Attention is currently required from: David Wu, Ian Feng, Kapil Porwal, Nick Vaccaro, Qinghong Zeng, Reka Norman, Subrata Banik.

Qinghong Zeng uploaded patch set #3 to this change.

View Change

mb/google/brya: When checking the EC trust logic, the status of Ti50 is not checked and 0 is always returned. Therefore, TPM_GOOGLE_TI50 needs to be added for judgment

With Cr50, the GPIO EC_IN_RW is used to determine whether EC is trusted. However, With the switch to Ti50, it is determined by Ti50's boot mode. If the boot mode is TRUSTED_RO, the VB2_CONTEXT_EC_TRUSTED flag will be set in check_boot_mode(). Therefore in the Ti50 case get_ec_is_trusted() can just return 0.

The current code of get_ec_is_trusted() only checks the GPIO, which
causes the EC to be always considered "trusted". Therefore, correct the return value to 0 for TPM_GOOGLE_TI50.

BUG=b:321172119
TEST=emerge-nissa coreboot chromeos-bootimage
TEST=firmware_DevMode passed in FAFT test

Change-Id: I308f8b36411030911c4421d80827fc49ff325a1b
Signed-off-by: Qinghong Zeng <zengqinghong@huaqin.corp- partner.google.com>
---
M src/mainboard/google/brya/chromeos.c
1 file changed, 4 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/58/80158/3

To view, visit change 80158. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: I308f8b36411030911c4421d80827fc49ff325a1b
Gerrit-Change-Number: 80158
Gerrit-PatchSet: 3
Gerrit-Owner: Qinghong Zeng <zengqinghong@huaqin.corp-partner.google.com>
Gerrit-Reviewer: David Wu <david_wu@quanta.corp-partner.google.com>
Gerrit-Reviewer: Eric Lai <ericllai@google.com>
Gerrit-Reviewer: Ian Feng <ian_feng@compal.corp-partner.google.com>
Gerrit-Reviewer: Kapil Porwal <kapilporwal@google.com>
Gerrit-Reviewer: Nick Vaccaro <nvaccaro@chromium.org>
Gerrit-Reviewer: Reka Norman <rekanorman@chromium.org>
Gerrit-Reviewer: Subrata Banik <subratabanik@google.com>
Gerrit-Reviewer: Tyler Wang <tyler.wang@quanta.corp-partner.google.com>
Gerrit-Reviewer: Weimin Wu <wuweimin@huaqin.corp-partner.google.com>
Gerrit-Reviewer: Yu-Ping Wu <yupingso@google.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Paul Menzel <paulepanter@mailbox.org>
Gerrit-Attention: David Wu <david_wu@quanta.corp-partner.google.com>
Gerrit-Attention: Ian Feng <ian_feng@compal.corp-partner.google.com>
Gerrit-Attention: Subrata Banik <subratabanik@google.com>
Gerrit-Attention: Reka Norman <rekanorman@chromium.org>
Gerrit-Attention: Kapil Porwal <kapilporwal@google.com>
Gerrit-Attention: Nick Vaccaro <nvaccaro@chromium.org>
Gerrit-Attention: Qinghong Zeng <zengqinghong@huaqin.corp-partner.google.com>
Gerrit-MessageType: newpatchset