From 3aa7bb0d3232dfcb0af0e18565a4ded83d70142d Mon Sep 17 00:00:00 2001
From: Jon Murphy <jpmurphy@google.com>
Date: Fri, 22 Sep 2023 15:29:20 -0600
Subject: security/tpm: Enable Hibernate on setup failure

Set default to enabled for hibernate on setup failure for all devices
using a Google EC.  This will have no impact on devices that don't
bring the GSC down on hibernate, but will provide a recovery path
for all devices that do.

BUG=b:296439237
TEST=Force error on Skyrim with custom build, boot normally with
normal build

Change-Id: I2d9e8f75b25fb6c530a333024c342bea871eb85d
Signed-off-by: Jon Murphy <jpmurphy@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78098
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
 src/security/tpm/Kconfig | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/security')

diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig
index c06150dacd..e129f51d26 100644
--- a/src/security/tpm/Kconfig
+++ b/src/security/tpm/Kconfig
@@ -176,6 +176,7 @@ endmenu # Trusted Platform Module (tpm)
 config TPM_SETUP_HIBERNATE_ON_ERR
 	bool
 	depends on EC_GOOGLE_CHROMEEC
+	default y
 	help
 	  Select this to force a device to hibernate on the next AP shutdown when a TPM
 	  setup error occurs. This will cause a cold boot of the system and offer an
-- 
cgit v1.2.3