Manualshelf

Trusted Execution Technology and Tboot Implementation

ManualsBrandsHP ManualsDesktopsHP EliteBook 6930p Notebook PC
12345678910
2
Launch Control Policy (LCP) is a verification mechanism used to verify the Intel TXT ‘verified
launchprocesses. Based on the criteria/choice defined in the Platform Default (PD) policy
set by the Platform Supplier (PS) or the Platform Owner (PO) policy set by the owner, the
LCP determines whether the current platform configuration or environment meets the
requirements and can be launched.
System Requirements
Trusted Platform Module (TPM 1.2), TXT and Virtualization Technology (VT) supported
chipset (vPro platforms).
TPM Locked, Enabled and Activated, VT- Enabled, TXT- Enabled (discussed in next
section)
BIOS TXT Settings
Enter BIOS Setup by pressing F10 during POST and execute the following steps:
1. Go to Security Setup BIOS Administrator Password to enter the BIOS administrator
password.
2. Go to Security TPM Embedded Security Embedded Security Device State
Enabled
3. Go to System Configuration Device Configurations Virtualization Technology
Enabled
4. Go to System Configuration Device Configurations SATA Native Mode IDE
(optional)
Note: If you expect to use RAID option at some point in the future, then it is advisable to
use AHCI/RAID option instead of IDE. Switching from IDE to AHCI/RAID will result in
“Kernel Panic” message and makes it impossible to boot to Fedora unless you switch the
SATA option back to IDE
5. Save settings and exit F10 and reboot.
Enter BIOS setup by pressing F10 during POST, execute the following steps:
1. Go to System Configuration Device Configurations TXT Technology Enabled
2. Save settings and exit F10 and reboot.
Fedora Installation
1. Download the image of Fedora 7/8 (64bit) and burn it on DVD.
2. Start the Fedora installation. If you see any “Kernel Panic ” message or if the installation
hangs, try adding “acpi=off” as kernel arguments (hit tab) at the grubloader.
3. At the “Disk Partitioning Setup” screen, select from the Drop down Menu, <Create
custom Layout>, press <Next>
4. Delete any existing partitions.
5. Next add 3 partitions as follows and Press <Next>:
1
st
: mount Point: "/boot", file type = ext3, size = 400
2
nd
: file type: swap, size = 2048
3
rd
: mount point = “/”, file type = ext3, size = fill to max
6. Don’t install boot loader password or select ‘configure advance boot loader options’.
Press <Next>