Attention is currently required from: Furquan Shaikh, Aseda Aboagye. Hello build bot (Jenkins), Furquan Shaikh, Julius Werner, Aaron Durbin,

I'd like you to reexamine a change. Please visit

https://review.coreboot.org/c/coreboot/+/54304

to look at the new patch set (#2).

Change subject: vboot/secdata_mock: Make v0 kernel secdata context ......................................................................

vboot/secdata_mock: Make v0 kernel secdata context

Vboot implicitly assumes that for EFS2 (Early Firmware Selection v2) systems, secdata is stored between reboots. For MOCK_SECDATA, we cannot retain data across a reboot (which is what EFS2 needs in order to use Hmir, the mirrored EC hash). Therefore, in order for vboot to skip the Hmir sync while using MOCK_SECDATA, we need to have MOCK_SECDATA create a v0 secdata kernel context. Otherwise, this would result in a reboot loop where vboot attempts to set Hmir and retrieve it after a reboot, but the value is not expected.

This was encountered on using a firmware built with MOCK_SECDATA but had EC software sync enabled.

BUG=b:187843114 BRANCH=None TEST=`USE=mocktpm cros build-ap -b keeby`; Flash keeby device, verify that DUT does not continuously reboot with EC software sync enabled.

Signed-off-by: Aseda Aboagye aaboagye@google.com Change-Id: Id8e81afcddadf27d9eec274f7f85ff1520315aaa --- M src/security/vboot/secdata_mock.c 1 file changed, 11 insertions(+), 1 deletion(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/04/54304/2