Software Archive
Read-only legacy content
17061 Discussions

LCP creation

Shankar_l_
Beginner
‎11-05-2015 02:51 AM
804 Views

Hi

I have tboot running on Intel Server board E5- 2658. I get txt measured launch as true and can see the populated pcrs values.

At the moment, I don't have any LCP in TPM. My Platform is using default policy i guess. 

I want to explore the option in LCP that what should happen when pcrs measurement fails i.e. system refuse to boot or boot with limited functionalities.

I checked one LCP script at https://raw.githubusercontent.com/yocum137/txt-oat/master/scripts/create-lcp-tboot-policy.sh ;

but I couldn't find the actions in the script about what happens when pcrs measurement fails.

Could anyone help to explore these options i,e. if there are pre-configured options or creating custom options?

P.S: I also have lcp generator tool from intel but again there are no instruction regarding the issue i discussed above.

0 Kudos

Link Copied

1 Reply
Gael_H_Intel
Moderator
‎11-16-2015 03:28 PM
804 Views

Hi - 

If the LCP doesn’t evaluate successfully, the platform will warm reset with an error code being reported in TXT.ERRORCODE at 0xfed30030.

Does this answer your question?

0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.