Attention is currently required from: Michał Żygowski, Arthur Heymans, Patrick Rudolph. Hello build bot (Jenkins), Angel Pons, Arthur Heymans,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/59519
to look at the new patch set (#14).
Change subject: security/intel/txt: Fix HEAP_ACM format depending on number of ACMs in CBFS ......................................................................
security/intel/txt: Fix HEAP_ACM format depending on number of ACMs in CBFS
Since we may have either BIOS ACM or both BIOS and SINIT ACMs in CBFS, the size of txt_heap_acm_element will be different. We cannot always hardcode the size of ACM addresses array for two ACMs. If only the BIOS ACM was included, the BDR parsing failed in TBoot due to invalid size of HEAP_ACM element. Check if SINIT ACM is present in CBFS and push properly formatted BDR region onto the TXT heap. Use two separate txt_heap_acm_element structures with different lengths.
TEST=Boot QubesOS 4.0 with TBoot 1.8.2 on Dell OptiPlex 9010 with and without SINIT ACM in CBFS and see that TBoot no longer complains on the wrong size of HEAP_ACM element
Signed-off-by: Michał Żygowski michal.zygowski@3mdeb.com Change-Id: Ib0c37a66d96e1ca3fb4d3f665e3ad35c6f1c5c1e --- M src/security/intel/txt/ramstage.c M src/security/intel/txt/txt_register.h 2 files changed, 114 insertions(+), 49 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/19/59519/14