Does Intel intend to make available the SINIT AC module for the 6th generation (Skylake) processors? If so, what is the release date planned?
I'm trying to get TXT working with RHEL 7 on a platform that has an Intel i7-4700EQ. I'm using the 4th-gen-i5-i7-sinit-75.zip that I downloaded from the Intel website. I'm also using Tboot 1.8.3. I'm fairly new to TXT so please keep that in mind.
I am trying to install EFI shell on bootable usb stick using intel's provided tools and following Intel's Bootable EFI disk Instructions guide.
but I am getting Write DBR and MBR failed error. Attached is the complete log.
Could someone from Intel provide contact information about Intel SGX SDK license, and how to get the SDK I asked this question on ISA extensions mailing-list, but did not get any reply, so trying this forum.
Given that SGX enabled CPUs are available on the market, if Intel wants startups to make use of this technology then please let people about the SDK, the licensing terms, and how one can get kernel drivers for Linux.
I have tboot running on Intel Server board E5- 2658. I get txt measured launch as true and can see the populated pcrs values.
At the moment, I don't have any LCP in TPM. My Platform is using default policy i guess.
I want to explore the option in LCP that what should happen when pcrs measurement fails i.e. system refuse to boot or boot with limited functionalities.
I have been trying to implement trusted boot feature in our server and testing it with the tools Intel provides (ServerTXTINFO, getsec64, and Serversecret).
But I am getting bunch of errors. txt-stat in my red hat terminal shows that secret and secret flag set = False but TXT Measured launch = True.
When I run getsec64.efi tool in EFI shell, I get error that System is already in TXT environment run getsec64 -l sexit
just a shortish question because I am a little baffled right now. I am programming a new MLE to be used with Intel TXT. We want to launch this within a running Linux (64Bit) - this should be perfectly possible afaik. I got most of it working, TXT is working (tboot would successfully boot on previous tests!), but now I get this error whenever I execute GETSEC[SENTER]: 0xC0000481.
I've been booting fine - created a new policy and now get the above error code - which appears to decode to Class C - Major error 8 - which appears to be an "Invalid RSDP" .
Since that's part of ACPI - I'm having a hard time figuring out what that really means?
I'm booting tboot to a 3.11.10 linux kernel and it is indeed booting and pcrs, including 17,18 and 19 are being extended. Perhaps I just don't understand the sequencing - the part that has me perplexed is where tboot goes into SENTER and then starts over again and succeeds - although SEXIT is never run - specifically this section. I guess my question is - why would it restart tboot?