G BIOS Setup Utility Menu Options
Exadata Server X10M BIOS Setup Utility menus.
Main Menu
Main Menu Option | Description |
---|---|
BIOS Information |
|
BIOS Vendor |
American Megatrends |
Core Version |
Core version number for a specific release. Format is XX.YY, where:
Example: 5.27 |
Compliancy |
Compliancy version number for a specific release. Format is UEFI version number and Platform Initialization (PI) version number. Example: UEFI 2.8; PI 1.7 |
Project Version |
BIOS project version number for a specific release. Example: 8400 17.00 x64 |
Build Date and Time |
The date and time the build for the BIOS version was created. |
BIOS Version |
BIOS release version. Format is XXYYZZPP, which indicates:
Example: 84.00.17.00 |
Memory Information |
|
Total Memory |
Total amount of memory in megabytes. Example: 65536 MB |
System Date |
Allows you to change the current system date. Example: Tue 11/08/2022 |
System Time |
Allows you to change the current system time. Example: 13:38:27 |
Advanced Menu
This section includes screens of the Advanced menu in the BIOS Setup Utility for Exadata Server X10M.
Force APCB Update
Force APCB Update Option | Description |
---|---|
Force APCB Update |
Allows you to force an APCB update. By default, the option is disabled. |
Trusted Computing 2.0 Options
Note:
The Trusted Computing 2.0 options are available only when you enable the Security TPM Device Support option.Setup Option | Description |
---|---|
TPM 2.0 Device Found |
Displays the firmware version and vendor for the TPM (Trusted Platform Module) device. |
Security TPM Device Support |
Enable (default) or disable Trusted Platform Module (TPM) support. If disabled, the OS will not show TPM. Reset of the platform is required. |
Active PCR banks |
Displays active Platform Configuration Register (PCR) banks. |
Available PCR banks |
Displays available Platform PCR banks. |
SHA256 Bank |
Displays if the SHA256 PCR bank is enabled (default) or disabled. |
Pending Operation |
Schedule an operation for the security device. Note: Your computer reboots during restart to change the state of a security device. None (default), TPM Clear |
Platform Hierarchy |
Enable (default) or disable platform hierarchy. |
Storage Hierarchy |
Enable (default) or disable storage hierarchy. |
Endorsement Hierarchy |
Enable (default) or disable endorsement hierarchy. |
PSP Firmware Versions
PSP Firmware Versions Option | Description |
---|---|
ABL Version |
Displays the AMD Boot Loader (ABL) version number. |
PSP Bootloader Version |
Displays the Platform Security Processor (PSP) bootloader version. |
SMU FW Version |
Displays the AMD System Management Unit firmware version (SMU FW). The SMU is a microcontroller in the AMD EPYC processor that handles real-time events such as power management. |
SEV FW Version |
Displays the AMD Secure Encrypted Virtualization firmware version (SEV FW). |
PHY FW Version |
Displays the physical layer firmware (PHY FW) version. |
MPIO FW Version |
Displays the mass production I/O firmware (MPIO FW) version. |
MMPDMA FW Version |
Displays the Microprocessor Direct Memory Access (MMPDMA) firmware (FW) version. |
Page Migration FW |
Displays the Page Migration firmware (FW) version. |
GMI FW Version |
Displays the Global Memory Interconnect (GMI) firmware (FW) version. |
uCode B0 Version |
Displays the CPU stepping version, for example, B0. |
APCB Version |
Displays the AMD ASP Configuration Block (APCB) version. |
APOB Version |
Displays the AMD Generic Encapsulated Software Architecture (AGESA) PSP Outbput Buffer (APOB) version. |
APPB Version |
Displays the AGESA PSP PMU Block (APPB) version. |
AMD CBS
AMD CBS Option | Description |
---|---|
AMD CBS Revision Number |
Displays the AMD CBS revision number. |
CPU Common Options |
|
Performance |
|
OC Mode |
With Force APCB Update enabled, allows you to customize overclock mode with Normal Operation or Customized settings. |
CCD/Core/Thread Enablement |
|
CCD Control |
With Force APCB Update enabled, allows you to select the number of active charge couple devices (CCDs). After you use this option to remove any CCDs, run a power cycle so that the settings you select in the future take effect. Default is Auto. |
