On Jul 19, 2019, at 15:31, Roman Shaposhnik <roman@zededa.com> wrote:

Hi!

we're using Xen on Advantech ARK-2250 Embedded Box PC:
https://www.elmark.com.pl/web/uploaded/karty_produktow/advantech/ark-2250l/ark-2250l_instrukcja-uzytkownika.pdf

Roman,

Good to see Xen being used on fanless devices. Does the AMI BIOS for the i7 6600U Skylake CPU [1] variant of ARK-2250 [2] support Intel TXT DRTM and discrete TPM, which would enable boot integrity [3] protection for Xen, read-only dom0 and stateless VMs? Boot integrity is valuable on edge devices.

Rich

[1] CPU spec: https://ark.intel.com/content/www/us/en/ark/products/88192/intel-core-i7-6600u-processor-4m-cache-up-to-3-40-ghz.html

[2] PC spec: https://www.advantech.com/products/ark-2000_series_embedded_box_pcs/ark-2250l/mod_66ebc4e0-9a0c-489c-96a5-70a8054e9037

[3] TrenchBoot, Xen Summit 2019, https://youtube.com/watch?v=f0LZFSq4Ack