I have a gigabyte motherboard, based on Intel Z97 chipset.
Equipped with an Intel Core i7 4Gen CPU (4770S) and DDR3 RAM.
I have run Windows 10 Pro 64 bit. All is fine here, except...
I can't use the TPM module (tried both the TPM1.2 or TPM2.0 models made by Gigabyte, that must be plugged on the motherboard's TPM header, with 20-1 pins).
The module is undetectable in Windows 10. Can't activate device security or BitLocker. Safe boot mode is enabled in BIOS, booting in UEFI mode (not legacy) with CSM disabled.
In Windows, Hyper-V is installed and enabled, HVCI is enabled, Device Guard and Driver Credential Guard are inbstalled and enabled.
Windows 10 reports now an "unknown" device integrity (in the Security center).
Windows 10 has been updated several times with new builds. But now it wants me to enable Bitlocker (and spams me every hour with a notification about it and sends me to the TPM activation wizard in TPM.MSC).
But cannot be activated at all. Always reports an error: no TPM module detected.
The TPM is detected in BIOS, but its state says "SUPPORT TURNED OFF" even when I set the "Security Device Support" option to "Enabled".
Gigabyte says that I should see other options to configure the TPM below this option, but I do not see them at all, and does not believe me when I say the BIOS reports this "SUPPORT TURNED OFF" (of course it is a message in their BIOS!). They have instructed me to try with another BIOS version, but all BIOS versions I have tried are failing to report that TPM support is effective.
It seems that the TPM is detected, then almost its Infineon chop immediately goes to "protection mode" and it becomes completely silent as long as it is powerd on.
I think this is an issue in the Intel Z97 chipset, or its connections on the motherboard (not effective on the TPM header where I plug the module), or that there may be missing components such as a pullup, or that this is an issue in the RESET signal pin, or that some other LPC devices (all part of the Intel MCH Z97 chipset) are incorectly managing the RESET.
Given that thje Infineon chip is very sensitive to the RESET procedure. It is only transiently enabled then disabled. I suspect incorrect timing, or absence of a pullup resistor on this pin which causes too many intermittent RESET* signals to be propagated.
Can this be a hardware defect or a BIOS/EFI driver defect, or an Intel driver defect for Windows 10 ?
Motherboard: Gigabyte Z97X-UD3H
Chipset: Intel Z97
BIOS: F10c (latest, was not published on the Gigabyte site, but proposed by the Gigabyte support, downloaded from their site)
CPU: Intel Core i7 4th Gen [4770S, Haswell] @3.9GHz (4 cores, 8 threads )
OS: Windows 10 Pro (64 bit), with Hyper-V enabled, HVCI enabled, Device Guard enabled and running, Credential Guard enabled and running, but can't get "device integrity" enabled in Windows, and no issue reported in "SFC/SCANNOW" or "DISM/ONLINE/SCANHEALTH".
I've run the Intel drivers detection tools, all is OK too.
The GC-TPM2.0 module from Gigabyte (I also tried their older TPM 1.2, and other similar 20-1 pin models using the same Infineon chip, made by Asus):
What can be the cause that the TPM fails to be recognized or initialized properly by the BIOS?
Note: all other devices on the LPC bus (most of them integrated inside the Intel Z97 Southbridge) are working without problem (keyboard, mouse, HD audio, interrupt controlers, real time clock...)
I have asked to Gigabyte since months. They don't help me. I ask it here because it could be within an EFI driver (inside the flash BIOS), or a problem of Intel drivers on Windows (notably for the Intel LPC bus driver: this driver is signed by Intel)
I had the Microsoft support, they don't have any solution as well. The error they detect is something they've not encountered.
But many users of Z97-based motherboards (various brands, from Gigabyte, MSI, HP, and Lenovo) have the same problem: they can't activate TPM as well for Windows.
Can this be a defect in some series of Z97 southbridges? Or the effect of an old specification for OEM integrators (without erratas published later by Intel)? Is there a fix for that? For me it's an old hidden defect, without any solution.
Note that I had an excellent support from Intel, in this forum, for the integrated graphics (HD4600) for the same motherboard (an advisory to update intel drivers because of a severe CVE issue in last december: the needed driver was still not published on the Intel site and has been added just today: it was forgotten in the Intel advisory, and the new driver for 4th Gen Core processors was not listed and not found by the Intel driver assistant)
What is or isn't in the BIOS is Gigabyte's responsibility. There are no documented issues with the Z97 chipset's LPC implementation (silicon or driver) that I can find. Unlike the processor, which you purchased separately and thus has a separate warranty from Intel, your chipset came as part of your motherboard and thus your warranty (if indeed you even have one any longer) is from your motherboard manufacturer (i.e. it is also Gigabyte's responsibility). There is zero chance that Gigabyte would have shipped a board with a feature that simply did not work. You need to work with them and determine what has happened in the intervening time.
Wow. The hidden defect is a legal requirement that Gigabyte does not want to honor.
They don't believe me and give me instructions about BIOS settings and images that do not even match what *THEIR* BIOS is displaying.
Definitely my motherboard does not have the EFI module in the BIOS that was shipped with their motherboard. And it's impossible to activate it. They shipped me with some unknown BIOS that does not have the EFI module required (and that is not updated by BIOS updates).
I can make no progress at all (their BIOS was dated 2014, I've waited for a solution since many months). Now I absolutely need TPM support and can't use it. They sold me two TPM modules, none of them are working. It is NEVER reqcognized in their UEFI BIOS, whose support for TPM was never shipped.
(In fact the BIOS also was looks like it was a preproduction version, because it does not even contain the unique machine ID "To be filled by OEM" is used in all fields, and TPM support was VOLUNTARILY disabled by them).
Their motherboard was then incorrectly prepared in their Chinese manufactory. And Gigabyte doesn't want to do anything about that: TPM was supposed to be part of the product (in fact I checked this when purchasing it for going from Windows 7 to Windows 10) but has never been integrated correctly.
YES this is a hidden defect.