2019年8月5日 星期一

How to provision TPM2.0 for TXT environment

How to provision TPM2.0 for TXT environment

Please get tools "TPM2ProvTool_20150909" "Client_TXT_Debug_ToolKit_20180625"

1.Boot into BIOS
2.Disable TXT
3.Boot to UEFI shell
4.Execute    (In TPM2ProvTool_20150909\PRE_PROD\COMMON)
  a.Define_AUX.nsh
  b.Define_PS.nsh
  c.Define_SGX.nsh
  d.Lock_PS2.nsh
5.Exit,  back to BIOS
6.Enable TXT, save&exit
7.Boot to UEFI shell
8.Execute "TXTINFO64" (In Client_TXT_Debug_ToolKit_20180625\EFI\txtinfo64)
If pass, you will see "System is in TXT environment"




------------------------------------------------------------------------
Another way:

1.Power on SUT
2.Boot into BIOS
3.Disable TPM/TXT/VT-D
4.Boot into EFI Shell
5.Select TPM2 Prov files
6.Use Basic Provisioning using the sample SHA256 definitions
a)For TXT indexes run Tpm2TxtProv.nsh SHA256 Example
b)If you need to create the platform owner index run Tpm2PoProv.nsh SHA256 Example
c)For the SGX index run Tpm2SgxiProv.nsh SHA256 Example
d)For the PPI index run Tpm2PpiProv.nsh SHA256 Example
7.Boot into BIOS again.
8.Enable TPM/TXT/VT-D
9.Boot to OS,and install tboot,tpm-tools packages
10. Tboot kernel configuration added to grub
11. Reboot and select tboot kernel

標籤:

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)

(TOP)Temp for soulin only

123