Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/43405 )
Change subject: Documentation/security/intel: add Boot Guard related documentation ......................................................................
Patch Set 1:
(1 comment)
https://review.coreboot.org/c/coreboot/+/43405/1/Documentation/security/inte... File Documentation/security/intel/bootguard.md:
https://review.coreboot.org/c/coreboot/+/43405/1/Documentation/security/inte... PS1, Line 22: Mode is disabled the FPFs are blown and it is impossible : to change the Boot Guard status (either enabled with keys you do not have : access to or permanently disabled
maybe document somewhere that bootguard can be tested without blowing the fuses. […]
AFAIK it's not possible to do so on all platforms. Only those where ME/TXE has UEP (Unified Emulation Partition).