Attention is currently required from: Michał Żygowski, Maciej Pijanowski, Christian Walter, Julius Werner, Krystian Hebel.
Sergii Dmytruk has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/68748 )
Change subject: security/tpm: add TPM log format as per 2.0 spec ......................................................................
Patch Set 8:
(1 comment)
File src/security/tpm/tpm2_log_serialized.h:
https://review.coreboot.org/c/coreboot/+/68748/comment/03d335e9_ae1d6e41 PS7, Line 20: #if CONFIG(TPM_LOG_TPM2) : # if CONFIG(TPM_HASH_SHA1) : # define TPM_20_LOG_DIGEST_MAX_LENGTH SHA1_DIGEST_SIZE : # endif : # if CONFIG(TPM_HASH_SHA256) : # define TPM_20_LOG_DIGEST_MAX_LENGTH SHA256_DIGEST_SIZE : # endif : # if CONFIG(TPM_HASH_SHA384) : # define TPM_20_LOG_DIGEST_MAX_LENGTH SHA384_DIGEST_SIZE : # endif : # if CONFIG(TPM_HASH_SHA512) : # define TPM_20_LOG_DIGEST_MAX_LENGTH SHA512_DIGEST_SIZE : # endif : : # ifndef TPM_20_LOG_DIGEST_MAX_LENGTH : # error "Misconfiguration: failed to determine TPM hashing algorithm" : # endif : #else : # define TPM_20_LOG_DIGEST_MAX_LENGTH 1 /* To avoid compilation error */ : #endif
We want to be crypto agile actually, so I would get rid of that. […]
Read https://ticket.coreboot.org/issues/421 for reasons why this isn't the case.