[S] Change in coreboot[master]: security/vboot: Add function to clear recovery request - coreboot-gerrit

14 Apr 2023


      Attention is currently required from: Michał Żygowski.
Yu-Ping Wu has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/74343 )
Change subject: security/vboot: Add function to clear recovery request
......................................................................
Patch Set 3:
(1 comment)
File src/security/vboot/bootmode.c:
https://review.coreboot.org/c/coreboot/+/74343/comment/3682bc7d_e600444e 
PS3, Line 31: save_vbnv
Do we need to save nvdata here in this function? Usually it should be sufficient to save nvdata right before rebooting (for example `vboot_save_and_reboot`), or before handoff to the next boot stage (for ChromeOS we do this in depthcharge before handoff to kernel), instead of having to save it for each nvdata change.
I wonder if we can extend `BOOT_STATE_INIT_ENTRY(BS_POST_DEVICE, BS_ON_EXIT, back_up_vbnv_cmos)` to also saving nvdata, when some Kconfig option `VBOOT_SAVE_VBNV_BEFORE_PAYLOAD` is enabled (and only when `VB2_CONTEXT_NVDATA_CHANGED`).
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/74343
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I7ffaf3e8f61a28a68c9802c184961b1b9bf9d617
Gerrit-Change-Number: 74343
Gerrit-PatchSet: 3
Gerrit-Owner: Michał Żygowski michal.zygowski@3mdeb.com
Gerrit-Reviewer: Julius Werner jwerner@chromium.org
Gerrit-Reviewer: Michał Kopeć michal.kopec@3mdeb.com
Gerrit-Reviewer: Yu-Ping Wu yupingso@google.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-Attention: Michał Żygowski michal.zygowski@3mdeb.com
Gerrit-Comment-Date: Fri, 14 Apr 2023 07:35:57 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment