How to check if TPM2.0 is owned and if TPM is enabled in Ubuntu 16.04?

Question

Is there any command to check if TPM2.0 is owned (i.e., ownership is taken) and if TPM is enabled on Ubuntu 16.04?

For TPM1.2 this was possible with

cat /sys/class/tpm/tpm0/device/owned

We are using TPM2.0, Intel TXT, Ubuntu 16.04 and DL380Gen10 server

whether the ownership has taken for the TPM2.0 or not. For TPM1.2 we can check by using #cat /sys/class/tpm/tpm0/device/owned. — Venkata Ramana, Jan 29 '19 at 11:10

score 0 · Answer 1 · edited Jun 18 '21 at 09:55

To check if a TPM1.2 is owned, enabled and active execute the following commands

cat /sys/class/tpm/tpm0/device/owned
cat /sys/class/tpm/tpm0/device/enabled
cat /sys/class/tpm/tpm0/device/active

For some reason I never found a TPM2.0 disabled or disactived. To check if a TPM2.0 is owned:

tpm2_getcap properties-variable | grep ownerAuthSet

Also, if you have owner set, maybe you have to check if your TPM2.0 is in lockout mode:

tpm2_getcap properties-variable | grep inLockout

1 Answers1