I've recently started learning about Intel® Trusted Execution Technology (Intel® TXT).
Most important learning: Server and Client TXT are NOT the same and ACM files and TPMs differ by generation and system class. For current Intel® TXT purposes,
- Clients are the Intel® Core™ i5/i7 and Xeon® E3 processors.
- Servers are the Xeon® E5/7 processors. Only on Linux.
- TPMs are usually either for client or server. Intel maintains a list of server-platforms (May 2014) that have the chipset, processor, TPM, and enabled BIOS to run Intel TXT. For Intel Server Boards, the TPM is listed in the product TPS on support.intel.com (usually AXXTPME3 for clients including single socket servers and AXXTPME5 for dual socket servers).
TPMs (usually physical although there are virtual iTPMs) come from multiple vendors and you must use the specific model(s) specified by the motherboard manufacturer. It is the OEM's responsibility to design TPM/TXT into their system, regardless of whether the TPM is already attached to the motherboard or can be added. Note: Intel TXT is just one function that relies on the TPM. The TPM can be used for drive encryption, authentication, and as a crypto provider as well as for the measured/verifed launch function. There is additional software provided by the TPM vendor (TPM SW Stack) and by the OS including interfaces into the TPM, e.g. Microsoft's TBS (TPM Base Services) or the Open Source tboot/tcs.d/the TCG software stack. It is with these software stacks that TPM 2.0 is not backward's compatible with 1.2.
Note: Intel Server TXT supports TPM's physically connected to the chipset via the LPC bus, not the i2c bus. With 2.0 there will be some support for TPMs on the SPI bus on servers.
Watch the Versions:
- TPM 1.x (mostly 1.2) was the standard for a long time. In 2014 vendors are starting to ship TPM 2.0, not backward compatible. You MUSTmatch the TPM to the vendor's system requirements.
- LCP (Launch Control policies) have a v1 and v2 and come in signed and unsigned. There's information on LCP in the tboot package under docs.
- Intel's AXXTPME3 comes in two versions - the v3 boards use the second (MM#922115).
SINIT ACM files: The SINIT binary is the unencrypted Intel signed ACM (Authenticated Code Module) built for a specific chipset/cpu combination. Intel's naming format is (platform)_SINIT_(v#).bin and most files can be found at SINIT ACM kits. These kits are the bin and usually a changelog and the error decoder. Both client and server kits are on this page.
BIOS ACM kits available from Intel Business Link (IBL) but require an NDA. These kits usually contain provisioning tools including .bat or efi files to read PS and AUX and their capabilities.
On Linux, there are NO kernel changes required for TXT other than making sure tboot is included.. Since Intel TXT doesn't trust the Linux driver's security, the TXT authenticated code module interfaces directly to the TPM. The system's OS/VMM vendor can give specific advice on what additional drivers, if any, are needed for a particular TPM or system.
Both client and server TXT on Linux use the Linux open source Trusted Boot (tboot) software, a, pre- kernel/VMM module which executes GetSec(Senter). And there are calls to launch policies (from TPM NVRAM) to verify the kernel. A discussion forum is also available there.
Instructions are available at multiple Linux sites including the Fedora Wiki.
Reading error codes - Error codes vary between client and server as well (to some degree) between generations of the processor.
The SINIT ACM kits released by Intel include a SINIT Error Code Document (PDF or TXT) that decodes the error codes that are thrown by the Intel components. If the error is thrown from the TPM, the error code can be decoded using the industry specifications or the "Error Code Cheat Sheet for the TPM 1.2" (search on the web) or by a list from your TPM Vendor.
For example: the error code 0xC03d0441
on a CLIENT Intel core i5-3470 processor (so 3rd generation i5/i7 ACM kit)
first decodes from the ACM kit doc to pointing to an error that is then defined in the 23:15 bits
and those bits (3D) decode from the TPM doc to "locality incorrect for the attempted operation."
Note if this occurs on a single socket server system, check it has the correct TPM.
Troubleshooting and Installation
- Especially on Linux servers, ensure that the system boots into the OS before the TPM/TXT are enabled.
- Verify the PCR's (platform config registers) are populating and that Measured launch equals True. Fedora Wiki. bottom of page, lists the PCRs.
- tboot produces a log that generally includes the error code (decode as above).
- For server installation see the Intel TXT Server Enabling Guide and How to Enable
Documentation: Intel publishes the Intel® TXT MLE Software Dev Guide and Intel employees have written books/ebooks on Intel TXT. (Check out Intel® TXT Books at Apress or other book/e-book vendors.)
There is additional documentation available under NDA. Contact your Intel field representative.