dberliner
commented
5 years ago My only concern is including the source in buildroot-external rather than pulling a repo or archive. Other than that it looks good to me.
Closed drbild closed 5 years ago
dberliner
commented
5 years ago My only concern is including the source in buildroot-external rather than pulling a repo or archive. Other than that it looks good to me.
drbild
commented
5 years ago Good call. That commit was from last year, before we had private Github repos. I've pulled the source into a separate repo.
Some of our boards have TPMs with an old firmware that is incompatible with newer firmwares. The details of the DAA signing algorithm were changes, so signatures created with the old firmware will not validate.
This series adds the newer Infineon TPM firmware and update tool to the provisioning firmware. The firmware will be updated on boot, if needed.