Re: tpm_tis TPM2.0 not detected on cold boot

From: Mimi Zohar
Date: Mon Dec 31 2018 - 16:18:09 EST


On Sun, 2018-12-30 at 14:22 +0100, Michael NiewÃhner wrote:

> > difference is that on a cold boot, the TPM takes longer to initialize.
>
> Well, as I said. Waiting for 10, 20 or even 60 seconds in the boot manager does
> not solve the problem. So the problem is NOT that the TPM takes longer to
> initialize. Even adding a delay of 20 seconds before TPM init does not solve
> that while that should be more than enough time.

The purpose of commenting out the TPM2 selftest was to minimize the
TPM initialization delay, so that the TPM is ready before IMA. ÂAfter
James' patch that wasn't needed anymore.

Looking back at this thread, I see you're using systemd-boot, not
grub2. ÂWhen you commented out the systemd-boot timeout, IMA found the
TPM. ÂThe question is why isn't the TPM ready with the timeout before
IMA (like above)? ÂHas systemd-boot done the selftest?

Mimi