Processors
Intel® Processors, Tools, and Utilities
16334 Discussions

Intel TXT and UEFI compatibility

agold
Beginner
‎11-18-2020 04:57 PM
2,309 Views

Hi,

I've been working on a UEFI bootloader that leverages Intel TXT. So far I'm able to boot into my MLE without issue. However I need to be able to use UEFI's protocols and boot services within the MLE. This means I have to restore some of the UEFI machine state (GDT, IDT, Page Tables, etc.) after entering the MLE.

For the most part this seems to work fine up to the point where I need to call UEFI's ExitBootServices. Doing so causes the display to turn off and the machine to reset after a few seconds. It doesn't seem to cause any fault that I'm able to catch with exception handlers.

I've tried restoring additional machine state like other control registers and MSRs, VT-d settings, and using the DPR instead of PMRs but none of these seem to affect the behavior.

The processor is an Intel Core i5-8365U. The TXT device ID is 0x1B0088086 and I'm using the SINIT module loaded by the BIOS.

Labels (1)
Labels:
0 Kudos

Link Copied

2 Replies
AndrewG_Intel
Employee
‎11-19-2020 03:04 PM
2,279 Views

Hello @agold

Thank you for posting on the Intel® communities.


After checking this thread we noticed it seems to be related to Software Development so our recommendation is to review the Intel® Trusted Execution Technology (Intel® TXT) enabling guide:

https://software.intel.com/content/www/us/en/develop/articles/intel-trusted-execution-technology-intel-txt-enabling-guide.html 


If after reviewing the guide you still have questions then please post your inquiry on the Intel Software Development forum and similar ones:


Having said that, we will proceed to close this inquiry now. If you need any additional information, please submit a new question as this thread will no longer being monitored. Thank you for your understanding.


Best regards,

Andrew G.

Intel Customer Support Technician


0 Kudos
Copy link
agold
Beginner
‎11-19-2020 03:15 PM
2,275 Views
In response to AndrewG_Intel

I've read both the TXT enabling guide and the TXT Software Development Guide but I wasn't able to find a solution to this issue. The SDG doesn't specify how TXT is affected by/affects a UEFI environment.

I'll move this question over to the Software Products board.

Thanks

In response to AndrewG_Intel
0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.