Patrick Georgi has submitted this change. ( https://review.coreboot.org/c/coreboot/+/52969 )

Change subject: security/intel/txt: Set up TPM in bootblock if using measured boot ......................................................................

security/intel/txt: Set up TPM in bootblock if using measured boot

Change-Id: I1225757dbc4c6fb5a30d1aa12987661a0a6eb538 Signed-off-by: Arthur Heymans arthur@aheymans.xyz Reviewed-on: https://review.coreboot.org/c/coreboot/+/52969 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Philipp Deppenwiese zaolin.daisuki@gmail.com Reviewed-by: Angel Pons th3fanbus@gmail.com --- M src/security/intel/txt/Kconfig 1 file changed, 1 insertion(+), 0 deletions(-)

Approvals: build bot (Jenkins): Verified Philipp Deppenwiese: Looks good to me, approved Angel Pons: Looks good to me, but someone else must approve

diff --git a/src/security/intel/txt/Kconfig b/src/security/intel/txt/Kconfig index c1442c8..14b4f6a 100644 --- a/src/security/intel/txt/Kconfig +++ b/src/security/intel/txt/Kconfig @@ -6,6 +6,7 @@ select MRC_SETTINGS_PROTECT if CACHE_MRC_SETTINGS select ENABLE_VMX if CPU_INTEL_COMMON select AP_IN_SIPI_WAIT + select TPM_MEASURED_BOOT_INIT_BOOTBLOCK if TPM_MEASURED_BOOT depends on (TPM1 || TPM2) depends on CPU_INTEL_FIRMWARE_INTERFACE_TABLE depends on PLATFORM_HAS_DRAM_CLEAR