tpm2-tools icon indicating copy to clipboard operation
tpm2-tools copied to clipboard
verified publisher icon tpm2-software

Unable to read PCRs from TPM using tpm2_pcrread

Open EricLin0509 opened this issue 8 months ago • 2 comments

After I proceed a firmware upgrade, the TPM became unfunctional but It can still be detected, I tried running tpm2_pcrread and I got these result:

sudo tpm2_pcrread                   
  sha1:
  sha256:
    0 : 0x8DFEF476FDDABB23FC763C187840C54AD9229977D5A6463B37048CC2472F2EC4
    1 : 0x0000000000000000000000000000000000000000000000000000000000000000
    2 : 0x0000000000000000000000000000000000000000000000000000000000000000
    3 : 0x0000000000000000000000000000000000000000000000000000000000000000
    4 : 0x0000000000000000000000000000000000000000000000000000000000000000
    5 : 0x0000000000000000000000000000000000000000000000000000000000000000
    6 : 0x0000000000000000000000000000000000000000000000000000000000000000
    7 : 0x0000000000000000000000000000000000000000000000000000000000000000
    8 : 0x0000000000000000000000000000000000000000000000000000000000000000
    9 : 0x0000000000000000000000000000000000000000000000000000000000000000
    10: 0x0000000000000000000000000000000000000000000000000000000000000000
    11: 0x38D2047D0545F701A253005037BD1D1662E5F59388885F9E9443F38E2F23531E
    12: 0x0000000000000000000000000000000000000000000000000000000000000000
    13: 0x0000000000000000000000000000000000000000000000000000000000000000
    14: 0x0000000000000000000000000000000000000000000000000000000000000000
    15: 0xEF8C4340D67EF64A12D66E80A038134E872F60ABA5531E62085957C7247090D2
    16: 0x0000000000000000000000000000000000000000000000000000000000000000
    17: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    18: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    19: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    20: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    21: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    22: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    23: 0x0000000000000000000000000000000000000000000000000000000000000000
  sha384:
  sm3_256:

I found some PCRs couldn't read out, It's there any solutions?

EricLin0509 avatar Apr 29 '25 10:04 EricLin0509

  • What's the motherboard or computer model you have?
  • Can you tell what kind of TPM chip you have?
  • What's the BIOS/firmware version? Which version did you upgrade from and into what version?
  • Have you been in contact with the manufacturer support?
  • Have you tried to reset firmware configuration?
    • (Please, be careful that you do not lock yourself out if you choose to do this.)
  • Can you think of anything else you can tell about the problem?

Sinihopea avatar May 26 '25 10:05 Sinihopea

Which PCRs could not be read out ? Typically, the TPM only has only 1 hash alg active for pcrs. Initial values are sometimes 0000... and sometimes ffff... depending on the PCR number.

AndreasFuchsTPM avatar May 28 '25 14:05 AndreasFuchsTPM