[coreboot-gerrit] [M] Change in coreboot[main]: security/intel/txt: Verify Intel TXT required TPM2 indices presence

20 Feb 2025


      Attention is currently required from: Arthur Heymans, Felix Singer, Filip Lewiński, Julius Werner, Martin Roth, Michał Kopeć, Michał Żygowski, Yu-Ping Wu.
Hello Arthur Heymans, Felix Singer, Julius Werner, Krystian Hebel, Martin Roth, Michał Kopeć, Michał Żygowski, Yu-Ping Wu, build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/82417?usp=email
to look at the new patch set (#12).
The following approvals got outdated and were removed:
Verified+1 by build bot (Jenkins)
Change subject: security/intel/txt: Verify Intel TXT required TPM2 indices presence
......................................................................
security/intel/txt: Verify Intel TXT required TPM2 indices presence
If required TPM2 indices are not present, the SCHECK will cause a
reset, which will result in a reset-loop. Unable to boot any
operating-system or shell environment to provision a TPM, one ends
up in a soft-brick. Avoid it by checkign the TPM2 indices presence
and skip SCHECK if indices not found. Better to leave Intel TXT
uninitialized rather than having a reset loop.
Change-Id: I5b4267b2d51e21cfa514e96301f30ebf7437c470
Signed-off-by: Michał Żygowski michal.zygowski@3mdeb.com
---
M src/security/intel/txt/common.c
1 file changed, 90 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/17/82417/12
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/82417?usp=email
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email

Gerrit-MessageType: newpatchset
Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: I5b4267b2d51e21cfa514e96301f30ebf7437c470
Gerrit-Change-Number: 82417
Gerrit-PatchSet: 12
Gerrit-Owner: Filip Lewiński filip.lewinski@3mdeb.com
Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz
Gerrit-Reviewer: Felix Singer service+coreboot-gerrit@felixsinger.de
Gerrit-Reviewer: Julius Werner jwerner@chromium.org
Gerrit-Reviewer: Krystian Hebel krystian.hebel@3mdeb.com
Gerrit-Reviewer: Martin Roth martin.roth@amd.corp-partner.google.com
Gerrit-Reviewer: Michał Kopeć michal.kopec@3mdeb.com
Gerrit-Reviewer: Michał Żygowski michal.zygowski@3mdeb.com
Gerrit-Reviewer: Yu-Ping Wu yupingso@google.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-Attention: Felix Singer service+coreboot-gerrit@felixsinger.de
Gerrit-Attention: Michał Żygowski michal.zygowski@3mdeb.com
Gerrit-Attention: Filip Lewiński filip.lewinski@3mdeb.com
Gerrit-Attention: Michał Kopeć michal.kopec@3mdeb.com
Gerrit-Attention: Julius Werner jwerner@chromium.org
Gerrit-Attention: Arthur Heymans arthur@aheymans.xyz
Gerrit-Attention: Martin Roth martin.roth@amd.corp-partner.google.com
Gerrit-Attention: Yu-Ping Wu yupingso@google.com

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] [M] Change in coreboot[main]: security/intel/txt: Verify Intel TXT required TPM2 indices presence