Philipp Deppenwiese has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/31837 )
Change subject: drivers/intel/fsp2_0: fix TPM setup and MRC cache hash logic
......................................................................
Patch Set 5:
Patch Set 4:
(2 comments)
We actually have two options here:
When VBOOT_STARTS_IN_ROMSTAGE is enabled, disallow USE_RECOVERY_MRC_CACHE.
AFAIK this would regenerate the recovery MRC training data on each recovery mode boot.
Pro: slow. Con: safe.
When VBOOT_STARTS_IN_ROMSTAGE is enabled, disallow FSP2_0_USES_TPM_MRC_HASH.
This would use the recovery MRC cache as normal, without the save-hash-in-TPM functionality.
Pro: fast. Con: less safe.
I am fine with the second option.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/31837
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I4ba91c275c33245be61041cb592e52f861dbafe6
Gerrit-Change-Number: 31837
Gerrit-PatchSet: 5
Gerrit-Owner: Joel Kitching
kitching@google.com
Gerrit-Reviewer: Aaron Durbin
adurbin@chromium.org
Gerrit-Reviewer: Furquan Shaikh
furquan@google.com
Gerrit-Reviewer: Joel Kitching
kitching@google.com
Gerrit-Reviewer: Julius Werner
jwerner@chromium.org
Gerrit-Reviewer: Patrick Rudolph
siro@das-labor.org
Gerrit-Reviewer: Philipp Deppenwiese
zaolin.daisuki@gmail.com
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: Patrick Rudolph
patrick.rudolph@9elements.com
Gerrit-Comment-Date: Wed, 13 Mar 2019 08:04:47 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment