LCP creation

LCP creation

Hi

I have tboot running on Intel Server board E5- 2658. I get txt measured launch as true and can see the populated pcrs values.

At the moment, I don't have any LCP in TPM. My Platform is using default policy i guess. 

I want to explore the option in LCP that what should happen when pcrs measurement fails i.e. system refuse to boot or boot with limited functionalities.

I checked one LCP script at https://raw.githubusercontent.com/yocum137/txt-oat/master/scripts/create... 

but I couldn't find the actions in the script about what happens when pcrs measurement fails.

Could anyone help to explore these options i,e. if there are pre-configured options or creating custom options?

P.S: I also have lcp generator tool from intel but again there are no instruction regarding the issue i discussed above.

2 posts / 0 new
Last post
For more complete information about compiler optimizations, see our Optimization Notice.

Hi - 

If the LCP doesn’t evaluate successfully, the platform will warm reset with an error code being reported in TXT.ERRORCODE at 0xfed30030.

Does this answer your question?

Leave a Comment

Please sign in to add a comment. Not a member? Join today