Intel® Trusted Execution Technology (Intel® TXT)
For questions and discussion on Intel® Trusted Execution Technology
19 Discussions

Intel TXT and UEFI compatibility

agold
Beginner
‎11-18-2020 05:59 PM
2,138 Views

Hi,

I've been working on a UEFI bootloader that leverages Intel TXT. So far I'm able to boot into my MLE without issue. However I need to be able to use UEFI's protocols and boot services within the MLE. This means I have to restore some of the UEFI machine state (GDT, IDT, Page Tables, etc.) after entering the MLE.

For the most part this seems to work fine up to the point where I need to call UEFI's ExitBootServices. Doing so causes the display to turn off and the machine to reset after a few seconds. It doesn't seem to cause any fault that I'm able to catch with exception handlers.

I've tried restoring additional machine state like other control registers and MSRs, VT-d settings, and using the DPR instead of PMRs but none of these seem to affect the behavior.

The processor is an Intel Core i5-8365U. The TXT device ID is 0x1B0088086 and I'm using the SINIT module loaded by the BIOS.

0 Kudos

Link Copied

0 Replies
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.