Core Control |
With Force APCB Update enabled, allows you to select the number of cores you want to use. After you use this option to remove any cores, run a power cycle so that the settings you select in the future take effect. Default is Auto. |
SMT Control |
With Force APCB Update enabled, you can disable symmetric multithreading (SMT). To re-enable SMT, select Enable and run a power cycle. Select Auto, based on the BIOS PCD (PcdAmdSmtMode) default setting. S3 is not supported on systems where SMT is disabled. |
Prefetcher Settings |
|
L1 Stream HW Prefetcher |
With Force APCB Update enabled, allows you to enable (default) or disable the L1 Stream HW Prefetcher. Default is Auto. |
L2 Stream HW Prefetcher |
With Force APCB Update enabled, allows you to enable (default) or disable the L2 Stream HW Prefetcher. Default is Auto. |
Platform First Error Handling |
With Force APCB Update enabled, allows you to enable (default) or disable platform first error handling, cloak invidual banks, and mask deferred error interrupts from each bank. |
Core Performance Boost |
With Force APCB Update enabled, allows you to disable core performance boost. Default is Auto. |
Global C-State Control |
With Force APCB Update enabled, allows you to enable or disable the IO based C-state generation and DF c-states. Default is Auto. |
SEV-ES ASID Space Limit |
With Force APCB Update enabled, allows you to set space limits for Secure Encrypted Virtualization-Encrypted State address space identifier (SEV-ES ASID). SEV-ES and AMD Secure Nested Paging (SNP) guests must use ASIDs in the range 1 through 1086. For all ASIDs to support SEV-ES or SNP guests, set the value to 1007. The default is 1 which sets the space limits for all SEV guests and no SEV-ES or SNP guests. |
SEV Control |
With Force APCB Update enabled, allows you to enable (default) or disable SEV. To re-enable SEV, after you select Enable, run a power cycle. |
SNP Memory (RMP Table) Coverage |
With Force APCB Update enabled, allows you to enable, disable, or customize the entire system memory. Default is Auto. |
SMEE |
With Force APCB Update enabled, allows you to enable or disable secure memory encryption enable (SMEE). Enabling both SMEE and Multi-Key Secure Memory Encryption (SME-MK) is not supported. Default is Auto. |
Enhanced REP MOVSB/STOSB (ESRM) |
With Force APCB Update enabled, allows you to enable (default) or disable memory security for Enterprise Security Management (ESRM). Default is 1. You can set the option to zero for analysis purposes, providing that the OS supports the option. |
DF Common Options |
|
Memory Addressing | |
NUMA Nodes Per Socket |
With Force APCB Update enabled, allows you to specify the number of non-uniform memory access (NUMA) nodes per socket. Default is Auto. NPS1 specified one NUMA node per socket. NPS0 specified one NUMA node per system and attempts to interleave the two sockets together. |
Memory Interleaving |
With Force APCB Update enabled, allows you to disable or enable memory interleaving. NUMA nodes per socket are recognized regardless of this setting. Default is Auto. |
1TB Remap |
With Force APCB Update enabled, allows you to reamap DRAM out of the space below the 1TB bounday. Remapping depends on the DRAM configuration, NUMA node per socket (NPS), and interleaving selection, and might not always be possible. Default is Auto. |
DRAM Map Intervention |
With Force APCB Update enabled, allows you to invert the map so that the highest memory channels are assigned to the lowest addresses in the system. Default is Auto. |
Location of Private Memory Regions |
With Force APCB Update enabled, allows you to control whether the private memory regions (PSP, SMU and CC6) are at the top of DRAM, at the top of the 1st DRAM pair, or distributed. The Distributed option requires memory on all dies. The location of the private memory regions is always at the top of DRAM if some dies do not have memory, regardless of the setting. The Consolidate option for the first DRAM pair is only valid for non-interleaved memory. Default is Auto. |
Link |
