Attention is currently required from: Jason Glenesk, Raul Rangel, Matt DeVillier, Christian Walter, Julius Werner, Krystian Hebel, Fred Reitberger, Sergii Dmytruk, Felix Held.

Michał Żygowski has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/69162 )

Change subject: security/tpm: support compiling in multiple TPM drivers ......................................................................

Patch Set 7:

(3 comments)

Commit Message:

https://review.coreboot.org/c/coreboot/+/69162/comment/8afd70a0_7c020971 PS7, Line 9: Starting from here CONFIG_TPM1 and CONFIG_TPM2 are no longer mutually : exclusive. : We would also want to have MEMORY_MAPPED_TPM and CRB_TPM to stop being mutually exclusive. Is it possible with current patchset?

https://review.coreboot.org/c/coreboot/+/69162/comment/6c337ed9_d364ad8d PS7, Line 12: Making probe functions static and always using them uncovered that : bootblock stage included TPM driver which it didn't use. This is why : Makefile.inc files were updated to replace `all-*` with : romstage, ramstage and verstage. In some cases TPM driver is used in bootblock, e.g. when Intel TXT or BootGuard is enabled. Why can't we include TPM drivers in bootblock?

File src/lib/program.ld:

https://review.coreboot.org/c/coreboot/+/69162/comment/4f51f6f9_0a315c1e PS7, Line 42: . = ALIGN(ARCH_POINTER_ALIGN_SIZE); : _tis_drivers = .; : KEEP(*(.rodata.tis_driver)); : _etis_drivers = .; : RECORD_SIZE(tis_drivers) Not sure why do we need it. Could you elaborate?