build bot (Jenkins) has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/29547 )
Change subject: security/vboot: Add measured boot mode ......................................................................
Patch Set 67:
(15 comments)
https://review.coreboot.org/#/c/29547/67/src/lib/cbfs.c File src/lib/cbfs.c:
https://review.coreboot.org/#/c/29547/67/src/lib/cbfs.c@102 PS67, Line 102: size_t in_size, void *buffer, size_t buffer_size, uint32_t compression) line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/lib/cbfs.c@115 PS67, Line 115: if ((ENV_BOOTBLOCK || ENV_VERSTAGE) && !IS_ENABLED(CONFIG_COMPRESS_PRERAM_STAGES)) line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/lib/cbfs.c@257 PS67, Line 257: if (ENV_VERSTAGE && !IS_ENABLED(CONFIG_NO_XIP_EARLY_STAGES) && IS_ENABLED(CONFIG_BOOT_DEVICE_MEMORY_MAPPED)) { line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_crtm.h File src/security/vboot/vboot_crtm.h:
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_crtm.h@49 PS67, Line 49: #if (IS_ENABLED(CONFIG_VBOOT_MEASURED_BOOT) && !ENV_BOOTBLOCK && !ENV_DECOMPRESSOR) line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_crtm.c File src/security/vboot/vboot_crtm.c:
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_crtm.c@38 PS67, Line 38: if (cbfs_boot_locate(&bootblock_data, prog_name(&bootblock), NULL) == 0) { line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_crtm.c@55 PS67, Line 55: if (cbfs_boot_locate(&romstage_data, prog_name(&romstage), NULL) == 0) { line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_crtm.c@73 PS67, Line 73: if (cbfs_boot_locate(&verstage_data, prog_name(&verstage), NULL) == 0) { line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_crtm.c@94 PS67, Line 94: size_t whitelist_len = sizeof(CONFIG_VBOOT_MEASURED_BOOT_RUNTIME_DATA) - 1; line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_logic.c File src/security/vboot/vboot_logic.c:
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_logic.c@98 PS67, Line 98: BUG(); /* Should never get called if init() returned an error. */ Avoid crashing the kernel - try using WARN_ON & recovery code rather than BUG() or BUG_ON()
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_logic.c@10... PS67, Line 104: BUG(); /* Should never get called if init() returned an error. */ Avoid crashing the kernel - try using WARN_ON & recovery code rather than BUG() or BUG_ON()
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_logic.c@28... PS67, Line 281: return vboot_extend_pcr(ctx, 0, BOOT_MODE_PCR) || vboot_extend_pcr(ctx, 1, HWID_DIGEST_PCR); line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_logic.c@30... PS67, Line 308: if (IS_ENABLED(CONFIG_RESUME_PATH_SAME_AS_BOOT) && vboot_platform_is_resuming()) line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_logic.c@31... PS67, Line 319: if (IS_ENABLED(CONFIG_VBOOT_MEASURED_BOOT) && !(ctx.flags & VB2_CONTEXT_S3_RESUME)) { line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_logic.c@32... PS67, Line 324: if (IS_ENABLED(CONFIG_VBOOT_PHYSICAL_DEV_SWITCH) && get_developer_mode_switch()) line over 80 characters
https://review.coreboot.org/#/c/29547/67/src/security/vboot/vboot_logic.c@33... PS67, Line 333: if (IS_ENABLED(CONFIG_VBOOT_WIPEOUT_SUPPORTED) && get_wipeout_mode_switch()) line over 80 characters