28

I am getting the following error message as a list of 4 or 5 lines with differing numbers at the beginning of each line during boot for a long while:

ima: error communicating to tpm chip

I am using Ubuntu 19.04 (though this error was existing for a while at the older versions) and my computer is a Toshiba Z930.

BeastOfCaerbannog
  • 14,585
alpakyuz
  • 437
  • 1
  • 4
  • 7

7 Answers7

14

It is simple: just enable TPM from the BIOS setup.

To change the BIOS settings you can hit F2 during boot before Ubuntu starts. Please be sure not to change anything else if your computer is working properly.

BeastOfCaerbannog
  • 14,585
alpakyuz
  • 437
  • 1
  • 4
  • 7
  • hmm, im getting this same thing but not during boot. i see it in dmesg. The thing is, for me, I do not have an option to enable tpm in my UEFI settings – DPS Jan 07 '20 at 07:41
  • 5
    My bios even has no such setting... – Liker777 Mar 14 '20 at 12:56
  • 3
    Mine has no such setting either and it would be nice to resolve this. I don’t see the error often but the PC becomes completely unresponsive so frequently that powerIn it off, then back on makes it happen. – DonP Apr 02 '20 at 23:45
  • Mind that TPM stands for Trusted Platform Module. On my MSI motherboard UEFI bios, this setting was in: Advanced > Trusted Computing. – jeannej Sep 08 '20 at 17:15
  • my laptop has the option to enable/disable tpm it has absolutely no effect on this error,toshiba tecra 5 and ubuntu 22.04. – trond hansen May 17 '22 at 11:52
  • And if you don't have a TPM chip and don't want one? – Liam Proven May 18 '23 at 18:28
9

If you couldn't find TPM, it appears as Intel Platform Trust Technology in the Security section of the BIOS. I had to disable that setting in order to get rid of that error.

dilver
  • 91
  • 2
    FWIW disabling it in BIOS was what fixed the error for me as well, on an Intel NUC (it also was listed as "Intel Platform Trust Technology", and in my particular case was located in the Security tab > HDD Security Configuration subsection > Security Features link). – Doktor J Sep 25 '20 at 16:33
5

TPM may not be named clearly in the BIOS settings. In my BIOS, it definitely was not. The setting was initially disabled and required setting a password before it could be enabled. There was a sub-setting to allow the Operating System to make changes.

If you don't have a configuration password, check for security settings that are disabled and can not be changed. Try setting a password and enable the configuration.

BillThor
  • 4,698
  • In my case (HP Studio) what worked was disabling password in BIOS + fsck /dev/ with my os on it. – Tomachi Nov 28 '21 at 03:39
2

I had to boot into my motherboard Bios Setup by pressing esc to get into the Startup Menu then F10 to get into Computer setup or cut it short by pressing F10 before the OS boots up . After getting into the Bios Setup -and that primarily applies to my bios UI version and other similar ones- just

  1. Move to Security tab
  2. Navigate down to select the System Security menu option
  3. Another popup menu with the Embedded Security Device option would be most probably disabled.
  4. Escape back out of the menu then navigate up to Setup Password
  5. Set up a new password
  6. sway back to the Embedded Security Device to get it enabled.
  • Also make sure to enable all the options -or at least the one you want to enable- at the Device Security option .

Just as a side note, this error is somehow interconnected with Ata comreset failed (errno=-16). So if by any chance someone googled this otherwise different error message and landed on this page, then then this solution might resolve the issue at this particular case .

xquilt
  • 117
1

On my Lenovo Thinkpad T420,

  1. Hit the ThinkVantage button during bootup to enter BIOS.
  2. Hit F1 to enter BIOS.
  3. Go to Security
  4. Hit enter on Security Chip to drilldown.
  5. Set Security Chip to Active (Inactive was existing).
  6. Restart with "Exit Saving Changes".

This messages showed up after I did a Ubuntu 2x.xx update.

Lim Min Chien
  • 121
  • 4
0

For my NUC it showed up under "Devices and Peripherals > Onboard Devices > Legacy Device Configuration > Trusted Platform Module"

Peter
  • 381
0

Not always the BIOS gives you the options for TPM for granted. So on my Elitebook 8570P it is simply NOT possible to alter the TPM settings in any way. Of course you do not want the messages at the startup prompt during and in between the boot-splash. So you can do the following:

  1. In a terminal run:

    sudo nano /etc/default/grub

  2. Navigate with the arrow keys on your keyboard to the place where it says:

    quiet splash

    and change it to:

    quiet loglevel=0 splash

  3. Save the file and run:

    sudo update-grub

  4. Reboot and you will see that there are no messages anymore of the TPM error.

This tip is mostly for people who do not want to mess in the BIOS. Tested this on a HP Elitebook 8570P with Jammy Jellyfish fresh installed.

BeastOfCaerbannog
  • 14,585
Joris Donders
  • 1,184