vboot: Add support for recovery hash space in TPM

Hardware / Coreboot - Furquan Shaikh [chromium.org] - 10 November 2016 11:10 UTC

1. Add a new index for recovery hash space in TPM - 0x100b 2. Add helper functions to read/write/lock recovery hash space in TPM 3. Add Kconfig option that can be selected by mainboards that want to define this space. 4. Lock this new space while jumping from RO to RW.

BUG=chrome-os-partner:59355 BRANCH=None TEST=Verified use of recovery hash space on reef.

Change-Id: I1cacd54f0a896d0f2af32d4b7c9ae581a918f9bb

b038f41 vboot: Add support for recovery hash space in TPM
src/include/antirollback.h | 9 ++++
src/vboot/Kconfig | 8 ++++
src/vboot/Makefile.inc | 8 ++++
src/vboot/secdata_mock.c | 5 +++
src/vboot/secdata_tpm.c | 97 ++++++++++++++++++++++++++++++++++++++++++++
src/vboot/vboot_logic.c | 13 ++++++
6 files changed, 140 insertions(+)

Upstream: review.coreboot.org

Related Coreboot Activity

vboot: Add support for reading GBB flags
Furquan Shaikh

vboot: Add config to enable EC EFS support
Daisuke Nojiri

vboot: Add support for recovery mode with forced memory retraining
Furquan Shaikh

vboot: Add support for OPROM_MATTERS and SLOW_EC
Duncan Laurie

Recent Coreboot Activity

vboot: Add catchall recovery reason for unspecified phase 4 errors
Julius Werner

mb/google/guybrush/Kconfig.name: Alphabetize entries, add names
Matt DeVillier

mb/google/skyrim/Kconfig.name: Alphabetize entries, add names
Matt DeVillier

soc/amd/*/Kconfig: rework SPL options
Felix Held

soc/intel/meteorlake: Add PsysPmax configuration
Jakub Czapiga

vboot: Add support for recovery hash space in TPM

Hardware / Coreboot - Furquan Shaikh [chromium.org] - 10 November 2016 11:10 UTC

Related Coreboot Activity

Share

Recent Coreboot Activity