Attention is currently required from: David Wu, Ian Feng, Kapil Porwal, Nick Vaccaro, Qinghong Zeng, Reka Norman, Subrata Banik.
Hello David Wu, Eric Lai, Ian Feng, Kapil Porwal, Nick Vaccaro, Reka Norman, Subrata Banik, Tyler Wang, Weimin Wu, Yu-Ping Wu, build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/80158?usp=email
to look at the new patch set (#3).
Change subject: mb/google/brya: When checking the EC trust logic, the status of Ti50 is not checked and 0 is always returned. Therefore, TPM_GOOGLE_TI50 needs to be added for judgment ......................................................................
mb/google/brya: When checking the EC trust logic, the status of Ti50 is not checked and 0 is always returned. Therefore, TPM_GOOGLE_TI50 needs to be added for judgment
With Cr50, the GPIO EC_IN_RW is used to determine whether EC is trusted. However, With the switch to Ti50, it is determined by Ti50's boot mode. If the boot mode is TRUSTED_RO, the VB2_CONTEXT_EC_TRUSTED flag will be set in check_boot_mode(). Therefore in the Ti50 case get_ec_is_trusted() can just return 0.
The current code of get_ec_is_trusted() only checks the GPIO, which causes the EC to be always considered "trusted". Therefore, correct the return value to 0 for TPM_GOOGLE_TI50.
BUG=b:321172119 TEST=emerge-nissa coreboot chromeos-bootimage TEST=firmware_DevMode passed in FAFT test
Change-Id: I308f8b36411030911c4421d80827fc49ff325a1b Signed-off-by: Qinghong Zeng <zengqinghong@huaqin.corp- partner.google.com> --- M src/mainboard/google/brya/chromeos.c 1 file changed, 4 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/58/80158/3