Difference between revisions of "Intel GM45 TPM device iTPM INTC0102"
m |
|||
(3 intermediate revisions by 2 users not shown) | |||
Line 15: | Line 15: | ||
In recent [http://sourceforge.net/mailarchive/forum.php?thread_name=200811280943427180885&forum_name=tpmdd-devel discussion] on tpmdd-devel mailing list Seiji Munetoh [http://sourceforge.net/mailarchive/message.php?msg_name=f02dbbe70812012308n32dc9fd6hd1f04d3ef6e002b7%40mail.gmail.com suggested] a quick fix, and Colin Didier [https://www.grounation.org/index.php?post/2008/07/04/8-how-to-use-a-tpm-with-linux made] a [http://cybione.org/~cdidier/log/data/200812020841/itpm.diff patch] out of it. | In recent [http://sourceforge.net/mailarchive/forum.php?thread_name=200811280943427180885&forum_name=tpmdd-devel discussion] on tpmdd-devel mailing list Seiji Munetoh [http://sourceforge.net/mailarchive/message.php?msg_name=f02dbbe70812012308n32dc9fd6hd1f04d3ef6e002b7%40mail.gmail.com suggested] a quick fix, and Colin Didier [https://www.grounation.org/index.php?post/2008/07/04/8-how-to-use-a-tpm-with-linux made] a [http://cybione.org/~cdidier/log/data/200812020841/itpm.diff patch] out of it. | ||
+ | |||
+ | Note, however, that '''tpm_tis''' has to be compiled as a module and unloaded before suspend-to-disk, or it would freeze on wake-up. Suspend-to-ram seems to be OK, moreover if you unload '''tpm_tis''' before suspend-to-ram and modprobe in after resume -- then [http://sourceforge.net/projects/trousers trousers] daemon will refuse to restart. To get trousers run again, you have to either reboot or suspend-to-disk/wake-up. | ||
+ | |||
+ | ==Notes== | ||
+ | The above-mentioned patch was merged into the kernel 2.6.33, and INTC0102 Intel TPM device works out of the box with the vanilla kernel. The only caveat is that the module '''tpm_tis''' has to be loaded with options | ||
+ | |||
+ | modprobe tpm_tis interrupts=0 force=1 itpm=1 | ||
+ | |||
+ | To make it happen automatically, you can create a file <tt>/etc/modprobe.d/tpm.conf</tt> containing | ||
+ | |||
+ | options tpm_tis interrupts=0 force=1 itpm=1 | ||
==Models== | ==Models== | ||
*{{X200}} | *{{X200}} | ||
+ | *{{X301}} |
Latest revision as of 21:26, 23 March 2010
INTC0102 Intel TPM device found in GM45 chipset is supposed to comply with TCG TPM 1.2 specifications, and thus be taken care of by tpm_tis kernel module. Unfortunately, it does not. After loading this module
modprobe tpm_tis interrupts=0 force=1
and mounting securityfs
mount -t securityfs none /sys/kernel/security
it is possible to read the files
/sys/kernel/security/tpm0/ascii_bios_measurements /sys/kernel/security/tpm0/binary_bios_measurements
but no further communication with the TPM device seems to be possible.
In recent discussion on tpmdd-devel mailing list Seiji Munetoh suggested a quick fix, and Colin Didier made a patch out of it.
Note, however, that tpm_tis has to be compiled as a module and unloaded before suspend-to-disk, or it would freeze on wake-up. Suspend-to-ram seems to be OK, moreover if you unload tpm_tis before suspend-to-ram and modprobe in after resume -- then trousers daemon will refuse to restart. To get trousers run again, you have to either reboot or suspend-to-disk/wake-up.
Notes
The above-mentioned patch was merged into the kernel 2.6.33, and INTC0102 Intel TPM device works out of the box with the vanilla kernel. The only caveat is that the module tpm_tis has to be loaded with options
modprobe tpm_tis interrupts=0 force=1 itpm=1
To make it happen automatically, you can create a file /etc/modprobe.d/tpm.conf containing
options tpm_tis interrupts=0 force=1 itpm=1