On Tue, 2018-11-27 at 17:31 -0500, Ken Goldman wrote: > On 11/26/2018 2:15 PM, Michael Niewöhner wrote: > > Hi again, > > > > after some experiments I finally found a solution... > > There seems to be a bug in TPM2.0 firmware version (1.3.1.0) included in > > Lenovos > > UEFI image but they do not provide an update. > > > > I have extracted the firmware version 1.3.2.8 from Dell's XPS15 TPM2.0 > > firmware > > update and used this to replace the firmware in my Lenovo UEFI image. > > After flashing this version via UEFI Setup the TPM2.0 gets detected and now > > is > > fully working. WTF. > > > > For anyone having the same problem: binwalk, uefi-firmware-parser, uefipatch > > and > > flashrom are your friends ;-) > > Just to make sure I understand it, do I have this right? > > 1.3.2.8 is Nuvoton's TPM firmware. It was embedded in Dell's firmware > (UEFI?). You extracted it from Dell and inserted it into Lenovo. > (UEFI?). Then you flashed the TPM firmware. > Exactly. The Lenovo UEFI Setup has the ability to switch between TPM1.2 and TPM2.0 by flashing the appropriate Firmware. Lenovo has v1.3.1.0 for TPM in their latest P320 UEFI image. I dumped the SPI flash rom, replaced the firmware with UEFIPatch and flashed the image back. Then I had to select TPM1.2 to be able to reflash TPM2.0 firmware as a second step.
