NetBSD Problem Report #56735
From www@netbsd.org Tue Mar 1 16:22:25 2022
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 588E21A9239
for <gnats-bugs@gnats.NetBSD.org>; Tue, 1 Mar 2022 16:22:25 +0000 (UTC)
Message-Id: <20220301162223.D74A11A923A@mollari.NetBSD.org>
Date: Tue, 1 Mar 2022 16:22:23 +0000 (UTC)
From: rnestor@mac.com
Reply-To: rnestor@mac.com
To: gnats-bugs@NetBSD.org
Subject: TPM in -current doesn't appear to manage the Security Device for successful boot
X-Send-Pr-Version: www-1.0
>Number: 56735
>Category: kern
>Synopsis: TPM in -current doesn't appear to manage the Security Device for successful boot
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Mar 01 16:25:00 +0000 2022
>Originator: Bob Nestor
>Release: -current, both 9.99.92 and 9.99.93
>Organization:
>Environment:
NetBSD 9.99.93 (GENERIC) #0: Sat Feb 26 15:04:39 UTC 2022
mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC
>Description:
On some systems, the HP 6200 MT being one, when the BIOS is configured to allow the "OS to Manage the Embedded Security Device" (TPM), NetBSD -current will claim/configure the device while booting but then will fail to complete booting. The first indication will be that a boot volume can't be found followed by a kernel crash. Versions of NetBSD that don't configure the TPM, such as NetBSD 9.2, boot successfully regardless of the BIOS setting.
Booting 9.2 shows:
TPM (IFX0102) at acpi0 not configured
Booting 9.99.93 shows:
tpm0 at acpi0 (TPM, IFX0102-1): mem 0xfed40000-0xfed44fff
tpm0: device 0x000b15d1 rev 0x10
tpm0: read 8 bytes, expected 10tpm0: deactivating entropy source
tpm0: ahcisata0 port 1: device present, speed: 3.0Gb/s
tpm0: deactivating entropy source
>How-To-Repeat:
Attempt to boot a -current kernel on a system like the HP 6200 with the BIOS set to allow the OS to Manage the Embedded Security Device.
>Fix:
As a temporary workaround, disable the BIOS option that allows the OS to Manage the Embedded Security Device.
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.