Setting SPARC Host TPM State

Language:

Oracle ILOM provides a set of Oracle Solaris TPM properties that enable system administrators to manage the state of the Trusted Platform Module (TPM) feature on the host SPARC server. The TPM property is configurable from the Oracle ILOM CLI or web interface. For further details about TPM configurable property values, see the following tables.

Note - TPM properties for x86 servers are managed in the BIOS Utility. For further details about x86 operating system TPM properties and requirements, refer to the Oracle x86 server administration guide.

Figure 77, Table 77, TPM Property Values for Host SPARC Servers TPM Property Values for Host SPARC Server
Figure 78, Table 78, TPM Property Values for Legacy Host SPARC Servers TPM Property Values for Legacy Host SPARC Servers

Table 77 TPM Property Values for Host SPARC Servers

User Interface Configurable Target and User Role: SP CLI: `/HOST/tpm` (or,`/Servers/PDomains/PDomain_n/host/tpm`) Web: Host Management > TPM > TPM Settings User Role: Reset and Host Control (r) role (required to modify TPM property). Requirements: The host SPARC server must be running an Oracle Solaris Operating System version that supports TPM. To apply TPM property modifications in the web interface, you must click Save.
Property	Default	Description
TPM (`mode=`) (`forceclear=`)	Disabled ('off')	`Mode = activated (enabled)\| deactivated (disabled) \| off (default); Forceclear= false (default) \| true` Mode – Set one of the following: Activated – Enables the TPM state on the SPARC server at the next host power-on event. Note - "Enabled" mode label appears on M8 and T8 Systems versus the "Activated" label. Deactivated – Disables the TMP state on the SPARC server at the next host power-on event. Note - "Disabled" mode label appears on M8 and T8 Systems versus the "Deactivated" label. Off – Ignores the TPM chip on the SPARC server. Forceclear – To clear the TPM device data on the SPARC server at the next host power-on event, set the property for Forceclear to 'true' and set the property for Mode to 'Activated'. Note - The Forceclear property is automatically set to 'false' after the next host power-on event. CLI Syntax to Set TPM Properties: For a single-server SP, type: `set /HOST/tpm mode=[off\|deactivated\|activated] forceclear=false\|true` For a multi-domain server SP, type: `set /Servers/PDomains/PDomain_n/HOST/tpm mode=[off\|deactivated\|activated] forceclear=false\|true`

Table 78 TPM Property Values for Legacy Host SPARC Servers

User Interface Configurable Target and User Role: SP CLI: `/HOST/tpm` Web: Host Management > TPM > TPM Settings User Role: Reset and Host Control (r) role (required to modify TPM property). Requirements: The host SPARC server must be running an Oracle Solaris Operating System version that supports TPM. To apply TPM property modifications in the web interface, you must click Save.
Property	Default	Description
TPM (`enable=`) (`activate=`) (`forceclear=`)	Disabled ('false')	Enable=`false \| true`; Forceclear=`false \| true`; Activate=`false \| true` To enable the SPARC server TPM device on the next host power-on event, set the properties for Enable and Activate to 'true'. To purge all TPM device data on the SPARC server, set the property for Enable to 'false' and set the property for Forceclear to 'true'. Note - The Forceclear property is automatically set to 'false' after the next host power-on event. CLI Syntax to Set TPM Properties: For a single-server SP, type: `set HOST/tpm enable=[true\|false] activate=[true\|false] forceclear=false\|true`

Oracle^® ILOM Administrator's Guide for Configuration and Maintenance Firmware Release 4.0.x

Setting SPARC Host TPM State

Related Information