• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
<Here is how to use Windows Security to Protect HP PCs Click here to view the instructions!
Check out our WINDOWS 11 Support Center info about: OPTIMIZATION, KNOWN ISSUES, FAQs, VIDEOS AND MORE.
Locked

‎06-19-2018 12:06 PM

HP Recommended
Product: Zbook / Elitebook
Operating System: Linux

I noticed that Intel has recentlly posted their 8th generation SINIT ACM (8th_gen_i5_i7-SINIT_76.bin). However when using tboot, HP Zbook G5s don't seem to be able to load it. Mine simply errors out and says SINIT AC module not provided. I also get errors about the SINIT module size... Can HP determine if this is a problem with the SINIT ACM that intel has posted, or their notebook?

 

Historically, it sometimes has taken HP a few bios updates before Intel TXT actually worked...so i thought I'd start there.

1 ACCEPTED SOLUTION

Accepted Solutions

‎10-24-2018 03:07 PM

HP Recommended

I thought I'd provide an update for those who run into this in the future.

 

I posted this issue to HP's security vulnerability site. HP investigated and found that the authentical code modules that Intel had on its web site did not match what HP's machines were expecting. HP worked with Intel and as of today new TXT ACMs are available at:

https://software.intel.com/en-us/articles/intel-trusted-execution-technology/

 

Looks like the issue is resolved now.

View solution in original post

Was this reply helpful? Yes No
2 REPLIES 2

‎06-20-2018 09:45 PM

HP Recommended

I've just debugged my problem and I don't know if it's mine, Intel's or the OEM's...

 

I have a mobile platform with an Intel 8350U processor. I believe that is classified as a Kaby Lake R processor, but it's called 8th gen. I've tried Intel TXT (using the same flow as I've always used) using the 8th generation SINIT ACM from Intel (8th_gen_i5_i7_SINIT_76.bin). According to the tboot logs, this ACM does not match my platform. So I tried the 7th generation ACM (7th_gen_i5_i7_SINIT_74.bin). It actually matches the platform, and goes a lot further... but even with a fresh TPM clear with no policy, the machine reboots when performing a GETSEC instruction. The error code seems to decode with a version mismatch.

 

The chipset ID of the platform is b006, which seems to match the 7th generation. That probably explains why it gets so much further... So since this 8th generation processor really uses 7th generation ACM, is there a versioning problem here? Is this an issue with Intel's ACM, HP's BIOS, or would my non-configuration be suspect...?

Thanks

Was this reply helpful? Yes No

‎10-24-2018 03:07 PM

HP Recommended

I thought I'd provide an update for those who run into this in the future.

 

I posted this issue to HP's security vulnerability site. HP investigated and found that the authentical code modules that Intel had on its web site did not match what HP's machines were expecting. HP worked with Intel and as of today new TXT ACMs are available at:

https://software.intel.com/en-us/articles/intel-trusted-execution-technology/

 

Looks like the issue is resolved now.

Was this reply helpful? Yes No
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.