Due to https://github.com/systemd/systemd/issues/28655 the TPM needs to be cleared if you want to reuse it for Linux. However due to firmware reasons I don't quite understand, could be a byproduct of the same firmware bug or it could be an unrelated technically of clearing the TPM, to clear it when the TPM is in this state you need to run tpm2_clear -c platform, after this regular tpm2_clear works just fine.
The solutions to this I see are either
A. Fixing the TPM firmware bug, I doubt this is possible tbh.
B. Adding a menu to clear the TPM from UEFI.
C. Adding documentation of this problem somewhere and the steps to fix it (outlined above).
I can do B or C if either those are deemed the correct solution.
crawfxrd
commented
3 days ago
Due to https://github.com/systemd/systemd/issues/28655 the TPM needs to be cleared if you want to reuse it for Linux. However due to firmware reasons I don't quite understand, could be a byproduct of the same firmware bug or it could be an unrelated technically of clearing the TPM, to clear it when the TPM is in this state you need to run
tpm2_clear -c platform, after this regulartpm2_clearworks just fine.The solutions to this I see are either
A. Fixing the TPM firmware bug, I doubt this is possible tbh. B. Adding a menu to clear the TPM from UEFI. C. Adding documentation of this problem somewhere and the steps to fix it (outlined above).
I can do B or C if either those are deemed the correct solution.