Tpm functionality, Tpm visibility, Tpm expansion rom measuring – HP ROM-Based Setup Utility User Manual

TPM Functionality

Enabling TPM Functionality enables the TPM and BIOS secure startup. The TPM is fully functional
in this mode.

CAUTION:

When a TPM is installed and enabled on the server, data access is locked if you fail

to follow the proper procedures for updating the system or option firmware, replacing the system
board, replacing a hard drive, or modifying OS application TPM settings.

For information on installing and enabling the TPM module option, see the HP Trusted Platform
Module Option Installation Instructions that ships with the option.

Disabling TPM Functionality disables the BIOS secure startup but still allows the TPM to be visible
to the operating system. The TPM can respond to most commands in this mode.

Selecting Disabled may prevent the server from booting to a TPM-aware operating system.

TPM Visibility

The TPM Visibility option provides the ability to hide the TPM from the operating system. When
the TPM is hidden, BIOS secure startup is disabled, and the TPM does not respond to any commands
from any software.

Hiding the TPM may prevent the server from booting to a TPM-aware operating system.

TPM Expansion ROM Measuring

TPM Expansion ROM Measuring enables the BIOS to measure the optional PCI or PCIe expansion
ROM code and store that measurement in the TPM. On subsequent reboots, operating systems or
validation software that utilize the measurements stored in the TPM can use this data to detect
modifications to PCI or PCIe expansion ROM versions.

174

RBSU menu-driven interface, version 2.xx (G5 and earlier servers)