Firmware Interface Table

BIOS Specification October 2022 Revision 1.4

Download as PDF
ID 599500
Date 10/01/2022
Intel Confidential
Document Table of Contents
Document Table of Contents
Legal Firmware Interface Table Introduction Summary of Key Requirements: FIT Pointer Firmware Interface Table
Legal
Firmware Interface Table Introduction
Summary of Key Requirements:
FIT Pointer
FIT Pointer FIT Pointer Rules
FIT Pointer Rules
Firmware Interface Table
Firmware Interface Table FIT Ordering Rules FIT Header (Type 0) Rules Microcode Update (Type 1) Rules Startup ACM (Type 2) Rules Diagnostic ACM (Type 3) Rules Platform Boot Policy (Type 4) Rules FIT Reset State (Type 6) Rules BIOS Startup Module (Type 7) Rules TPM Policy Record (Type 8) Rules BIOS Policy Data Record (Type 9) Rules Intel® TXT Policy Data Record (Type 0xA) Rules Key Manifest Record (Type 0xB) Rules Boot Policy Manifest (Type 0xC) Rules Intel® CSE Secure Boot (Type 0x10) Rules Vendor Authorized Boot Provisioning Table (Type 0x1A) Rules Vendor Authorized Boot Key Manifest (Type 0x1B) Rules Vendor Authorized Boot Image Manifest (Type 0x1C) Rules Vendor Authorized Boot Image Descriptors (Type 0x1D) Rules SACM Debug Record (Type 0x2C) Rules Feature Policy Record (Type 0x2D) Rules Granular SCRTM Error Record (Type 0x2E) Rules
FIT Ordering Rules
FIT Header (Type 0) Rules
Microcode Update (Type 1) Rules
Startup ACM (Type 2) Rules
Diagnostic ACM (Type 3) Rules
Platform Boot Policy (Type 4) Rules
FIT Reset State (Type 6) Rules
BIOS Startup Module (Type 7) Rules
TPM Policy Record (Type 8) Rules
BIOS Policy Data Record (Type 9) Rules
Intel® TXT Policy Data Record (Type 0xA) Rules
Key Manifest Record (Type 0xB) Rules
Boot Policy Manifest (Type 0xC) Rules
Intel® CSE Secure Boot (Type 0x10) Rules
Vendor Authorized Boot Provisioning Table (Type 0x1A) Rules
Vendor Authorized Boot Key Manifest (Type 0x1B) Rules
Vendor Authorized Boot Image Manifest (Type 0x1C) Rules
Vendor Authorized Boot Image Descriptors (Type 0x1D) Rules
SACM Debug Record (Type 0x2C) Rules
Feature Policy Record (Type 0x2D) Rules
Granular SCRTM Error Record (Type 0x2E) Rules
Legal
Firmware Interface Table Introduction
Summary of Key Requirements:
FIT Pointer
Firmware Interface Table

Granular SCRTM Error Record (Type 0x2E) Rules

Granular SCRTM Error Record allows OEMs enabling CBnT to do “best effort” to measure the KM, BPM, IBB and policy data into PCR0 in the case of an integrity error. This record is only valid for BTGP0 / TXT enabled, as integrity errors will result in BTG enforcement. This record is optional; default behavior for integrity errors results in CBnT ACMs not starting the TPM.

ACM will verify the contents of this record only when an integrity error is found. If this record cannot be verified, ACM will fall back to default PCR0 handling (not starting the TPM at all).

  1. There can be zero or one Granular SCRTM Error Records in the FIT. Additional type 0x2E entries will be ignored by the ACM.
  2. The address field points to the Backup IBB address. This address must be 16b aligned, and within accessible range for ACM. Current allowed ranges are (4GB-16MB) to (4GB – 1).
  3. The size field indicates the size of the Backup IBB address. This size field must be within reasonable values. Current allowed ranges as (4KB-16MB).
  4. Address + size must be under (4GB –1) and above (4GB – 16MB).
  5. The Version field should be set to 0x0100.
  6. The C_​V bit in this entry should be clear.