| 00 |
Intel CPU |
✅ |
|
|
| 01 |
Weybridge or later |
✅ |
|
|
| 02 |
CPU supports TXT |
✅ |
|
|
| 03 |
TXT register space accessible |
✅ |
|
|
| 04 |
CPU supports SMX |
✅ |
Document 558294 Revision 2.0 |
5.4.2 GETSEC Capability Control |
| 05 |
CPU supports VMX |
✅ |
|
|
| 06 |
IA32_FEATURE_CONTROL |
✅ |
Document 558294 Revision 2.0 |
5.4.1 Intel TXT Opt-In Control |
| 07 |
TXT not disabled by BIOS |
✅ |
Document 558294 Revision 2.0 |
5.4.1 Intel TXT Opt-In Control |
| 08 |
BIOS ACM has run |
✅ |
Document 315168-017 |
B.1.6 TXT.SPAD – BOOTSTATUS |
| 09 |
IBB is trusted |
✅ |
Document 315168-017 |
B.1.6 TXT.SPAD – BOOTSTATUS |
| 10 |
TXT registers are locked |
✅ |
|
|
| 11 |
IA32 debug interface is disabled |
✅ |
|
|
| 12 |
TPM connection |
✅ |
|
|
| 13 |
TPM is present |
✅ |
|
|
| 14 |
TPM NVRAM is locked |
✅ |
Document 558294 Revision 2.0 |
5.6.3.1 Failsafe Hash |
| 15 |
PS Index has correct config |
✅ |
Document 315168-017 |
I TPM NV |
| 16 |
AUX Index has correct config |
✅ |
Document 315168-017 |
I TPM NV |
| 17 |
AUX Index has the correct hash |
✅ |
Document 315168-017 |
I TPM NV |
| 18 |
PO Index has correct config |
✅ |
Document 315168-017 |
I TPM NV |
| 19 |
PS index has valid LCP Policy |
✅ |
Document 315168-017 |
D.3 LCP_POLICY_LIST |
| 20 |
PO index has valid LCP Policy |
✅ |
Document 315168-017 |
D.3 LCP_POLICY_LIST |
| 21 |
PCR 0 is set correctly |
✅ |
Document 558294 Revision 2.0 |
BIOS Startup Module (Type 0x07) Entry |
| 22 |
NPW mode is deactivated in PS policy |
✅ |
Document 558294 Revision 2.0 |
4.1.4 Supported Platform Configurations |
| 23 |
TXT mode is valid |
✅ |
Document 558294 Revision 2.0 |
5.6.2 Autopromotion Hash and Signed BIOS Policy |
| 24 |
Valid FIT vector |
✅ |
Document 599500 Revision 1.2 |
3.0 FIT Pointer |
| 25 |
Valid FIT |
✅ |
Document 599500 Revision 1.2 |
4.0 Firmware Interface Table |
| 26 |
Microcode update entry in FIT |
✅ |
Document 599500 Revision 1.2 |
4.4 Startup ACM (Type 2) Rules |
| 27 |
BIOS ACM entry in FIT |
✅ |
Document 599500 Revision 1.2 |
4.4 Startup ACM (Type 2) Rules |
| 28 |
IBB entry in FIT |
✅ |
Document 599500 Revision 1.2 |
4.6 BIOS Startup Module (Type 7) Rules |
| 29 |
BIOS Policy entry in FIT |
✅ |
|
|
| 30 |
IBB covers reset vector |
✅ |
Document 599500 Revision 1.2 |
4.6 BIOS Startup Module (Type 7) Rules |
| 31 |
IBB covers FIT vector |
✅ |
Document 599500 Revision 1.2 |
4.6 BIOS Startup Module (Type 7) Rules |
| 32 |
IBB covers FIT |
✅ |
|
|
| 33 |
IBBs doesn't overlap each other |
✅ |
Document 599500 Revision 1.2 |
4.6 BIOS Startup Module (Type 7) Rules |
| 34 |
BIOS ACM does not overlap IBBs |
✅ |
Document 599500 Revision 1.2 |
4.6 BIOS Startup Module (Type 7) Rules |
| 35 |
IBB and BIOS ACM below 4GiB |
✅ |
Document 558294 Revision 2.0 |
2.2 FIT Pointer Rules |
| 36 |
TXT not disabled by LCP Policy |
✅ |
Document 315168-017 |
B.1.6 TXT.SPAD – BOOTSTATUS |
| 37 |
BIOSACM header valid |
✅ |
Document 315168-017 |
A.1 Authenticated Code Module Format |
| 38 |
BIOSACM size check |
✅ |
Document 315168-017 |
A.1 Authenticated Code Module Format |
