What Are The Reasons For Enabling Safe Run In BIOS And How To Fix It?

Over the past week, some of our users have reported that they have encountered a trusted execution in the BIOS.

Recommended: Fortect

Trusted Execution technology protects against software malfunctions designed to steal sensitive information when the system or BIOS code is damaged or the platform configuration changes.

I’m lucky to have a new Dell 7 workstation530 for the route I just configured.

This computer uses an Intel Xeon E-2186M processor and 32GB ECC DRAM. This processor fully supports the latest virtualization hardware (VT-x, VT-d, EPT features).

This device will initially run on a Windows 10 treadmill because the time to change your run mode is short. I really hope I have time to invest in the Linux move in a year or so, because I hate Bea $ t’s new business model of adware as a service. In the meantime, I will definitely run Linux virtual machines on it for one person.

One of the first steps was to open the BIOS and do all the settings. I was pleased to see that Dell’s default settings were mostly good, although some tweaks were required. For example, it has traditionally been configured for Secure Boot.

In the virtualization support section, they have Intel Virtualization Technology (VT-x) and VT for Direct I / O (VT-d) enabled by default, which is also very good. Yes

However,

was the third disabled technology optionIntel Secure Execution Technology (TXT). I think this is documented in the BIOS description:

This parameter indicates (MVMM) can use additional screw and bolt functions. use Intel Trusted Execution Technology. TPM virtualization technology, and virtualization technology for reference I / O must be enabled to use them This function.

Safe execution – extension disabled.

I say “think” because the Dell BIOS 7530 official documentation does not even mention this parameter even today. The previous text is for the Dell Latitude E7470, although I thought the BIOS was my statement.

Judging from this description and Intel whitepaper, it sounds like a task I want to make possible as I will definitely be using VirtualBox (and something more powerful in the future like KVM with Xen). … Unfortunately, a web survey found no support for this theory.

Instead, I only found a few reports that talk about disabling VirtualBox and KVM specifically on Dell systems: 1 link link ii. (My original question was included in the links here, but when I ptried to post it, this website made sure my question was spam …)

I draw your attention to the fact that there were some links that may not say they let you go years ago, so maybe this was really good advice that no longer works?

1. FromOn the computer screen, select System Utilities.System Setup> BIOS / Platform Setup> (rbsu) Server Security> Intel (R) TXT Support.
2. Please select another option.

   • Enabled – enables the TXT service.

   • Click Apply and Finish to restart.When restarting, press the F2 key when the Dell logo appears to re-enter BIOS.Expand the Security section, click TPM Security, and select TPM Security.Click Apply and Exit to restart the operating system and enable BitLocker.

     Disabled – disables TXT support.