fwupdmgr security Host Security ID: HSI:1! (v2.0.16) HSI-1 ✔ SMM locked down: Locked ✔ BIOS firmware updates: Enabled ✔ Fused platform: Locked ✔ Supported CPU: Valid ✔ TPM empty PCRs: Valid ✔ TPM v2.0: Found ✔ UEFI bootservice variables: Locked ✔ UEFI platform key: Valid ✔ UEFI secure boot: Enabled
HSI-2 ✔ IOMMU: Enabled ✔ Platform debugging: Locked ✔ TPM PCR0 reconstruction: Valid ✘ SPI write protection: Disabled HSI-3 ✔ SPI replay protection: Enabled ✔ CET Platform: Supported ✔ Pre-boot DMA protection: Enabled ✔ Suspend-to-idle: Enabled ✔ Suspend-to-ram: Disabled HSI-4 ✔ SMAP: Enabled ✘ Processor rollback protection: Disabled ✘ Encrypted RAM: Not supported Runtime Suffix -! ✔ CET OS Support: Supported ✔ fwupd plugins: Untainted ✔ Linux kernel lockdown: Enabled ✔ Linux kernel: Untainted ✔ UEFI db: Valid ✘ Linux swap: Unencrypted This system has HSI runtime issues. » https://fwupd.github.io/hsi.html#hsi-runtime-suffix Host Security Events 2025-09-21 20:22:59: ✔ The UEFI certificate store is now up to date ➜ ~ sudo cat /sys/class/mei/mei0/fw_ver cat: /sys/class/mei/mei0/fw_ver: No such file or directory (os error 2) sudo tpm2_getcap properties-fixed TPM2_PT_FAMILY_INDICATOR: raw: 0x322E3000 value: "2.0" TPM2_PT_LEVEL: raw: 0 TPM2_PT_REVISION: raw: 0x8A value: 1.38 TPM2_PT_DAY_OF_YEAR: raw: 0x1C TPM2_PT_YEAR: raw: 0x7E5 TPM2_PT_MANUFACTURER: raw: 0x414D4400 value: "AMD" TPM2_PT_VENDOR_STRING_1: raw: 0x414D4400 value: "AMD" TPM2_PT_VENDOR_STRING_2: raw: 0x0 value: "" TPM2_PT_VENDOR_STRING_3: raw: 0x0 value: "" TPM2_PT_VENDOR_STRING_4: raw: 0x0 value: "" TPM2_PT_VENDOR_TPM_TYPE: raw: 0x1 TPM2_PT_FIRMWARE_VERSION_1: raw: 0x3005D TPM2_PT_FIRMWARE_VERSION_2: raw: 0x20005 TPM2_PT_INPUT_BUFFER: raw: 0x400 TPM2_PT_HR_TRANSIENT_MIN: raw: 0x6 TPM2_PT_HR_PERSISTENT_MIN: raw: 0x7 TPM2_PT_HR_LOADED_MIN: raw: 0x3 TPM2_PT_ACTIVE_SESSIONS_MAX: raw: 0x40 TPM2_PT_PCR_COUNT: raw: 0x18 TPM2_PT_PCR_SELECT_MIN: raw: 0x3 TPM2_PT_CONTEXT_GAP_MAX: raw: 0xFFFF TPM2_PT_NV_COUNTERS_MAX: raw: 0x0 TPM2_PT_NV_INDEX_MAX: raw: 0x800 TPM2_PT_MEMORY: raw: 0x6 TPM2_PT_CLOCK_UPDATE: raw: 0x1000 TPM2_PT_CONTEXT_HASH: raw: 0xC TPM2_PT_CONTEXT_SYM: raw: 0x6 TPM2_PT_CONTEXT_SYM_SIZE: raw: 0x100 TPM2_PT_ORDERLY_COUNT: raw: 0xFF TPM2_PT_MAX_COMMAND_SIZE: raw: 0x1000 TPM2_PT_MAX_RESPONSE_SIZE: raw: 0x1000 TPM2_PT_MAX_DIGEST: raw: 0x30 TPM2_PT_MAX_OBJECT_CONTEXT: raw: 0x9F0 TPM2_PT_MAX_SESSION_CONTEXT: raw: 0x14C TPM2_PT_PS_FAMILY_INDICATOR: raw: 0x322E3000 TPM2_PT_PS_LEVEL: raw: 0x0 TPM2_PT_PS_REVISION: raw: 0x105 TPM2_PT_PS_DAY_OF_YEAR: raw: 0x1C TPM2_PT_PS_YEAR: raw: 0x7E5 TPM2_PT_SPLIT_MAX: raw: 0x80 TPM2_PT_TOTAL_COMMANDS: raw: 0x6E TPM2_PT_LIBRARY_COMMANDS: raw: 0x6D TPM2_PT_VENDOR_COMMANDS: raw: 0x1 TPM2_PT_NV_BUFFER_MAX: raw: 0x400 TPM2_PT_MODES: raw: 0x1 value: TPMA_MODES_FIPS_140_2 This is for the Lenovo Ideapad Flex 5 14ABR8 with AMD Ryzen 7 7730U. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2118953 Title: FDE TPM error on amd and intel devices To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/2118953/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
