Change in coreboot[master]: soc/amd/common/block/psp: Add platform secure boot support - coreboot-gerrit

25 Feb 2022


      Attention is currently required from: Jason Glenesk, Raul Rangel, ritul guru, Marshall Dawson, Paul Menzel, Angel Pons, Aamir Bohra, Fred Reitberger.
Felix Held has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/60968 )
Change subject: soc/amd/common/block/psp: Add platform secure boot support
......................................................................
Patch Set 13:
(2 comments)
File src/soc/amd/common/block/psp/Kconfig:
https://review.coreboot.org/c/coreboot/+/60968/comment/5bdf4bc1_3b8e5b6b 
PS13, Line 48: 	bool "Platform secure boot enable"
i don't think that this should be a user selectable option; adding this strong to the type will make this a user-selectable option
in order for this option to cause the silicon to be fused we're still missing some other component that adds the signature to the image, right? so when the image isn't signed this option won't end up doing anything?
File src/soc/amd/common/block/psp/psb.c:
https://review.coreboot.org/c/coreboot/+/60968/comment/e6cd04dd_2380a6a6 
PS12, Line 208: BS_PAYLOAD_LOAD
...
We have done a fusing analysis, in which there are cases where BIOS and PSP can access fuse register […]
might be useful to add a comment about the reason for this being done late in the boot process
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/60968
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I30aac29a22a5800d5995a78c50fdecd660a3d4eb
Gerrit-Change-Number: 60968
Gerrit-PatchSet: 13
Gerrit-Owner: ritul guru ritul.bits@gmail.com
Gerrit-Reviewer: Aamir Bohra aamirbohra@gmail.com
Gerrit-Reviewer: Felix Held felix-coreboot@felixheld.de
Gerrit-Reviewer: Fred Reitberger reitbergerfred@gmail.com
Gerrit-Reviewer: Jason Glenesk jason.glenesk@gmail.com
Gerrit-Reviewer: Marshall Dawson marshalldawson3rd@gmail.com
Gerrit-Reviewer: Raul Rangel rrangel@chromium.org
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-CC: Angel Pons th3fanbus@gmail.com
Gerrit-CC: Paul Menzel paulepanter@mailbox.org
Gerrit-Attention: Jason Glenesk jason.glenesk@gmail.com
Gerrit-Attention: Raul Rangel rrangel@chromium.org
Gerrit-Attention: ritul guru ritul.bits@gmail.com
Gerrit-Attention: Marshall Dawson marshalldawson3rd@gmail.com
Gerrit-Attention: Paul Menzel paulepanter@mailbox.org
Gerrit-Attention: Angel Pons th3fanbus@gmail.com
Gerrit-Attention: Aamir Bohra aamirbohra@gmail.com
Gerrit-Attention: Fred Reitberger reitbergerfred@gmail.com
Gerrit-Comment-Date: Fri, 25 Feb 2022 16:26:32 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: ritul guru ritul.bits@gmail.com
Comment-In-Reply-To: Marshall Dawson marshalldawson3rd@gmail.com
Gerrit-MessageType: comment