With Force APCB Update enabled, allows you to specify the maximum frequency for the inter-chip global memory interconnect (XGMI) PState in a 4-link or 3-link topology. Default is Auto. |
UMC Common Options |
|
DDR Controller Configuration |
|
DDR Power Options |
|
Sub Urgent Refresh Lower Bound |
With Force APCB Update enabled, allows you to specify the stored refresh limit required to enter sub-urgent refresh mode. The minimum limit is 1 and the maximum limit is 6. Default is 1. |
Urgent Refresh Limit |
With Force APCB Update enabled, allows you to specify the stored refresh limit required to enter urgent refresh mode. The minimum limit is 1 and the maximum limit is 6. Default is 4. |
DRAM Refresh Rate |
With Force APCB Update enabled, allows you to specify the DRAM refresh rate to 3.9 usec (default) or 1.95 usec. |
Self-Refresh Exit Staggering |
With Force APCB Update enabled, allows you to specify the amount to stagger the self-refresh exit. Tcksrx += (Trfc/n * (UMC_Number % 3)) To disable staggering, select n=1. Default is n=9. |
Double Data Rate Self-Testing Memory Built-in Self Test (DDR MBIST) Options |
|
DDR Healing BIST Options |
With Force APCB Update enabled, allows you to enable or disable (default) running a full memory content test and is separate and distinct from the MBIST test of Interface and Data Eye. The PMU Mem BIST option uses PMU firmware to test the memory on all channels simultaneously. Failing memory is repaired using soft or hard PPR, depending on the PPR configuration. The Self-Healing Mem BIST option runs the JEDEC DRAM self healing test, if the device and DIMM support the self-healing. The DRAM does a hard repair for any failing memory. The Power Management Unit (PMU) and Self-Healing Mem BIST option runs the PMU Mem BIST and then the Self-Healing Mem BIST tests sequentially. |
DDR Healing BIST Execution Mode |
With Force APCB Update enabled, enables a memory content test. |
PMU Mem BIST Algorithm |
With Force APCB Update enabled, allows you to select PMU Mem BIST algorithms. |
DDR Healing BIST Repair Type |
With Force APCB Update enabled, for DRAM errors found in the BIOS memory BIST, select the repair type: Soft, Hard, or Test only. Do not attempt to repair. |
Double Data Rate Row Address Strobe (DDR RAS) |
|
Disable Memory Error Injection |
With Force APCB Update enabled, allows you to specify the Unified Management Console (UMC) error injection configuration where writes are disabled. Default is Auto. |
DDR Security |
|
TSME |
With Force APCB Update enabled, allows you to enable or disable transparent SME. Default is Auto. |
SME-MK |
With Force APCB Update enabled, allows you to enable or disable (default) SME-MK encryption mode. Enabling both SMEE and SME-MK is not supported. |
Non-blocking Input Output (NBIO) Options |
|
IOMMU |
With Force APCB Update enabled, allows you to enable or disable I/O Memory Management Unit (IOMMU). Default is Auto. |
ACS Enable |
With Force APCB Update enabled, allows you to enable or disable Access Control Services (ACS). You must enable Advanced Error Reporting (AER) for ACS to work. Default is Auto. |
PCIe ARI Support |
With Force APCB Update enabled, allows you to enable (default) or disable Alternative Routing-ID Interpretation (ARI). |
System Management Unit (SMU) Common Options |
|
Thermal Design Power (TDP) Control |
With Force APCB Update enabled, allows you to use the fused Thermal Design Power TDP (Auto) or set customized TDP (Manual). Default is Manual. |
TDP |
With Force APCB Update enabled, allows you to set TDP in decimal format. The minimum value is 0 and the maximum value is 4294967295. Default is 400. |
Package Power Tracking (PPT) Control |
With Force APCB Update enabled, allows you to use the fused PPT (Auto) or set customized PPT (Manual. Default is Manual. |
PPT |
With Force APCB Update enabled, allows you to set PPT in decimal format. The minimum value is 0 and the maximum value is 4294967295. Default is 400. |
Determinism Control |
With Force APCB Update enabled, allows you to use the default performance determinism settings (Auto) or set custom performance determinism settings (Manual). Default is Manual. |
Determinism Enable |
With Force APCB Update enabled, allows you to specify Power (default) or Performance for determinism control. |
