I don’t know about the tpm and bios. Most UEFI bios I have looked at have the option under the security tab to disable tpm but of course I cannot see yours to know.
I did a quick search on how to prevent kernel modules from loading and found several links.
Based on those and on what I already knew you should be able to do sudo echo "blacklist tpm" > /etc/modprobe.d/blacklist-tpm.conf then reboot.
It may require that you also run sudo dracut --force to recreate the initramfs so the entry is available in the initrd image for the boot before the root file system is mounted.
Thank you for your answer, I’ve tried as you told me but after reboot I’ve the same problem,
I don’t how permanent add to /boot/grub2/grub.cfg :
rmmod tpm
for avoid that at every grub update that line is removed.
i have the same issue using ‘rmmod tpm’ works for me but it is not permanent ,i have to repeat it every time i booted… is there any way to make it permanent …
I see no other option than editing the file /boot/grub2/grub.cfg and add the command you would use to disable the tpm module in grub2. Disabling the linux module for tpm would have no effect as the linux kernel is not even loaded when the problem occurs.
Of course, running grub2-mkconfig would undo your edit, so keep that in mind.
Trusted Platform Module (TPM) is a chip used to store secret keys with default state being unknown, disabled, inactive. If you use a device with OS implemented with TPM, you need to clear it in BIOS or issue ‘tpm_clear -force’ command with information here : INFOSEC.
I’m not sure why blacklisting the Linux kernel’s tpm module has anything to do with grub’s tpm module in reference to Jeff V’s response, but it’s not correct in this particular issue.
The issue is in grub not supporting TPM 2.0 likely very well when enabled in UEFI System Settings. The more basic functional fix to this is actually relatively simple to fix.
In /etc/grub.d/ create 02_tpm with the contents:
#!/usr/bin/sh -e
echo "rmmod tpm"
and chmod +x it.
Run grub2-mkconfig -o /etc/grub2.cfg and your problem is mitigated for the time being. This is NOT a fix, just a mitigation for current issues with grub and TPM support specifically.
I wait a bug fix from Fedora team. Because update of BIOS is not resolved problem. Reset Secure Boot databases to factory state is resolved, but if I update DBX database, I get a this error. Thanks a lot!