Bill XIE has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35077 )
Change subject: security/vboot: Decouple measured boot from verified boot
......................................................................
Patch Set 75:
Patch Set 75:
BTW: This patch does not compile on Apollo Lake when both TPM_MEASURED_BOOT and VBOOT are selected at the same time. This is because Alollo Lake selects VBOOT_STARTS_IN_BOOTBLOCK and now tss.c is added to the bootblock while the tpm driver is not. So there is a linker error right now:
uild/bootblock/security/tpm/tss/tcg-2.0/tss.o: In function `tpm_process_command':
coreboot/src/security/tpm/tss/tcg-2.0/tss.c:44: undefined reference to `tis_sendrecv'
build/bootblock/security/tpm/tss/tcg-2.0/tss.o: In function `tlcl_lib_init':
coreboot/src/security/tpm/tss/tcg-2.0/tss.c:198: undefined reference to `tis_init'
coreboot/src/security/tpm/tss/tcg-2.0/tss.c:203: undefined reference to `tis_open'
Was it meant to have these two options (TPM_MEASURED_BOOT and VBOOT) now exclusive?
It means an "bootblock-$(CONFIG_LPC_TPM) += tis.c" may need to be added into each Makefile.inc of tpm implementations.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/35077
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I1fb376b4a8b98baffaee4d574937797bba1f8aee
Gerrit-Change-Number: 35077
Gerrit-PatchSet: 75
Gerrit-Owner: Bill XIE
persmule@hardenedlinux.org
Gerrit-Reviewer: Aaron Durbin
adurbin@chromium.org
Gerrit-Reviewer: Bill XIE
persmule@hardenedlinux.org
Gerrit-Reviewer: David Guckian
david.guckian@intel.com
Gerrit-Reviewer: Frans Hendriks
fhendriks@eltan.com
Gerrit-Reviewer: Julius Werner
jwerner@chromium.org
Gerrit-Reviewer: Martin Roth
martinroth@google.com
Gerrit-Reviewer: Patrick Georgi
pgeorgi@google.com
Gerrit-Reviewer: Patrick Rudolph
siro@das-labor.org
Gerrit-Reviewer: Philipp Deppenwiese
zaolin.daisuki@gmail.com
Gerrit-Reviewer: Vanessa Eusebio
vanessa.f.eusebio@intel.com
Gerrit-Reviewer: Werner Zeh
werner.zeh@siemens.com
Gerrit-Reviewer: Wim Vervoorn
wvervoorn@eltan.com
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: 9elements QA
hardwaretestrobot@gmail.com
Gerrit-CC: Joel Kitching
kitching@google.com
Gerrit-CC: Paul Menzel
paulepanter@users.sourceforge.net
Gerrit-CC: Shawn C
citypw@hardenedlinux.org
Gerrit-Comment-Date: Tue, 31 Mar 2020 12:45:35 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment