Christian Walter has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/34510 )
Change subject: src/security/vboot: Add Support for Intel PTT
......................................................................
Patch Set 4:
Patch Set 3:
Why not use the existing VBOOT_MOCK_SECDATA for this? You could add a 'default y if INTEL_PTT' there or 'select' it from CONFIG_INTEL_PTT.
VBOOT_MOCK_SECDATA is actually used if you want to do VBOOT without a TPM. We just stub every function (except the NVRAM read) and go with it. When Intel PTT is used, we do not have access to NVRAM, but we can e.g. extend PCRs. So we can do a verified and measured boot with PTT, if we do not use the NVRAM for antirollback.
So in my opinion it's a different functionality and should not be merged with VBOOT_MOCK_SECDATA.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/34510
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I08c9a839f53f96506be5fb68f7c1ed5bf6692505
Gerrit-Change-Number: 34510
Gerrit-PatchSet: 4
Gerrit-Owner: Christian Walter
christian.walter@9elements.com
Gerrit-Reviewer: Aaron Durbin
adurbin@chromium.org
Gerrit-Reviewer: Christian Walter
christian.walter@9elements.com
Gerrit-Reviewer: Felix Held
felix-coreboot@felixheld.de
Gerrit-Reviewer: Patrick Georgi
pgeorgi@google.com
Gerrit-Reviewer: Patrick Rudolph
siro@das-labor.org
Gerrit-Reviewer: Philipp Deppenwiese
zaolin.daisuki@gmail.com
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: Julius Werner
jwerner@chromium.org
Gerrit-Comment-Date: Wed, 24 Jul 2019 07:41:06 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment
