TPM Policy Record (Type 8) Rules

Record Types 8 is used by legacy Intel® TXT FIT boot only and is not needed if latter is not used.

1. There can be zero or one TPM Policy Record in the FIT.
2. Type 8 entry address field must contain an address accessible by the processor at reset vector.
3. The address field contains the TPM_​POLICY_​PTR structure (see section 4.8.1. This structure contains the address, where the TPM Policy information resided.
4. The version field is set to 0, if TPM_​POLICY_​PTR describes an Indexed IO type pointer. The version field is set to 1, if TPM_​POLICY_​PTR describes a flat memory pointer.
5. If indexed IO type pointer is used, the Address field holds a structure of the type INDEX_​IO_​ADDRESS. This structure contains the IO addresses of the index and data register, access width and position of the bit that holds the TPM policy.
6. If flat memory type pointer is used, the Address field holds a 64-bit memory address. The memory address should be within the low 4 GB of address space. Bit 0 at this address holds the TPM Policy.
7. The indexed IO location must be accessible at reset without any hardware initialization.
8. The TPM policy says whether TPM should be enabled or disabled. If TPM Policy == 0 the TPM should be disabled. If TPM Policy == 1 the TPM should be enabled.
9. The default setting is 1. In other words, if this structure is not present or is invalid, the Startup ACM will behave as if TPM Policy = 1.
10. The C_​V bit in this entry should be clear to 0.
11. The Size field is not used. BIOS should set this field to 0.

Table 4. Type 8 Record Structure

TPM Enabling Policy

typedef struct {

UINT16 IndexRegisterAddress;

UINT16 DataRegisterAddress;

UINT8 AccessWidthInBytes; // = 1 - 1-byte access;

// = 2 - 2-byte access

UINT8 BitPosition; // e.g. = 15 - Bit15

UINT16 Index;

} INDEX_​IO_​ADDRESS;

typedef union {

UINT64 FlatMemoryAddress;

INDEX_​IO_​ADDRESS IndexIo;

} TPM_​POLICY_​PTR;