How To Install tboot.x86_64 on Amazon Linux 2

In this tutorial we learn how to install tboot.x86_64 in Amazon Linux 2. tboot.x86_64 is Performs a verified launch using Intel TXT

Introduction

In this tutorial we learn how to install tboot.x86_64 on Amazon Linux 2.

What is `tboot.x86_64`

Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses Intel Trusted Execution Technology (Intel TXT) to perform a measured and verified launch of an OS kernel/VMM.

We can use yum to install tboot.x86_64 on Amazon Linux 2. In this tutorial we discuss both methods but you only need to choose one of method to install tboot.x86_64.

Install tboot.x86_64 on Amazon Linux 2 Using yum

Update yum database with yum using the following command.

sudo yum makecache --refresh

After updating yum database, We can install tboot.x86_64 using yum by running the following command:

sudo yum -y install tboot.x86_64

How To Uninstall tboot.x86_64 on Amazon Linux 2

To uninstall only the tboot.x86_64 package we can use the following command:

sudo yum remove tboot.x86_64

tboot.x86_64 Package Contents on Amazon Linux 2

/boot/tboot-syms
/boot/tboot.gz
/etc/grub.d/20_linux_tboot
/etc/grub.d/20_linux_xen_tboot
/usr/sbin/acminfo
/usr/sbin/lcp2_crtpol
/usr/sbin/lcp2_crtpolelt
/usr/sbin/lcp2_crtpollist
/usr/sbin/lcp2_mlehash
/usr/sbin/lcp_crtpconf
/usr/sbin/lcp_crtpol
/usr/sbin/lcp_crtpol2
/usr/sbin/lcp_crtpolelt
/usr/sbin/lcp_crtpollist
/usr/sbin/lcp_mlehash
/usr/sbin/lcp_readpol
/usr/sbin/lcp_writepol
/usr/sbin/parse_err
/usr/sbin/tb_polgen
/usr/sbin/tpmnv_defindex
/usr/sbin/tpmnv_getcap
/usr/sbin/tpmnv_lock
/usr/sbin/tpmnv_relindex
/usr/sbin/txt-stat
/usr/share/doc/tboot-1.9.5
/usr/share/doc/tboot-1.9.5/COPYING
/usr/share/doc/tboot-1.9.5/Linux_LCP_Tools_User_Manual.pdf
/usr/share/doc/tboot-1.9.5/Makefile
/usr/share/doc/tboot-1.9.5/README
/usr/share/doc/tboot-1.9.5/lcptools2.txt
/usr/share/doc/tboot-1.9.5/man
/usr/share/doc/tboot-1.9.5/man/acminfo.8
/usr/share/doc/tboot-1.9.5/man/lcp_crtpconf.8
/usr/share/doc/tboot-1.9.5/man/lcp_crtpol.8
/usr/share/doc/tboot-1.9.5/man/lcp_crtpol2.8
/usr/share/doc/tboot-1.9.5/man/lcp_crtpolelt.8
/usr/share/doc/tboot-1.9.5/man/lcp_crtpollist.8
/usr/share/doc/tboot-1.9.5/man/lcp_mlehash.8
/usr/share/doc/tboot-1.9.5/man/lcp_readpol.8
/usr/share/doc/tboot-1.9.5/man/lcp_writepol.8
/usr/share/doc/tboot-1.9.5/man/tb_polgen.8
/usr/share/doc/tboot-1.9.5/man/txt-stat.8
/usr/share/doc/tboot-1.9.5/policy_v1.txt
/usr/share/doc/tboot-1.9.5/policy_v2.txt
/usr/share/doc/tboot-1.9.5/txt-info.txt
/usr/share/doc/tboot-1.9.5/vlp.txt
/usr/share/man/man8/acminfo.8.gz
/usr/share/man/man8/lcp_crtpconf.8.gz
/usr/share/man/man8/lcp_crtpol.8.gz
/usr/share/man/man8/lcp_crtpol2.8.gz
/usr/share/man/man8/lcp_crtpolelt.8.gz
/usr/share/man/man8/lcp_crtpollist.8.gz
/usr/share/man/man8/lcp_mlehash.8.gz
/usr/share/man/man8/lcp_readpol.8.gz
/usr/share/man/man8/lcp_writepol.8.gz
/usr/share/man/man8/tb_polgen.8.gz
/usr/share/man/man8/txt-stat.8.gz

References

tboot.x86_64 website

Summary

In this tutorial we learn how to install tboot.x86_64 on Amazon Linux 2 using yum.