Supermicro X9 + TPM2.0

2021, July 17    

For the last few years I have ran the majority of my games in a virtual machine, using GPU pass-through on my Supermicro X9 system with a combination of Stream In Home Streaming (IHS). For the most part this works well, and has allowed me to stream games while I have been abroad (where internet speeds and latency have been good). Windows 10 has been the operating system of choice for a while now, with the VM powered on and off as required. With the soon-to-be released Windows 11 and the system requirements around Trusted Platform Modules (TPMs) it's changed things somewhat, as to upgrade you need a TPM2.0 module. What I thought would be a straightforward task turned out to be a futile effort, and a lesson in checking compatibility before you begin.


The Old TPM (1.2)

By random chance when I purchased my X9 server it had a TPM device already fitted. I hadn't used it at the time I had no real use for it, but I knew it was there and the system did recognise it. When I began this endeavour I didn't know what version the TPM device was, and the BIOS (at least on the X9's) doesn't make it clear. That said, I enabled the device and turned on TXT support, rebooting in to the hypervisor ready to check that it was operational. Two hours later (after a lot of head scratching and reading some online docs) I realised that the device I had only supports TPM1.2, and the hypervisor in question only supports TPM2.0. No bother at this point, a quick read of the vendor documentation detailed the exact product code I needed (AOM-TPM-9665V-S), and $50 later (thanks eBay) I had one on order that should fit nicely into the system.


The New TPM (2.0)

Once the new TPM module had arrived it was a quick process to get it fitted (a literal power-off, remove the old one, fit the new one, power it back on). Unfortunately that's where things became problematic. With the new device fitted the BIOS showed that a TPM was present but stated "SUPPORT TURNED OFF". I hadn't seen this before and it wasn't in the motherboard manual, so initially I thought it might need a restart and a potential flash to initialize it (this process is documented thankfully). As you need to sign an EULA with Supermicro to download the software for this I started writing an email to their support team, and while drafting it I found reference to an old KB article referencing the message from the BIOS. Unfortunately, this KB article stated that the X9 series of motherboards doesn't actually support TPM2.0 (bad news for me). I sent the email to their support team, and also asked if the KB article was correct or if things had changed.


The Dreaded Email

As expected, a response was received 48 hours later with the sentence I had dreaded:

    "Unfortunately, X9 motherboards do not support TPM2.0."

It would be easy to be frustrated over this, but realistically its a motherboard that is 10 years old and so its not a great surprise that it doesn't have support for later technology. If anything, its impressive that its still going strong after all this time. It might be possible to modify the BIOS to include newer modules to support the later TPM, but realistically this will likely result in a broken system. Sadly, there is to be no TPM2.0 module for this system, and no Windows 11 moving forward.


Future

For now my X9 server lives on, running virtual machines that require heavy-lifting (and heating the house in the winter). At some point it will be replaced with to something more powerful and more power-efficient, however for the time being it lives on. My plans for upgrading the GPU are no more, which is timely as a new case is due to arrive soon and will be used for this purpose (more on this in a later post).