summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
authorJon Murphy <jpmurphy@google.com>2023-09-22 15:29:20 -0600
committerFelix Held <felix-coreboot@felixheld.de>2023-10-02 17:06:32 +0000
commit3aa7bb0d3232dfcb0af0e18565a4ded83d70142d (patch)
treeae394e2acf18ac71ca01488b4f4eebceded17016 /src/security
parentb63017fb719cefaa0dcec750048da352a31956c5 (diff)
security/tpm: Enable Hibernate on setup failure
Set default to enabled for hibernate on setup failure for all devices using a Google EC. This will have no impact on devices that don't bring the GSC down on hibernate, but will provide a recovery path for all devices that do. BUG=b:296439237 TEST=Force error on Skyrim with custom build, boot normally with normal build Change-Id: I2d9e8f75b25fb6c530a333024c342bea871eb85d Signed-off-by: Jon Murphy <jpmurphy@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/78098 Reviewed-by: Karthik Ramasubramanian <kramasub@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security')
-rw-r--r--src/security/tpm/Kconfig1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig
index c06150dacd..e129f51d26 100644
--- a/src/security/tpm/Kconfig
+++ b/src/security/tpm/Kconfig
@@ -176,6 +176,7 @@ endmenu # Trusted Platform Module (tpm)
config TPM_SETUP_HIBERNATE_ON_ERR
bool
depends on EC_GOOGLE_CHROMEEC
+ default y
help
Select this to force a device to hibernate on the next AP shutdown when a TPM
setup error occurs. This will cause a cold boot of the system and offer an