Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35077 )
Change subject: security/vboot: Decouple measured boot from verified boot ......................................................................
Patch Set 69: Code-Review-2
Sorry, but this is making a giant mess of things again. We're now up to three different configurations (start extending in bootblock, verstage, or romstage), and the code is littered all over the place.
I just want to clarify (because I actually forgot that myself halfway through the discussion that *Patchset 61 actually changes nothing about when hashes get extended to the TPM when CONFIG(VBOOT) is enabled!* In the Patchset 61 version, hashes are written to the TPM as soon as tspi_tpm_is_setup() returns true, which it does after tpm_setup() runs. When CONFIG(VBOOT) is enabled, that happens in verstage! So the TCPA log replay (which happens as part of tpm_setup()) also happens in verstage. The only hashes that actually get replayed from memory in this configuration are the bootblock and verstage themselves, which the old version would manually measure after the fact at that same point. For CONFIG(VBOOT) builds, this doesn't write anything to the TPM at a later point than the old version did (and it actually also measures other platform-specific files that the bootblock might load, which was a hole in the old version).
So can we please go back to discussion the problem with that approach? Because it really doesn't change anything for the configuration you care about.