xGMI Link Width Control |
With Force APCB Update enabled, allows you to use the default xGMI link width controller settings (Auto) or set custom xGMI link width controller settings (Manual). Default is Manual. |
xGMI Force Link Width Control |
With Force APCB Update enabled, you can specify not forcing the xGMI to a fixed width (Unforce) or force the xGMI link to a specified width. Default is Force. |
xGMI Force Link Width |
With Force APCB Update enabled, you can set the xGMI force link width at 2 (x16), 1 (x8), or 0 (x4). Default is 2. |
xGMI Max Link Width Control |
With Force APCB Update enabled, you can use the default xGMI maximum supported link width (Auto) or set a custom xGMI maximum link width (Manual). Default is Manual. |
xGMI Max Link Width |
With Force APCB Update enabled, you can select 0 to set the maximum xGMI link width to x8 or select 1 (default) to set the maximum xGMI link width to x16. |
Algorithm Performance Boost Disable (APBDIS) |
With Force APCB Update enabled, you can select 0 to set mission mode and not use APBDIS or select 1 (default) to use APBDIS. |
DfPstate |
With Force APCB Update enabled, when you use APBDIS, you can set the Data Fabric P-State (DfPstate) index from 0-4. Default is 0. |
NBIO RAS Common Options |
|
PCI AER Reporting Mechanism |
With Force APCB Update enabled, allows you to select the method of reporting AER errors from PCI Express. Firmware First allows BIOS to handle errors first through the generation of a system management interrupt (SMI). Otherwise OS First (default) allows the OS to handle the errors first through the generation of a system control interrupt (SCI). |
Enable AER Cap |
With Force APCB Update enabled, enable or disable Advanced Error Reporting capability. Default is Auto. |
SEV-SNP Support |
With Force APCB Update enabled, enable or disable (default) support for Secure Encrypted Virtualization and Secure Nested Paging. |
SoC Miscellaneous Control |
|
ABL Console Out Control |
With Force APCB Update enabled, enable or disable the ConsoleOut Function for ABL. Default is Auto. |
ABL Basic Console Out Control |
With Force APCB Update enabled, enable or disable the Basic ConsoleOut Function for ABL. Default is Auto. |
ABL PMU Message Control |
With Force APCB Update enabled, enable or disable PMU message for ABL. Default is Auto. |
Serial Port Console Redirection
Serial Port Console Redirection Option | Description |
---|---|
COM0 Console Redirection Settings |
|
Console Redirection EMS |
Enable or disable (default) console redirection EMS. |
Console Redirection |
Enable (default) or disable console redirection. |
Terminal Type |
VT100, VT100Plus (default), VT-UFT8, ANSI |
Bits Per Second |
9600, 19200, 38400, 57600, 115200 (default) |
Data Bits |
7, 8 (default) |
Parity |
None (default), Even, Odd, Mark, Space |
Stop Bits |
1 (default), 2 |
Flow Control |
None (default), Hardware, Request to Send or Clear to Send (RTS/CTS) |
PCI Subsystem Settings
PCI Subsystem Settings | Description |
---|---|
PCI Driver Version |
Version number of the PCI driver. Example: A5.01.28 |
PCI Settings Common for All Devices |
Caution: If you change the PCI settings common to all devices, there might be unwanted results, such as the system might freeze. |
PCI Latency Timer |
Specify a PCI Bus Clock value (32 (default) 64, 96, 128, 160, 192, 224, 248) to use for the PCI Latency Timer Register. |
PCI-X Latency Timer |
Specify a PCI Bus Clock value (32, 64 (default), 96, 128, 160, 192, 224, 248) to use for the PCI-X Latency Timer Register. |
VGA Palette Snoop |
Enable or disable (default) the PCI cards to snoop on the video card palettes and register snooping. |
PERR# Generation |
Enable or disable (default) the PCI device to generate PERR#. |
SERR# Generation |
Enable or disable (default) the PCI device to generate SERR#. |
Above 4G Decoding |
Enable (default) above 4G decoding only if the system supports 64 bit PCI decoding or disable the option. |
SR-IOV Support |
