>From what I understood from the documentation in tboot, policy_v2.txt, you
>need three indexes defined in the TPM NVRAM:
1) The Platform Supplier (PS) policy in 0x50000001
2) The Platform Owner (PO) policy in 0x40000001
3) The verified launch policy in 0x20000001
The PS policy and PO policy formats are well documented in "Intel Trusted
Execution Technology, Software Development Guide". However, I did not see a
mention of the "verified launch policy" anywhere. It was not mentioned in the
book, "Intel Trusted Execution Technology for Server Platforms", for example.
I understand that it can be generated with the tool tb_polgen and I have looked
at the man pages, but I was wondering if there is more detailed documentation
on the verified launch policy.
Is the verified launch policy something tboot specific?
Can I setup a TXT-enabled system with a Platform Owner policy and without a
verified launch policy?
Thank you,
Safayet Ahmed,
Computer Engineer
GE Global Research
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
