== > TXT must enabled first.
Profile 0 - Boot Guard Disable NO_FVME
Profile 3 - Boot Guard Enabled VM (Verified and measured boot) but won't get
shutdown even if there is any BTG error.
Profile 4 - Boot Guard Enabled FVE (Verified boot) and system gets shutdown
if there is any BTG error.
Profile 5 - Boot Guard Enabled FV_VME (Verified and measured boot) and
system gets shutdown if there is any BTG error.
Verified boot (V): Turns BtG verification on when set. Determines whether
S-ACM verifies the BIOS IBB specified in the BPM.
Measured boot (M): Turns BtG measurement on when set. Controls whether S-ACM
will measure IBB segments and extend into PCR0 of the TPM/PTT.
TXT Supported (T) [New]: Setting this bit indicates the platform/BIOS
supports TXT.If set, BIOS should provide a setup option to enable/disable TXT
via FIT type A record.If not set, the platform is incapable of TXT operation.
Force Anchor Cove Boot (FACB): When set, causes an immediate unrecoverable
shutdown if the S-ACM is unable to run for any reason. Typically this is set
only if ENF=3. Turns BtG verification on when set. Determines whether S-ACM
verifies the BIOS IBB specified in the BPM.
NO_FVME Disabled
VE VB, Shutdown timeout
VME VB+MB, Shutdown timeout
VM VB+MB, Do nothing
FVE VBB, Immediate shutdown
FVME VB+MB, Immediate shutdown