Enable (default) or disable Single Root I/O Virtualization (SR-IOV) to configure devices into multiple virtual devices that can be used on virtual OS installations. If supported by the hardware and set to enabled, all devices on the system that are SR-IOV capable are configured to support SR-IOV and I/O resources are allocated to the device as normal. If set to disabled, I/O resources are not allocated to the device. |
BME DMA Mitigation |
Enable or disable (default) Bus Master Attribute (BME) Direct Memory Access (DMA) that is disabled after PCI enumeration for PCI bridges, after SMM is locked. |
PCI Express Settings |
|
PCI Express Device Register Settings |
|
Relaxed Ordering |
Enable (default) or disable PCI Express device relaxed ordering. |
Extended Tag |
Enable to allow device to use the 8-bit tag field as a requester or disable (default) the option. |
No Snoop |
Enable (default) the PCI Express device no snoop option or disable the option. |
Maximum Payload |
Select the maxium payload for a PCI Express device or select Auto (default) to allow BIOS to select the value. |
Maximum Read Request |
Select the maxium read request size for a PCI Express device or select Auto (default) to allow BIOS to select the value. |
PCI Express Link Register Settings |
|
ASPM Support |
By default, the Active State Power Management (ASPM) option is disabled. Select Auto to allows BIOS to configure ASPM. Select Force L0s to force all links to the L0s state. Warning: Enabling ASPM might cause some PCIe devices to fail. |
Extended Synch |
By the default, the option is disabled. Enabling Extended Synch allows the generation of extended synchronization patterns. |
Link Training Retry |
Specifies the number of retry attempts (2, 3, or 5) that the software makes to retrain the link, if a previous attempt was unsuccessful. Default is 5. |
Link Training Retry Timeout |
Specifies the number of microseconds the software waits before polling the Link Training bit in the Link Status register. The valus are 10-10000 uS. Default is 1000. |
Unpopulated Links |
To save power, the software disables the unpopulated PCIe links if you select Disable Link. Default is Keep Link ON. |
PCI Express GEN 2 Settings | |
PCI Express GEN 2 Device Register Settings | |
Completion Timeout |
In device functions that support completion timeout, allows the system software to change the Completion Timeout value. Default is 50 us to 50 ms. You can select Shorter or Longer to change the timeout length of time or disable the timeout. |
ARI Forwarding |
If Alternative Routing ID Interpretation (ARI) Forwarding is supported by the hardware and enabled, the Downstream Port disables its Device Number field of 0 enforcement, when turning a Type1 Configuration Request into a Type0 Configuration Request. Enabling ARI Forwarding allows access to Extended Functions in an ARI Device immediately below the port. Default is Disabled. |
AtomicOp Requester Enable |
If supported by hardware and enabled, Atomic Operation (AtomicOp) Requester initiates AtomicOp Requests only if the Bus Master Enable bit is in the Command Register Set. Default is Disabled. |
AtomicOp Egress Blocking |
If supported by hardware and enabled, outbound AtomicOp Requests through the Egress Ports are blocked. Default is Disabled. |
IDO Request Enable |
If supported by hardware and enabled, allows you to set the number of ID-Based Ordering (IDO) bit (Attribute[2]) requests to be initiated. Default is Disabled. |
IDO Completion Enable |
If supported by hardware and enabled, allows you to enable ID-Based Ordering (IDO) Completion bit. Default is Disabled. |
LTR Mechanism Enable |
If supported by hardware and enabled, allows you to enable the Latency Tolerance Reporting (LTR) Mechanism. Default is Disabled. |
End-End TLP Prefix Blocking |
If supported by hardware and enabled, allows you to block forwarding of Traffic Light Protocols (TLPs) that contain End-End TLP Prefixes. Default is Disabled. |
PCI Express GEN2 Link Register Settings |
|
Target Link Speed |
If supported by hardware and you select Force to X.X (2.5, 5.0, 9.0, 16.0, or 32.0) GT/s for downstream ports, you set an upper limit on the link operational speed by restricting the values advertised by the upstream component in its training sequences. Auto (default) uses hardware initialized data. |
Clock Power Management |
