Is this page helpful?

Updating the TPM Firmware#

Starting with version 26.03.1, the Trusted Platform Module (TPM) firmware is available as a separate component package. Complete the following steps to update the TPM firmware on a DGX B300 system.

  1. Download and extract the firmware archive.

  2. Verify the TPM package version.

    nvfwupd -t ip=<bmc-ip-address> user=<bmc-username> password=<bmc-password> \
  show_version -p <component-package.fwpkg>

    Confirm that the TPM row shows the installed version and the target package version (for example, 15.24).

  3. Create a TPM update JSON parameter file.

    echo '{}' > tpm_update.json

  4. Enable TPM support.

    TPM support is disabled by default. To verify the current state, run the following command:

    curl -k -u <bmc-username>:<bmc-password> -H "Content-Type: application/json" \
  -X GET -s https://<bmc-ip-address>/redfish/v1/Systems/DGX/Bios | jq .Attributes.TpmSupport

    Example output:

    "Disabled"

    Use one of the following methods to enable TPM support:

    • Redfish API

      curl -k -u <bmc-username>:<bmc-password> -H "Content-Type: application/json" \
  -X PATCH https://<bmc-ip-address>/redfish/v1/Systems/DGX/Bios/SD --header 'If-Match: *' -d '{"Attributes":{"TpmSupport":"Enabled"}}' | jq

    • SBIOS Setup

      1. Reboot the DGX B300 system.

      2. When the SBIOS version screen appears, press Del or F2 to enter the BIOS Setup Utility.

      3. Navigate to Security Device Support and set the value to Enabled.

  5. Run the TPM firmware update.

    nvfwupd -t ip=<bmc-ip-address> user=<bmc-username> password=<bmc-password> update_fw \
  -p <component-package.fwpkg> -y -s tpm_update.json

Checking the Current TPM Firmware Version#

Use one of the following methods to verify the installed TPM firmware version on the DGX B300.

Using the OS Console Command#

This method queries the TPM directly from the DGX B300 host operating system.

  1. Verify that tpm2-tools is installed.

    dpkg -l | grep tpm2-tools

    If the package is not installed, run the following command:

    sudo apt-get install tpm2-tools -y

  2. Query the TPM firmware version.

    tpm2_getcap properties-fixed 2>/dev/null | grep -i firmware

    Example output:

    TPM2_PT_FIRMWARE_VERSION_1: 0x000F0018
TPM2_PT_FIRMWARE_VERSION_2: 0x00000000

    TPM2_PT_FIRMWARE_VERSION_1 encodes the major version in the upper 16 bits and the minor version in the lower 16 bits. In this example, the version is 15.24 (0x000F = 15, 0x0018 = 24).

Using the SBIOS Setup#

Use this method to view TPM version information in the BIOS Setup Utility.

  1. Access the system console.

    Refer to Connecting to DGX B300.

  2. Access the SBIOS setup.

    1. Reboot the DGX B300 system.

    2. When the SBIOS version screen appears, press Del or F2 to enter the BIOS Setup Utility.

  3. Navigate to the TPM settings.

    From the main screen, select Advanced > Trusted Computing and press Enter.