security/tpm: Enable Hibernate on setup failure
Set default to enabled for hibernate on setup failure for all devices using a Google EC. This will have no impact on devices that don't bring the GSC down on hibernate, but will provide a recovery path for all devices that do. BUG=b:296439237 TEST=Force error on Skyrim with custom build, boot normally with normal build Change-Id: I2d9e8f75b25fb6c530a333024c342bea871eb85d Signed-off-by: Jon Murphy <jpmurphy@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/78098 Reviewed-by: Karthik Ramasubramanian <kramasub@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
parent
b63017fb71
commit
3aa7bb0d32
|
@ -247,9 +247,4 @@ config SPI_FLASH_STMICRO
|
||||||
config SPI_FLASH_WINBOND
|
config SPI_FLASH_WINBOND
|
||||||
default y
|
default y
|
||||||
|
|
||||||
# Enable hibernate on TPM setup error as needed
|
|
||||||
config TPM_SETUP_HIBERNATE_ON_ERR
|
|
||||||
bool
|
|
||||||
default y
|
|
||||||
|
|
||||||
endif # BOARD_GOOGLE_BASEBOARD_SKYRIM
|
endif # BOARD_GOOGLE_BASEBOARD_SKYRIM
|
||||||
|
|
|
@ -176,6 +176,7 @@ endmenu # Trusted Platform Module (tpm)
|
||||||
config TPM_SETUP_HIBERNATE_ON_ERR
|
config TPM_SETUP_HIBERNATE_ON_ERR
|
||||||
bool
|
bool
|
||||||
depends on EC_GOOGLE_CHROMEEC
|
depends on EC_GOOGLE_CHROMEEC
|
||||||
|
default y
|
||||||
help
|
help
|
||||||
Select this to force a device to hibernate on the next AP shutdown when a TPM
|
Select this to force a device to hibernate on the next AP shutdown when a TPM
|
||||||
setup error occurs. This will cause a cold boot of the system and offer an
|
setup error occurs. This will cause a cold boot of the system and offer an
|
||||||
|
|
Loading…
Reference in New Issue