If supported by hardware and and enabled, the device uses the CLKREQ# signal for power management of the link clock, with the protocol defined in the form factor specification. Default is Disabled. |
Compliance SOS |
If supported by hardware and and enabled, forces Link Training and Status State Machine (LTSSM) to send Sealed Key Protection (SKP) Ordered Sets between sequences when sending Compliance Pattern or Modified Compliance Pattern. Default is Disabled. |
Hardware Autonomous Width |
If supported by hardware and and disabled, the hardware cannot change the link width except for width size reduction to correct an unstable link operation. Default is Enabled. |
Hardware Autonomous Speed |
If supported by hardware and and disabled, the hardware cannot change the link speed except for speed rate reduction to correct an unstable link operation. Default is Enabled. |
PCI Hot-Plug Settings |
|
BIOS Hot-Plug Support |
Allows BIOS build in Hot-Plug support, if the operating system does not support PCI Express and Standard Hot-Plug Controller (SHPC) hot-plug natively. Default is Enabled. |
PCI Buses Padding |
Pads the PCI buses behind the bridge for hot-plug. Select 1-5. Default is 1. |
I/O Resources Padding |
Pads the I/O resources behind the bridge for hot-plug. Select 4 K, 8 K, 16 K, or 32 K. Default is 4K. |
MMIO 32 Bit Resources Padding |
Pads the PCI Memory-Mapped IO (MMIO) 32-bit resources behind the bridge for hot-plug. Default is 16 M. |
PFMMIO 32 Bit Resources Padding |
Pads the PFMMIO 32-bit prefetchable resources behind the bridge for hot-plug. Default is 16 M. |
PFMMIO 64 Bit Resources Padding |
Pads the PFMMIO 64-bit prefetchable resources behind the bridge for hot-plug. Default is disabled. |
NVMe Configuration
NVMe Configuration Option | Description |
---|---|
NVMe Configuration |
Displays the model number, size, vendor ID, device ID, and namespace for the NVMe controller. |
NVMe Device Self Test |
Allows you to change the type of self test, Short (default) or Extended, change the self test action, Controller Only Test (default) or Controller and Namespace, and run a self test based on the option and action you selected. |
Network Stack Configuration
Network Stack Option | Description |
---|---|
Network Stack |
Enables (default) the UEFI network stack and prevents users from performing single-user network boots and network installations. If disabled, the host does not use the network interface. |
IPv4 PXE Support |
Enables (default) IPv4 PXE Boot support. If disabled, the IPv4 PXE Boot Option is not supported. |
IPv4 HTTP Support |
Enables IPv4 HTTP Boot support. If disabled (default), the IPv4 HTTP Boot Option is not supported. |
IPv6 PXE Support |
Enables IPv6 PXE Boot support. If disabled (default), the IPv6 PXE Boot Option is not supported. |
IPv6 HTTP Support |
Enables IPv6 HTTP Boot support. If disabled (default), the IPv6 HTTP Boot Option is not supported. |
PXE Boot Wait Time |
Specifies the wait time to press the ESC key to abort the PXE boot. Default is 0. |
Media Detect Count |
Specifies the number of times the presence of physical storage devices are verified on a system reset or power cycle. Default is 1. |
SATA Configuration
SATA Configuration Option | Description |
---|---|
SATA Controller |
Displays the SATA controller BUS device and function, and installed media devices. |
CPU Configuration
CPU Configuration Option | Description |
---|---|
SVM Mode |
Enable (default) or disable CPU virtualization. |
Node Information |
Displays the information for each node in the CPU. |
AMD |
Displays the CPU ID. Example: 100-000000894-04 |
Cores |
Displays the number of cores. Example: 96 |
Threads |
Displays the number of threads. Example: 192 |
Processor Family |
Displays the processor family for the CPU. Example: 19h |
Processor Model |
Displays the processor model for the CPU. Example: 10h-1Fh |
Microcode Patch Level |
Displays the microcode patch level. Example: A101010 |
Cache Per Core |
Displays the amount of cache per core for the L1 Instruction Cache, L1 Data Cache, L2 Cache, and L3 Cache Per Socket. |
IO Menu
This section includes screens of the IO menu in the BIOS Setup Utility for Exadata Server X10M.
