Win-Raid Forum (Drivers - Firmware - Modding) »
OS related Topics »
Windows 11 »
Cannot enable Intel PTT (TPM 2.0) at ASUS motherboard
Page 3 of 19
spoiler are hidden (
show)
#31 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by xiaolu
30.06.2021 14:03
Hi
I am trying to follow your guide unsuccessfully.
My motherboard is Asus Z170 PRO GAMING
My CPU is Intel Core-i5 6600K
Security Device Support is enabled by default, I verified it's enabled
0x452EB One Of: Security Device Support, VarStoreInfo (VarOffset/VarName): 0xEFD, VarStore: 0x1, QuestionId: 0x1D, Size: 1, Min: 0x0, Max 0x1, Step: 0x0 {05 91 5F 16 81 16 1D 00 01 00 FD 0E 10 10 00 01 00}
0x452FC One Of Option: Disable, Value (8 bit): 0x0 {09 07 67 16 00 00 00}
0x45303 One Of Option: Enable, Value (8 bit): 0x1 (default) {09 07 66 16 10 00 01}
0x4530A End One Of {29 02}
TPM Device Selection I have set to Firmware TPM
0x631AA One Of: TPM Device Selection, VarStoreInfo (VarOffset/VarName): 0x687, VarStore: 0x1, QuestionId: 0x27A4, Size: 1, Min: 0x0, Max 0x1, Step: 0x0 {05 91 4D 10 4E 10 A4 27 01 00 87 06 14 10 00 01 00}
0x631BB Default: DefaultId: 0x0, Value (8 bit): 0x0 {5B 06 00 00 00 00}
0x631C1 One Of Option: Discrete TPM, Value (8 bit): 0x0 {09 07 50 10 00 00 00}
0x631C8 One Of Option: Firmware TPM, Value (8 bit): 0x1 {09 07 4F 10 00 00 01}
0x631CF End One Of {29 02}
After restart and boot into windows, tpm.msc say I don't have it
Booting back into EFI and checking the value of 0x687 and it's Discrete TPM again
What could be the reason the value doesn't save?
What could I do?
Your help is much appreciated!
#32 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by theWillow
30.06.2021 14:35
Zitat von Husky im Beitrag #29
Hi, I'm new here ^_^
I have the same motherboard as the topic tittle Asus Z170A powered by an I7 6700K.
I need to unlock this hidden menu with TPM 2.0 options. But I have no idea how to do that, I tried to follow your tutorial, but as I'm not familiar with that I couldn't get any further. Can any of you guys who already made it to compile this modded BIOS so we can download it and just flash it like any other bios?
I downloaded the files from the link you posted, I made the bootable flashdrive with the uefi files you previous zipped, but when I type (during bios boot) setup_var 0x6A6 it says that command "setup_var" doesn't work. How can I create this "support setup_var command grub"?
Sorry to ask, but its the first time I see this modding thing so I know nothing. ^_^
Like maxdarksol said there is no modding the original BIOS or any flashing involved, we are just using GRUB and a command to toggle the invisible option on. But if you are having trouble I'll write in detail what I did.
First format your USB and create a directory /efi/boot/ and in boot folder put the bootx64.efi that you can download in the maxdarksol's original post.
Then go to BIOS and the Boot tab in the advanced view, find the Secure Boot option and change OS Type to Other OS and press F10 to save the settings, so you can boot from the USB you made:
After that you can go back into BIOS and the BOOT tab and select your USB from the list to boot from it:
And then you will boot to GRUB and just use the command line: "setup_var 0x6A6 0x1" (use this command only if you have an ASUS Z170-A board and see maxdarksol's original post to see how to find it for your board) and then type "exit", when you get back to the BIOS screen press escape on your keyboard and exit the BIOS. When you boot to Windows probably nothing changed yet (at least that was how it happened to me), so shut down the PC and power it on again, this time the PC powered off at start up by itself and powered on again and the settings have changed and when you boot to Windows you should have TPM 2.0 enabled. If this doesn't happen and the setting was reset try it again. You can just type "setup_var 0x6A6" to see which option is on ("0x0" is for dTPM, in this case no TPM and "0x1" for Intel's PTT)
Now you can change the OS Type back to UEFI again to enable secure boot and you should be done.
#33 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by Sylar76
30.06.2021 14:35
Did you boot in FULL UEFI mode ? (CSM Disabled)
#34 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by xiaolu
30.06.2021 14:40
Zitat von Sylar76 im Beitrag #33
Did you boot in FULL UEFI mode ? (CSM Disabled)
My CSM is disabled
#35 RE: RE:Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by itsakjt
30.06.2021 15:01
Thanks for the response. I tried it. However, security device support is already enabled (value is 0x1). When I set the TPM device selection (0x6A6) to 0x1, the PC power cycles but TPM does not get enabled. I am also unable to find Trusted computing after making the change.
