GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

vboot: Upgrade kernel space to v1.0 

This patch upgrades the kernel space to v1.0 to accommodate EC hash,
which is used for CrOS EC's early firmware selection.

BUG=chromium:1045217
BRANCH=none
TEST=Boot Helios. Verify software sync works.

Cq-Depend: chromium:2041695
Change-Id: I525f1551afd1853cae826e87198057410167b239
Signed-off-by: dnojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39137
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Joel Kitching <kitching@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This commit is contained in:
dnojiri 2020-01-28 12:34:20 -08:00 committed by Patrick Georgi
parent 94b032ee5e
commit 58cf6030f5
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/security/vboot/secdata_tpm.c
View File

@ -91,7 +91,7 @@ static uint32_t write_secdata(uint32_t index,
const uint8_t *secdata,
uint32_t len)
{
uint8_t sd[32];
uint8_t sd[MAX(VB2_SECDATA_KERNEL_SIZE, VB2_SECDATA_FIRMWARE_SIZE)];
uint32_t rv;
int attempts = 3;
@ -214,6 +214,8 @@ static uint32_t set_rec_hash_space(const uint8_t *data)
static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
{
vb2api_secdata_kernel_create(ctx);
RETURN_ON_FAILURE(tlcl_force_clear());
/*
@ -296,6 +298,8 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
TPM_PERMANENT_FLAGS pflags;
uint32_t result;
vb2api_secdata_kernel_create_v0(ctx);
result = tlcl_get_permanent_flags(&pflags);
if (result != TPM_SUCCESS)
return result;
@ -329,10 +333,10 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
/* Define and write secdata_kernel space. */
RETURN_ON_FAILURE(safe_define_space(KERNEL_NV_INDEX,
TPM_NV_PER_PPWRITE,
VB2_SECDATA_KERNEL_SIZE));
VB2_SECDATA_KERNEL_SIZE_V02));
RETURN_ON_FAILURE(write_secdata(KERNEL_NV_INDEX,
ctx->secdata_kernel,
VB2_SECDATA_KERNEL_SIZE));
VB2_SECDATA_KERNEL_SIZE_V02));
/* Define and write secdata_firmware space. */
RETURN_ON_FAILURE(safe_define_space(FIRMWARE_NV_INDEX,
@ -376,9 +380,11 @@ static uint32_t factory_initialize_tpm(struct vb2_context *ctx)
{
uint32_t result;
/* Set initial values of secdata_firmware and secdata_kernel spaces. */
/*
* Set initial values of secdata_firmware space.
* kernel space is created in _factory_initialize_tpm().
*/
vb2api_secdata_firmware_create(ctx);
vb2api_secdata_kernel_create(ctx);
VBDEBUG("TPM: factory initialization\n");