summaryrefslogtreecommitdiff
path: root/src/security/intel
diff options
context:
space:
mode:
authordnojiri <dnojiri@chromium.org>2020-04-03 10:56:43 -0700
committerJulius Werner <jwerner@chromium.org>2020-04-17 22:01:48 +0000
commitdff56a056c7dadf0d970cfe29f0bc9c1fec69e82 (patch)
treef45288b8377774613b0a3deffe689dcd64977af7 /src/security/intel
parent622c6b84ab029a366dd09740a24d36ae9fad697f (diff)
ec_sync: Run EFS2 in romstage
EFS2 allows EC RO to enable PD for special cases. When doing so, it sets NO_BOOT flag to avoid booting the OS. AP needs to get NO_BOOT flag from Cr50 and enforce that. This patch makes verstage get a boot mode and a mirrored hash stored in kernel secdata from Cr50. This patch also makes romstage write an expected EC hash (a.k.a. Hexp) to Cr50 (if there is an update). BUG=b:147298634, chromium:1045217, b:148259137 BRANCH=none TEST=Verify software sync succeeds on Puff. Signed-off-by: dnojiri <dnojiri@chromium.org> Change-Id: I1f387b6e920205b9cc4c8536561f2a279c36413d Reviewed-on: https://review.coreboot.org/c/coreboot/+/40389 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'src/security/intel')
0 files changed, 0 insertions, 0 deletions