HP 2730p - EliteBook - Core 2 Duo 1.86 GHz Manual page 6

modprobe tpm_tis (in case of FC8 you may have to try '/sbin/modprobe tpm_tis')
4.
tcsd (in case of FC8 you may have to try '/usr/sbin/tcsd')
5.
tpm_takeownerhip –z (create owner password. In case of FC8 you may have to try
6.
'/usr/local/sbin/tpm_takeownerhip –z')
Define TPM NV indices for polices:
tpmnv_defindex -i owner -p <ownerauth password> (creates owner index)
7.
tpmnv_defindex -i 0x20000001 -s 512 -pv 0x02 -p <ownerauth password> (creates index
8.
0x20000001 for verified launch policies. This index is hardcoded in tboot source code, so you
can't use any other index to write the verified launch policies. If this command gives errors related
to available space in TPM NV, try 256 instead of 512)
Create and Write LCP policies to TPM NV (implemented by SINIT):
cd tboot.hg/lcptools
9.
lcp_mlehash /boot/tboot.gz > mle_hash
10.
lcp_crtpol -t hashonly -m mle_hash –o lcp.pol
11.
lcp_writepol -i owner -f lcp.pol -p <ownerauth password>
12.
Create and Write Verified Launch policies to TPM NV (implemented by Tboot):
cd ../tb_polgen
13.
tb_polgen --create --type nonfatal tcb.pol
14.
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "iommu=required com1=115200,8n1
15.
console=com1" --image /boot/xen.gz tcb.pol (all in a single line. Make sure that the command
line parameters via –cmdline, MUST match the parameters as specified in /boot/grub/menu.lst
EXCLUDING the name of the file)
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "root=LABEL=/ ro console=tty0
16.
console=ttyS0,115200,8n1 pci=nommconf" --image /boot/vmlinuz-2.6.18.8-xen tcb.pol (all in a
single line)
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image /boot/initrd-2.6.18.8-xen.img
17.
tcb.pol(all in a single line)
lcp_writepol -i 0x20000001 -f tcb.pol -p <ownerauth password>
18.
Note: Please refer to the "Intel Trusted Execution Technology- Launch Control Policy: Linux Tools User
Manual" for the proper usage of other related commands
6