Hi Michal,
this _could_ have been a good starting point - however we decided to
integrate this into the Converged Security Suite
(github.com/9elements/converged-security-suite
<http://github.com/9elements/converged-security-suite>) which already is
part of coreboot as a 3rdparty module. However even if we _would_ extend
your tooling - NDA issues still are not resolved. As Arthur pointed out,
we would hope to integrate this as a binary as a temporary solution,
until Intel clears out the NDA issues. And also in the sense of moving
forward, I would like to choose Golang over C in this case.
Best,
Chris
Am Di., 9. Feb. 2021 um 12:14 Uhr schrieb Michal Zygowski
<[email protected] <mailto:[email protected]>>:
Hi Christian,
On 09.02.2021 11:58, Christian Walter wrote:
> Hi Michal,
>
> mind pointing me to the tooling you make for *creating* these
manifests?
>
There is a whole intel_bootguard topic:
https://review.coreboot.org/q/topic:intel_bootguard
<https://review.coreboot.org/q/topic:intel_bootguard>
In particular have a look at these patches:
- Tool: https://review.coreboot.org/c/coreboot/+/43403
<https://review.coreboot.org/c/coreboot/+/43403>
- Hook manifest creation into build system:
https://review.coreboot.org/c/coreboot/+/43404
<https://review.coreboot.org/c/coreboot/+/43404>
The manifests layout is implemented in the tool. Although it creates the
v1.0 manifests and AFAIK CBnT required v2.1 format, but this tool can be
a good base, isn't it?
Best regards,
--
Michał Żygowski
Firmware Engineer
https://3mdeb.com <https://3mdeb.com> | @3mdeb_com
_______________________________________________
coreboot mailing list -- [email protected]
<mailto:[email protected]>
To unsubscribe send an email to [email protected]
<mailto:[email protected]>
_______________________________________________
coreboot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