Internal Devices
Internal Devices Option | Description |
---|---|
NET0 |
Displays and provides options to change the internal device settings. |
PCI-E UEFI Driver Enable |
Enable (default) or disable PCI-E UEFI Driver. If set to enabled, UEFI Driver for the card executes as normal. If set to disabled, UEFI Driver for the card is not copied into memory and the execution of the UEFI Driver is inhibited. |
Add-in Cards
Add-in Cards Option | Description |
---|---|
Slot 1-9 |
Displays and provides options to change the settings of the devices in PCIe slots. |
PCIe UEFI Driver Enable |
Enable (default) or disable PCI-E UEFI Driver. If set to enabled, UEFI Driver for the card executes as normal. If set to disabled, UEFI Driver for the card is not copied into memory and the execution of the UEFI Driver is inhibited. |
Slot 100-103 |
Displays and provides options to change the settings of the devices in NVMe slots. |
Security Menu
Security Menu Option | Description |
---|---|
System Mode |
Secure Boot is activated when Platform Key (PK) is enrolled, System mode is User (default) or Deployed, and the Compatibility Support Module (CSM) function is disabled. |
Attempt Secure Boot |
When enabled (default), Secure Boot is activated when Platform Key (PK) is enrolled, System mode is User or Deployed, and the Compatibility Support Module (CSM) function is disabled. |
Secure Boot Mode |
Specifies Standard or Custom (default) Secure Boot mode. In Custom mode, you can configure secure boot policy variables by a physically present user without full authentication. |
Restore Factory Keys |
Forces system to User mode. Installs factory default Secure Boot key databases. |
Reset to Setup Mode |
Removes all secure boot key databases from NVRAM. |
Enter Audit Mode |
Resets the system to Audit Mode workflow and erases the PK variable. |
Enter Deployed Mode |
Transitions between Deployment and User modes. |
Key Management |
Allows expert users to change Secure Boot Policy variables without variable authentication. |
Factory Key Provision |
Enables (default) provisioning factory default Secure Boot keys after the platform reset and while the system is in Setup Mode. |
Restore Factory Keys |
Forces the system to User mode. Installs factory default Secure Boot key databases. |
Enroll EFI Image |
Enrolls an EFI image to run in Secure Boot mode. Enroll SHA256 Hash certificate of a PE image into Authorized Signature Database. |
Export Secure Boot Variables
|
Select a file system to copy the NVRAM content of Secure Boot variables to files in a root folder on a file system device. |
Secure Boot Variable | Size | Keys | Key Source
|
Displays the size, platform keys, key exchange keys, and signatures. |
Boot Menu
Boot Menu Option | Description |
---|---|
Boot EFI Shell |
Disable (default) or enable to add the EFI Shell to the Boot Priority List. |
Retry Boot List |
Disable or enable (default) automatic retries of the Boot List when all devices fail. |
Network Boot Retry |
If enabled (default), BIOS automatically retries the PXE list present in the system when all PXE attempts have failed. If set to disabled, the system halts and displays the error message “Network Boot Failed” when all PXE boots fail. If set to Boot List, fails over to the main Boot Options Priority list. |
Persistent Boot Support |
Disable (default) reverts to the default boot handing for the next boot. |
Boot Option Priorities |
Displays and sets the system boot order. |
Exit Menu
Save and Exit Option | Description |
---|---|
Save Changes and Exit |
Save changes and exit the BIOS Setup Utility. |
Discard Changes and Exit |
Exit the BIOS Setup Utility without saving changes. |
Discard Changes |
Discard any changes made to the setup options. |
Restore Defaults |
Restore and load the optimal default values for all of the setup options. |