Processors
Intel® Processors, Tools, and Utilities
14395 Discussions

Kaby Lake Boot Guard availability

pietrushnic
Novice
1,340 Views

Hi,

 

Is Boot Guard feature supported on following processors:

 

  • Intel Celeron 3865U,
  • Intel Core i3-7100U,
  • Intel Core i5-7200U?

 

Already checked the appropriate MSR, but returned all 0s, probably due to ACM not loaded. I would like to avoid spending time on ACM integration just to see whether Boot Guard can be enabled or not. The processor specifications on ARK lack the information about Boot Guard availability too.

0 Kudos
4 Replies
Alberto_R_Intel
Moderator
1,179 Views

pietrushnic, Thank you for posting in the Intel® Communities Support.

 

In order to provide the most accurate information to your inquiry, we will do further research on this matter, as soon as I get any updates I will post all the details on this thread.

 

Regards,

Alberto R.

 

Intel Customer Support Technician

A Contingent Worker at Intel

0 Kudos
Alberto_R_Intel
Moderator
1,179 Views

Hello pietrushnic, I just received an update on this matter.

 

In reference to your question, we can confirm that the Intel® Boot Guard feature is supported by Intel® Kaby Lake and 7th Generation families of Intel® Processors, as you can see in the link below, page 55:

https://www.intel.com/content/dam/www/public/us/en/documents/datasheets/7th-gen-core-family-mobile-h-processor-lines-datasheet-vol-1.pdf

 

The Intel® Celeron® Processor 3865U is Kaby Lake as you can confirm here:

https://ark.intel.com/content/www/us/en/ark/products/96507/intel-celeron-processor-3865u-2m-cache-1-80-ghz.html

 

Any questions, please let me know.

 

Regards,

Alberto R.

 

Intel Customer Support Technician

A Contingent Worker at Intel

0 Kudos
pietrushnic
Novice
1,179 Views

Hello Alberto,

 

I still have doubts about the support. The processors I have listed are Kaby Lake U, but the datasheet refers to Kaby Lake H products.

 

I have already tried to formally confirm the Boot Guard support as mentioned in Boot Guard BIOS Specification (ID: 557867), by reading the MSR described in section 5.2, however it returned all 0s. As described in section 3.5, I need the ACM to be loaded, otherwise this registers returns 0s. But I can't find the ACMs anywhere (was looking for it on platformsw.intel.com without success). Could you please point me to the ID of the Boot Guard ACMs for Kaby Lake?

 

I have also opened a ticket on the Intel Support (request ID 04492659).

 

0 Kudos
Alberto_R_Intel
Moderator
1,179 Views

Hi pietrushnic, Thank you very much for providing that information.

 

I checked the information showing on ticket 04492659, and I can see that there is an agent already working on your case, please keep checking that ticket for updates since they will try to provide all the information you requested about this topic in there.

 

Regards,

Alberto R.

 

Intel Customer Support Technician

A Contingent Worker at Intel

Reply