#36 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by maxdarksol
30.06.2021 15:38
Zitat von xiaolu im Beitrag #34
Zitat von Sylar76 im Beitrag #33
Did you boot in FULL UEFI mode ? (CSM Disabled)
My CSM is disabled
I suggest you update ME firmware to the latest version,such as CSME 11.8 Consumer H D,A v11.8.86.3909
#37 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by xiaolu
30.06.2021 15:44
Zitat von maxdarksol im Beitrag #36
Zitat von xiaolu im Beitrag #34
Zitat von Sylar76 im Beitrag #33
Did you boot in FULL UEFI mode ? (CSM Disabled)
My CSM is disabled
I suggest you update ME firmware to the latest version,such as CSME 11.8 Consumer H D,A v11.8.86.3909
What is ME? How could I update that?
#38 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by maxdarksol
30.06.2021 15:54
#39 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by helmar
30.06.2021 16:07
Hi,
having a ASUS Z170-A Board and I followed the instructions at least 10 times.
But still no tpm is present in BIOS nor in Windows.
If I check the UEFI variable it's always 0x00.
After I set to 0x01 it's shown, but after reboot it's reseted to 0x00.
... gettin insane ;-)
#40 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by itsakjt
30.06.2021 16:26
Is it possible that in the ROG boards, the ME is actually causing the issue? I have the ME updated already from ASUS website for the Maximus VIII Ranger.
#41 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by helmar
30.06.2021 18:10
Hi,
I followed all you steps.
I've update ME to
Zitat von maxdarksol im Beitrag #38
CSME 11.8 Consumer H D,A v11.8.86.3909
and I now have a PCH-FW Menu in UEFI.
But If I change something there, it's reseted after reboot.
Also setting setup_var 0x6a6 0x1 is reseted after reboot.
Any idea, what I could try?
#42 RE: Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by itsakjt
30.06.2021 19:25
Found the reason I think. On my Maximus VIII Ranger, on running MEInfo, I get the following:
FPF ME
--- --
Force Boot Guard ACM Disabled Disabled
Protect BIOS Environment Disabled Disabled
CPU Debugging Enabled Enabled
BSP Initialization Enabled Enabled
Measured Boot Disabled Disabled
Verified Boot Disabled Disabled
Key Manifest ID 0x0 0x0
Enforcement Policy 0x0 0x0
PTT Disabled Enabled
PTT Lockout Override Counter 0x0
EK Revoke State Not Revoked
PTT RTC Clear Detection FPF 0x0
It seems PTT is disabled from the FPF (Field Programmable Fuses). Since they are hard flashed in the chipset during manufacturing, I have no idea if it possible to gain access to manufacturing mode and change the field without physically replacing the chipset.
I tried all the ME versions (11.6, 11.8.50.3399 (ASUS) and the latest 11.8.86.3909 (plutomaniac).
I think I am going to give up now unless anyone of you have any idea.
I am comfortable with modding my BIOS even if required as I have a flasher and the BIOS chip is socketed.
#43 RE: RE:Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by Flux1984
30.06.2021 20:36
I don't understand these instructions. I've downloaded the BIOS from Asus website, it's a .CAP file. The link you posted doesn't contain a file?! What tool are you using to do this?
#44 RE: RE:Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by Flux1984
30.06.2021 21:00
Zitat von maxdarksol im Beitrag #12
2.Using AMI setup IFR extractor in UBU to get configuration file offset
I don't understand what you mean by this. I have AMI, I think. (It says AFUWINGUI v5.14 at the top) . I have a CAP file from Asus.
Not sure what I'm supposed to do to find the offset? I have a Z170-P
#45 RE: RE:Cannot enable Intel PTT (TPM 2.0) at ASUS Z170-A by dvdandroid
30.06.2021 22:22
i have an asus z170p motherboard; i've used ubu to get the setup_extr.txt file
i can't find "TPM Device Selection" but i found this:
0x408B0 One Of: Device Select, VarStoreInfo (VarOffset/VarName): 0xF0A, VarStore: 0x1, QuestionId: 0x2A, Size: 1, Min: 0x0, Max 0x2, Step: 0x0 {05 91 97 16 9B 16 2A 00 01 00 0A 0F 10 10 00 02 00}
0x408C1 One Of Option: TPM 1.2, Value (8 bit): 0x0 {09 07 98 16 00 00 00}
0x408C8 One Of Option: TPM 2.0, Value (8 bit): 0x1 {09 07 99 16 00 00 01}
0x408CF One Of Option: Auto, Value (8 bit): 0x2 (default) {09 07 9A 16 10 00 02}
is it the same? so, will the command be like this: setup_var 0xf0a 0x1 ??
i am using legacy bios, may i have some issues?
is the "bootx64.efi" file you posted compatible with my motherboard?
if something happens i can always flash the default bios, right?
sorry, i am noob too
@Flux1984 this may help you too
