Asahi Linux progress report

Posted Mar 13, 2021 5:55 UTC (Sat) by Cyberax (✭ supporter ✭, #52523)
In reply to: Asahi Linux progress report by ledow
Parent article: Asahi Linux progress report

Microsoft has a very serious stake in keeping Windows Server secure, so a TPM requirement is a good idea and it costs pretty much nothing for the server-class hardware.

It simply won't work for foreseeable future on commodity hardware, because TPM chips are not standard and are not present on a lot of hardware. My brand-new gaming PC doesn't have one, for example.

Asahi Linux progress report

Posted Mar 15, 2021 0:28 UTC (Mon) by zlynx (guest, #2285) [Link] (1 responses)

Pretty much any CPU made in the last three years supports "fTPM" which is implemented via the secure compute element in the CPU itself. That goes for Intel and AMD Ryzen.

Asahi Linux progress report

Posted Mar 15, 2021 1:21 UTC (Mon) by mjg59 (subscriber, #23239) [Link]

Not quite - the Intel implementation runs on the ME, which is on the chipset for non-SoC devices. AMD's implementation is on the PSP, which *is* on the CPU package. But yes, assuming the system vendor has wired it up, you don't need a physical TPM for TPM functionality these days. In some ways, it's even preferable - the LPC bus that discrete TPMs are attached to is extremely easy to interpose, which is far less true for fTPMs.