Feature Policy Record (Type 0x2D) Rules
- There can be zero or more Feature Policy Records in the FIT. If there are more than one, the meaning of each successive one’s bits is different from the others and will need to be defined.
- This policy record is used for ACM feature control purposes and will be built into both debug signed ACMs and production signed ACMs. This Record is used for communicating configuration information to the startup ACMs, which is unlikely to be changed by BIOS setup settings. For this reason, it is only allowed to be an MMIO record.
- The Feature Policy byte specifies changes in the normal operation of the ACMs according to the table below. (Refer to Table 5)
- The offsets in the table are hard-coded and the value of the bit position field in the Feature Policy Record is ignored.
- The default setting is as, if 0 is read for the byte. In other words, if this structure is not present or is invalid, the ACMs will behave as if Feature Policy byte = 0.
- The Version field should be set to 0x0100.
- The C_V bit in this entry should be clear.
Table 5. Feature Policy Bit Definition
Bit(s) | BIOS ACM | Function |
32-2 | N/A | Reserved. These bits are currently ignored by the ACM. |
1 | BIOSACM | PCR policy: 0 – means ACM does hashing. Example: Do not use TPM2_PcrEvent command 1 – means TPM does hashing. Example: Do use TPM2_PcrEvent command |
0 | BIOSACM | FEATURE_POLICY_ALLOW_SMB_WRT. If set, skips the SMB_DIS_WRT check in the BIOSACM LockConfig calls. |