2
Trusted boot (Tboot), an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution
Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM
(http://sourceforge.net/projects/tboot
, http://www.bughost.org/repos.hg/tboot.hg).
Launch Control Policy (LCP) is a verification mechanism used to verify the Intel TXT ‘verified launch
processes. Based on the criteria/choice defined in the Platform Default (PD) policy set by the Platform
Supplier (PS) or the Platform Owner (PO) policy set by the owner, the LCP determines whether the
current platform configuration or environment meets the requirements and can be launched.
System Requirements
• Trusted Platform Module (TPM 1.2), TXT and Virtualization Technology (VT) supported chipset (vPro
platforms).
• TPM – Locked, Enabled and Activated, VT- Enabled, TXT- Enabled (discussed in next section)
BIOS TXT Settings
Enter BIOS Setup by pressing F10 during POST and execute the following steps:
1. Go to Security Æ Setup BIOS Administrator Password to enter the BIOS administrator
password.
2. Go to Security Æ TPM Embedded Security Æ Embedded Security Device State Æ
Enabled
3. Go to System Configuration Æ Device Configurations Æ Virtualization Technology
Æ Enabled
4. Go to System Configuration Æ Device Configurations Æ SATA Native Mode Æ IDE
(optional)
5. (Note: If you expect to use RAID option at some point in the future, then it is advisable to use
AHCI/RAID option instead of IDE. Switching from IDE to AHCI/RAID will result in “Kernel Panic”
message and makes it impossible to boot to Fedora unless you switch the SATA option back to
IDE)
6. Save settings and exit F10 and reboot.
Enter BIOS setup by pressing F10 during POST, execute the following steps:
1. Go to System Configuration Æ Device Configurations Æ TXT Technology Æ Enabled
2. Save settings and exit F10 and reboot.
Fedora Installation
1. Download the image of Fedora 7/8 and burn it on DVD.
2. Start the Fedora installation. If you see any “Kernel Panic –” message or if the installation hangs,
try adding “acpi=off” as kernel arguments (hit tab) at the grubloader.
3. At the “Disk Partitioning Setup” screen, select from the Drop down Menu, <Create custom Layout>,
press <Next>
4. Delete any existing partitions.
5. Next add 3 partitions as follows and Press <Next>:
1
st
: mount Point: "/boot", file type = ext3, size = 400
2
nd
: file type: swap, size = 2048
3
rd
: mount point = “/”, file type = ext3, size = fill to max
To Next Page
Loading...
Need help?
General
