jackpot51
commented
4 years ago I was able to confirm bitlocker is working with this change, on the addw2. We may want to look into TPM init reliability. Some boots it isn't showing up.
Closed jackpot51 closed 4 years ago
jackpot51
commented
4 years ago I was able to confirm bitlocker is working with this change, on the addw2. We may want to look into TPM init reliability. Some boots it isn't showing up.
crawfxrd
commented
4 years ago We may want to look into TPM init reliability. Some boots it isn't showing up.
Any idea on how frequently this happens?
And is it just edk2's initialization? I've only seen coreboot fail to detect the TPM device on first boot after flashing.
jackpot51
commented
4 years ago Found another issue - bitlocker recovery key has to be entered if a firmware update wipes the NVRAM. If this only happens with the flash.sh script, and not with the EFI firmware update, I'm okay to ignore it.
jackpot51
commented
4 years ago Looks like any firmware updates cause this... and other vendors are affected
Suspending protection and then rebooting will make it work ok
Enables firmware attestation and Bitlocker