In data lunedì 16 novembre 2020 06:00:21 CET, L A Walsh ha scritto:
On 2020/11/12 17:49, mike wrote: You may be also interested to read: https://resources.infosecinstitute.com/topic/linux-tpm-encryption-initializi...
You use TPM in Linux typically to speed up HDD encryption of a SED (self encryption device e.g. Samsung SSD 860Pro, or to handle Software wise encryption with LUKS (here to speed up the calculus). If you do not use trusted grub (a particular version of the boot manager) or HDD SED, or LUKS for full disc encryption the error is likely due to some firmware error of the producer (BIOS) but not a problem for you. I have a ACPI error message since 2010 on my Lenovo Laptop, never cause major issues. You may however look if the BIOS of the mainboard is outdated, has a new version addressing the issue. Updating the BIOS is on you own risk and you should only do this if you really need it, feel comfortable about it and have performed a backup of you data. A BIOS update, although normally easy, can bear (depending on the routine the producer of the mainboard uses) the risk of "bricking" your PC. A hint why you should have always a backup, you have it here: https://security.stackexchange.com/questions/129006/what-happens-when-a-tpm-... If you use a tpm to encrypt your data instead of the chip on the SSD then you cannot decrypt your disk if your mainboard fails and has to be replaced. This can be a purpose (if you WANT it to be so, because e.g. stolen SSD shall not be usable in other location. AFAIK, the security offered by a tpm is however minor, so the disadvantage might outpace the advantage.