Parameter | Settings | Description |
---|---|---|
Security Device Support | Disable, Enable | Enables or disables BIOS support for a security device. The OS does not show the security device. TCG EFI protocol and INT1A interface is not available. |
SHA-1 PCR Bank | Disabled, Enabled | Enable or disable SHA-1 PCR Bank. |
SHA256 PCR Bank | Disabled, Enabled | Enable or disable SHA256 PCR Bank. |
Pending operation | None, TPM Clear | Schedule an operation for the security device. The computer reboots during restart to change the state of the security device. |
Platform Hierarchy | Disabled, Enabled | Enable or disable Platform Hierarchy. |
Storage Hierarchy | Disabled, Enabled | Enable or disable Storage Hierarchy. |
Endorsement Hierarchy | Disabled, Enabled | Enable or disable Endorsement Hierarchy. |
TPM2.0 UEFI Spec Version | TCG_1_2, TCG_2 | Select the TCG2 Spec version support. |
Physical Presence Spec Version | 1.2, 1.3 | Select to tell the operating system to support PPI Spec Version 1.2 or 1.3. Some HCK tests might not support 1.3. |
PH Randomization | Disabled, Enabled | Enables or disables Platform Hierarchy randomization. Do not enable in production platforms. This is for development testing. Override ChangePlatformAuth ELINK for production platforms supporting TXT. |
Device Select | TPM 1.2, TPM 2.0, Auto | TPM 1.2 restricts support to TPM 1.2 devices. TPM 2.0 restricts support to TPM 2.0 devices. Auto supports both with the default set to TPM 2.0 devices. If not found, TPM 1.2 devices are enumerated. |