You are not logged in.
- Topics: Active | Unanswered
#1 2023-12-04 21:04:07
- 860lacov
- Member
- Registered: 2020-05-02
- Posts: 491
I need help determining the usefulness of certain functions in the Len
In security tab there are:
TSME
I found explanation:
TSME, or Transparent Secure Memory Encryption, is a feature available in the BIOS/UEFI that enables memory encryption. It is independent of the operating system, meaning it is activated through the BIOS/UEFI rather than the operating system
So it seems that it encrypts memory, and it doesn't matter if it is Linux or Windows. But to be honest, I don't know what does it mean if I should use it or not. Is it somekind of RAM encryption?
Security Chip
I can choose Discrete TPM 2.0 and Pluton TPM 2.0.
Pluton is somehow connected with Windows, I think (but not sure).
I have my nvme encrypted with cryptsetup. I use password during the boot process. Can and should I use TPM somehow? If not, then maybe I should disable TPM in bios to reduce power usage (blind guess)
There is also:
Micorosft(R) Pluton Processor Control.
When enabled I can use Pluton TPM 2.0, and when enabled I can't. So if I can't use Pluton in Arch than I could disable Micorosft(R) Pluton Processor Control. Am I right?
I'm asking for a help here becouse I use Arch and lenovo support told me that only thinkpad p14s with intel is linux certified. AMD CPU is not and they will not help me.
Offline
#2 2023-12-05 08:36:23
- jl2
- Member
- From: 47° 18' N 8° 34' E
- Registered: 2022-06-01
- Posts: 952
Re: I need help determining the usefulness of certain functions in the Len
What did you ask for at lenovo? Only the explanation of those bios settings?
If yes, go google it. here is my knowledge of them:
TSME: your description tells it. it encrypts memory. If you want memory encryption, use it.
TPM can be used to store your encryption keys in combination with secure boot.
I don't think you'll make somehow "useful" sized power savings by disabling it (maybe also none).
pluton: your description tells ita again. yes, you can disable it.
Last edited by jl2 (2023-12-05 08:38:47)
Why I run Arch? To "BTW I run Arch" the guy one grade younger.
And to let my siblings and cousins laugh at Arsch Linux...
Offline