AMD on fTPM stutter issues
AGESA 1207 and newer will bring a fix to fTPM issues that have been reported by many users for months.
AMD has been relatively quiet on the fTPM (firmware trusted platform module) issues, while user reports have been accumulating ever since TPM become mandatory, but not strickly-enforced for Windows 11. The fTPM replaces the physical TPM with processor built-in key. However, as now confirmed by AMD, this feature was not working as indented.
Users have been reporting on stuttering issues related to enabling the fTPM on AMD Ryzen CPUs. AMD does not have a full and clean solution for this problem yet, however the company promises to release a BIOS update in the coming weeks.
AMD promises to work with their board partners to release a new firmware around May this year. A flashable update should be based on AGESA 1207 or newer.
Because May is still 2 months away, AMD is also providing a workaround that incorporates an idea of using dTPM (device trusted platform module), basically an external module often designed specifically for individual platforms (as shown below). Those typically sell for 50 to 100 USD, so they are definitely not cheap.
This means that people encountering those issues should either: disable fTPM and take the risk of using a less secure system, wait for AMD to fix the issue with the new BIOS, or buy an external TPM module.
Here’s how AMD is describing the problem:
AMD has determined that select AMD Ryzen™ system configurations may intermittently perform extended fTPM-related memory transactions in SPI flash memory (“SPIROM”) located on the motherboard, which can lead to temporary pauses in system interactivity or responsiveness until the transaction is concluded.
Update and Workaround
- Update: Affected PCs will require a motherboard system BIOS (sBIOS) update containing enhanced modules for fTPM interaction with SPIROM. AMD expects that flashable customer sBIOS files to be available starting in early May, 2022. Exact BIOS availability timing for a specific motherboard depends on the testing and integration schedule of your manufacturer. Flashable updates for motherboards will be based on AMD AGESA 1207 (or newer).
- Workaround: As an immediate solution, affected customers dependent on fTPM functionality for Trusted Platform Module support may instead use a hardware TPM (“dTPM”) device for trusted computing. Platform dTPM modules utilize onboard non-volatile memory (NVRAM) that supersedes the TPM/SPIROM interaction described in this article.
COMPATIBILITY: Please check with your system or motherboard manufacturer to ensure that your platform supports add-in dTPM modules before attempting or implementing this workaround.
WARNING: If switching an active system from fTPM to dTPM, it is critical that you disable TPM-backed encryption systems (e.g. BitLocker Drive Encryption) and/or back up vital system data prior to switching TPM devices. You must have full administrative access to the system, or explicit support from your IT administrator if the system is managed.