ATA Trusted commands-How to set libata allow_tpm

11,741

Solution 1

If you want to change allow_tpm permanently tell grub doing so by adding libata.allow_tpm=1 to GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub. For example:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash libata.allow_tpm=1"

Afterwards run sudo update-grub and reboot.

Solution 2

I tried this for CentOs 7: Uefi Boot

Add kernel flag: libata.allow_tpm=1

I tried this for CentOs 7 : Uefi Boot & it worked like charm:

Edit /etc/default/grub
Add GRUB_CMDLINE_LINUX_DEFAULT="quiet splash libata.allow_tpm=1"
Save it
Run command: grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg or for non-uefi OS grub2-mkconfig -o /boot/grub2/grub.cfg
systemctl reboot
cat /proc/cmdline you see as below

BOOT_IMAGE=/vmlinuz-3.10.0-957.27.2.el7.X86_64 root=/dev/mapper/centos-root ro crashkernel=autord.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quite splash libata.allow_tpm=1

11,741

tdQuang

Updated on June 22, 2022

Comments

tdQuang 11 months

I want to send trusted send/trusted receive to my hard drive. I found this page: ATA Trusted commands in Linux. (Thanks you ephemient and Dmitry Obukhov).

For now, my trouble is how to set libata allow_tpm = 1. I'm using Ubuntu 13.10. My code is same as Dmitry Obukhov (It works perfectly for Identify and all other commands, but not for trusted commands.)

After looking in another side, these are what I did:

- In BIOS, set AHCI mode.

In terminal:

- sudo dmesg -c:
   [    0.157207] SCSI subsystem initialized.
   [    0.157209] ACPI: bus type ATA registered.
   [    0.157236] libata version 3.00 loaded.
   [    0.878999] ahci 0000:00:1f.2: AHCI 0001.0300 32 slots 6 ports 6
   Gbps 0x3 impl SATA mode.
   [    0.887125] ata1: SATA max UDMA/133 abar m2048@0xf7c16000 port
   0xf7c16100 irq 41.
   [    0.887127] ata2: SATA max UDMA/133 abar m2048@0xf7c16000 port
   0xf7c16180 irq 41.
   [    1.205449] ata2: SATA link up 3.0 Gbps (SStatus 123 SControl
   300).
   [    1.205477] ata1: SATA link up 3.0 Gbps (SStatus 123 SControl
   300).
   [    1.206127] ata2.00: supports DRM functions and may not be fully
   accessible.
   [    1.206131] ata2.00: ATA-8: ST500LT025-1A5142, 0001SDM7, max
   UDMA/133.
   [    1.206133] ata2.00: 976773168 sectors, multi 1: LBA48 NCQ (depth
   31/32).
   [    1.206159] ata1.00: supports DRM functions and may not be fully
   accessible.
   [    1.206163] ata1.00: ATA-8: ST500LT025-1A5142, 0001SDM7, max
   UDMA/133.
   [    1.206165] ata1.00: 976773168 sectors, multi 1: LBA48 NCQ (depth
   31/32).
- systool -a -v -m libata
  Module = "libata"
  Attributes:
    uevent              = <store method only>
    version             = "3.00"
  Parameters:
    acpi_gtf_filter     = "7"
    allow_tpm           = "0"
    ata_probe_timeout   = "0"
    atapi_an            = "0"
    atapi_dmadir        = "0"
    atapi_enabled       = "1"
    atapi_passthru16    = "1"
    dma                 = "7"
    fua                 = "0"
    ignore_hpa          = "0"
    noacpi              = "0"
    zpodd_poweroff_delay= "30"
- sudo nano /etc/modprobe.d/local.conf.
  Add this line: options libata allow_tpm=1
- sudo nano /boot/grub/menu.lst.
  Add this line: combined_mode=libata
- sudo update-initramfs -u&& sudo update-grub2

After reboot, I run systool -a -v -m libata again, nothing change with allow_tpm. What should I do to change allow_tpm?

Jesus H almost 6 years

I got an error trying to modify and save this file (yes, with root privilege). If this fails, try the /etc/default/grub method.
ededed over 1 year

If you don't use GRUB, look for the relevant file and edit it - more boot loader configurations here : wiki.archlinux.org/title/Kernel_parameters#systemd-boot