Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/36545 )
Change subject: lib/cbfs: Add fallback to RO region to cbfs_boot_locate
......................................................................
Patch Set 1:
If you don't want to lock RO (make it read-only), you can achieve the same by simply not having a RW partitions at all.
All components would reside in RO, you can still use the measured boot, have enough space for payloads and don't need to duplicate stages.
The good thing is that is already supported by coreboot.
I would expect a minimum amount of items in the RO partition and all of them in RW to have them updated.
While technically correct I fear that without proper documentation (maybe even with proper documentation) it will be hard for the customer to figure out a reliable update scheme, as files are scattered all over the firmware image.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/36545
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I81ceaf927280cef9a3f09621c796c451e9115211
Gerrit-Change-Number: 36545
Gerrit-PatchSet: 1
Gerrit-Owner: Wim Vervoorn
Gerrit-Reviewer: Aaron Durbin
adurbin@chromium.org
Gerrit-Reviewer: Daisuke Nojiri
dnojiri@chromium.org
Gerrit-Reviewer: Frans Hendriks
fhendriks@eltan.com
Gerrit-Reviewer: Furquan Shaikh
furquan@google.com
Gerrit-Reviewer: Hung-Te Lin
hungte@chromium.org
Gerrit-Reviewer: Joel Kitching
kitching@google.com
Gerrit-Reviewer: Julius Werner
jwerner@chromium.org
Gerrit-Reviewer: Kyösti Mälkki
kyosti.malkki@gmail.com
Gerrit-Reviewer: Martin Roth
martinroth@google.com
Gerrit-Reviewer: Patrick Georgi
pgeorgi@google.com
Gerrit-Reviewer: Patrick Rudolph
siro@das-labor.org
Gerrit-Reviewer: Philipp Deppenwiese
zaolin.daisuki@gmail.com
Gerrit-Reviewer: Stefan Reinauer
stefan.reinauer@coreboot.org
Gerrit-Reviewer: Wim Vervoorn
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-Comment-Date: Mon, 04 Nov 2019 09:20:18 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment
