After rebooting, I did not find any debug statements from "sysctl -a" or "dmesg -a".  I even did a full shutdown so the laptop can boot cold, but that still did not produce any debug output.  Do note that in the /boot/device.hints file, I commented out the lines recommended by the tpm driver during my earlier troubleshooting.  When those were active, that was causing the "tpm2" in my initial bug report.  Now that those lines are not active, the output reports "tpm0".

sysctl -a | grep tpm
tpm0: <Trusted Platform Module> on acpi0
device_attach: tpm0 attach returned 6
tpm0: <Trusted Platform Module> on acpi0
device_attach: tpm0 attach returned 6
device  tpm
dev.tpm.%parent: 

dmesg -a | grep tpm
tpm0: <Trusted Platform Module> on acpi0
device_attach: tpm0 attach returned 6
tpm0: <Trusted Platform Module> on acpi0
device_attach: tpm0 attach returned 6