12 comments:
File src/security/intel/stm/SmmStm.c:
if you're willing to do a clang-fmt pass and check the output that would save some work? […]
Done
Patch Set #6, Line 439: for (SubIndex = 0;
Done
Done
Patch Set #6, Line 442: if ((Resource->PciCfg.PciDevicePath[SubIndex].PciDevice >
Done
Done
Patch Set #6, Line 442: if ((Resource->PciCfg.PciDevicePath[SubIndex].PciDevice >
Done
Done
Patch Set #6, Line 442: if ((Resource->PciCfg.PciDevicePath[SubIndex].PciDevice >
Done
Done
Patch Set #6, Line 444: (Resource->PciCfg.PciDevicePath[SubIndex].PciFunction >
Done
Done
Patch Set #6, Line 548: //mStmResourcesPtr = (uint8_t *)(UINTN)NewResource;
if you have commented code there are better options, since one day it may be uncommented for some re […]
Done
Patch Set #6, Line 748: (STM_PAGES_TO_SIZE(STM_SIZE_TO_PAGES(StmHeader->SwStmHdr.StaticImageSize))
Done
Done
Patch Set #6, Line 750: + (StmHeader->SwStmHdr.PerProcDynamicMemorySize
Done
Done
Patch Set #6, Line 750: + (StmHeader->SwStmHdr.PerProcDynamicMemorySize
Done
Done
Patch Set #6, Line 791: uint32_t
Done
Done
Patch Set #6, Line 842: TpmMeasureAndLogData(
Totally forgot. If vboot is enabled measurements are done automatically. […]
It seems that vboot would not know to measure the STM since it is a blob and that it would be loaded at run time.
For a D-RTM (or TXT) boot, the STM is measured during the D-RTM phase and SINIT provides the STM measurement along with the MLE.
This is intended to replace that during a non-D-RTM boot.
To view, visit change 33234. To unsubscribe, or for help writing mail filters, visit settings.