| 39 |
BIOSACM alignment check |
✅ |
Document 315168-017 |
A.1.1 Memory Type Cacheability Restrictions |
| 40 |
BIOSACM matches chipset |
✅ |
Document 315168-017 |
2.2.3.1 Matching an AC Module to the Platform |
| 41 |
BIOSACM matches processor |
✅ |
Document 315168-017 |
2.2.3.1 Matching an AC Module to the Platform |
| 42 |
SINIT/BIOS ACM has no NPW flag set |
✅ |
Document 558294 Revision 2.0 |
4.1.4 Supported Platform Configurations |
| 43 |
SINIT ACM supports used TPM |
✅ |
Document 315168-017 |
4.1.4 Supported Platform Configurations |
| 44 |
TXT heap ranges valid |
✅ |
Document 315168-017 |
B.1 |
| 45 |
TXT public area reserved in e820 |
✅ |
Document 558294 Revision 2.0 |
5.5.3 Intel TXT Public Space |
| 46 |
TXT private area reserved in e820 |
✅ |
Document 558294 Revision 2.0 |
5.5.2 Intel TXT Private Space |
| 47 |
TXT memory reserved in e820 |
✅ |
Document 558294 Revision 2.0 |
5.5.4 Intel TPM Decode Area |
| 48 |
MMIO TPMDecode space reserved in e820 |
✅ |
Document 558294 Revision 2.0 |
5.5.4 TPM Decode Area |
| 49 |
TXT memory in a DMA protected range |
✅ |
Document 315168-017 |
1.11.1 DMA Protected Range (DPR) |
| 50 |
TXT DPR register locked |
✅ |
Document 315168-017 |
1.11.1 DMA Protected Range (DPR) |
| 51 |
CPU DPR equals hostbridge DPR |
✅ |
Document 315168-017 |
B 1.15 TXT.DPR – DMA Protected Range |
| 52 |
CPU hostbridge DPR register locked |
✅ |
Document 315168-017 |
B 1.15 TXT.DPR – DMA Protected Range |
| 53 |
TXT region contains SINIT ACM |
✅ |
Document 315168-017 |
B 1.10 TXT.SINIT.BASE – SINIT Base Address |
| 54 |
SINIT ACM matches chipset |
✅ |
Document 315168-017 |
2.2.3.1 Matching an AC Module to the Platform |
| 55 |
SINIT ACM matches CPU |
✅ |
Document 315168-017 |
2.2.3.1 Matching an AC Module to the Platform |
| 56 |
SINIT ACM startup successful |
✅ |
|
|
| 57 |
BIOS DATA REGION present |
✅ |
Document 315168-017 |
C.2 BIOS Data Format |
| 58 |
BIOS DATA REGION valid |
✅ |
Document 315168-017 |
C.2 BIOS Data Format |
| 59 |
CPU supports MTRRs |
✅ |
Document 315168-017 |
2.2.5.1 MTRR Setup Prior to GETSEC[SENTER] Execution |
| 60 |
CPU supports SMRRs |
✅ |
|
|
| 61 |
SMRR covers SMM memory |
✅ |
|
|
| 62 |
SMRR protection active |
✅ |
|
|
| 63 |
IOMMU/VT-d active |
✅ |
Document 315168-017 |
1.11.2 Protected Memory Regions (PMRs) |
| 64 |
TXT server mode enabled |
✅ |
|
|
| 65 |
ACPI RSDP exists and has valid checksum |
✅ |
|
SINIT Class 0xC Major 1 |
| 66 |
ACPI MCFG is present |
✅ |
|
SINIT Class 0xC Major 0xa |
| 67 |
ACPI DMAR is present |
✅ |
|
SINIT Class 0xC Major 4 |
| 68 |
ACPI DMAR is valid |
✅ |
|
SINIT Class 0xC Major 5 |
| 69 |
ACPI MADT is present |
✅ |
|
SINIT Class 0xC Major 16 |
| 70 |
ACPI MADT is valid |
✅ |
|
SINIT Class 0xC Major 7 |
| 71 |
ACPI RSDT present |
❌ |
|
SINIT Class 0xC Major 2 |
| 72 |
ACPI RSDT is valid |
✅ |
|
SINIT Class 0xC Major 3 |
| 73 |
ACPI XSDT present |
✅ |
|
SINIT Class 0xC Major 9 |
| 74 |
ACPI XSDT is valid |
✅ |
|
SINIT Class 0xC Major 9 |
| 75 |
ACPI RSDT or XSDT is valid |
✅ |
|
5.2.8 Extended System Description Table (XSDT) |