Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/34585 )
Change subject: security/intel: Add TXT infrastructure ......................................................................
Patch Set 3:
(6 comments)
https://review.coreboot.org/c/coreboot/+/34585/2//COMMIT_MSG Commit Message:
https://review.coreboot.org/c/coreboot/+/34585/2//COMMIT_MSG@12 PS2, Line 12: * Increase FIT space if TXT is enabled
Why to 16? Are twelve more slots needed?
Depends on the optional entries you add to FIT. In our case we have to place the biosacm and mark files as IBB: bootblock, FSP and verstage. That makes at least 4 new entries. We might add BIOS policy and TXT policy, so it will be already 6 additional entries.
https://review.coreboot.org/c/coreboot/+/34585/2/src/security/intel/txt/Kcon... File src/security/intel/txt/Kconfig:
https://review.coreboot.org/c/coreboot/+/34585/2/src/security/intel/txt/Kcon... PS2, Line 22: depends on TSC_CONSTANT_RATE
remove
Done
https://review.coreboot.org/c/coreboot/+/34585/2/src/security/intel/txt/Kcon... PS2, Line 36: intel
Intel
Done
https://review.coreboot.org/c/coreboot/+/34585/2/src/security/intel/txt/Kcon... PS2, Line 45: intel
Intel
Done
https://review.coreboot.org/c/coreboot/+/34585/2/src/security/intel/txt/Kcon... PS2, Line 52: Purely
Is that a device name?
yes
https://review.coreboot.org/c/coreboot/+/34585/2/src/security/intel/txt/Kcon... PS2, Line 52: Sandybridge
Sandy Bridge
Done