erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coreboot/src
History
Julius Werner 39914a50ae soc/intel: Add SI_DESC region to GSCVD ranges 
Intel platforms have soft straps stored in the SI_DESC FMAP section
which can alter boot behavior and may open up a security risk if they
can be modified by an attacker. This patch adds the SI_DESC region to
the list of ranges covered by GSC verification (CONFIG_VBOOT_GSCVD).

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I0f1b297e207d3c6152bf99ec5a5b0983f01b2d0b
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66346
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2022-09-03 00:41:33 +00:00
..
acpi treewide: Unify Google branding 2022-07-04 14:02:26 +00:00
arch x86: Zero SMBIOS region before writing tables 2022-08-26 17:32:30 +00:00
commonlib cbfs/vboot: Adapt to new vb2_digest API 2022-09-02 23:51:29 +00:00
console console: Make CONSOLE_SPI_FLASH depend on BOOT_DEVICE_SPI_FLASH 2022-04-27 06:55:47 +00:00
cpu arch/x86: Fix MAX_CPUS check proper for late X2APIC config 2022-07-25 10:06:18 +00:00
device device/dram/ddr4.c: note that dimm size calculation won't work for 3DS 2022-08-31 16:45:47 +00:00
drivers drivers/elog/gsmi.c: Fix compiling for 64bit 2022-09-01 16:43:33 +00:00
ec acpi: Replace EC_ENABLE_AMD_DPTC_SUPPORT with Kconfig value 2022-08-31 19:03:02 +00:00
include cbfs/vboot: Adapt to new vb2_digest API 2022-09-02 23:51:29 +00:00
lib cbfs/vboot: Adapt to new vb2_digest API 2022-09-02 23:51:29 +00:00
mainboard mb/google/skyrim: Remove elog_gsmi_cb_mainboard_log_wake_source 2022-09-02 16:26:41 +00:00
northbridge nb/intel/sandybridge: Align TOUUD down to 1 MiB granularity 2022-08-26 14:20:26 +00:00
sbom Add SBOM (Software Bill of Materials) Generation 2022-08-22 14:48:46 +00:00
security soc/intel: Add SI_DESC region to GSCVD ranges 2022-09-03 00:41:33 +00:00
soc soc/intel: Add SI_DESC region to GSCVD ranges 2022-09-03 00:41:33 +00:00
southbridge amd/*/Makefile.inc: Put common words into common Makefile.inc 2022-09-01 16:33:54 +00:00
superio superio/ite/common/early_serial.c: ite_kill_watchdog: set timeout to 0 2022-08-07 19:54:43 +00:00
vendorcode cbfs/vboot: Adapt to new vb2_digest API 2022-09-02 23:51:29 +00:00
Kconfig Add SBOM (Software Bill of Materials) Generation 2022-08-22 14:48:46 +00:00