Patch Set 1:
TOCTOU attacks are possible, also you should always directly lockdown the WP_RO is executed. It is never a good idea to do that in a later stage. So please add a hook for vboot_logic.c in the earliest possible part
Please give an example. I don't see how that's possible.
Locking it early will break other functionally in ramstage, like protecting mrc cache.
View Change
To view, visit change 32705. To unsubscribe, or for help writing mail filters, visit settings.
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I72c3e1a0720514b9b85b0433944ab5fb7109b2a2
Gerrit-Change-Number: 32705
Gerrit-PatchSet: 1
Gerrit-Owner: Patrick Rudolph <patrick.rudolph@9elements.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Patrick Rudolph <siro@das-labor.org>
Gerrit-CC: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Gerrit-Comment-Date: Fri, 10 May 2019 20:07:00 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment