Go to file
Julius Werner 76e3303290 chromeos: vboot2: Add TPM PCR extension support
ChromeOS/vboot devices expect the TPM PCRs 0 and 1 to be extended with
digests that attest the chosen boot mode (developer/recovery) and the
HWID in a secure way. This patch uses the newly added vboot2 support
functions to fetch these digests and store them in the TPM.

CQ-DEPEND=CL:244542
BRANCH=veyron
BUG=chromium:451609
TEST=Booted Jerry. Confirmed that PCR0 contains the same value as on my
vboot1 Blaze and Falco (and PCR1 contains some non-zero hash).

Original-Change-Id: I7037b8198c09fccee5440c4c85f0821166784cec
Original-Signed-off-by: Julius Werner <jwerner@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/245119
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>

(cherry picked from commit 8b44e13098cb7493091f2ce6c4ab423f2cbf0177)
Signed-off-by: Aaron Durbin <adurbin@chromium.org>

Change-Id: I549de8c07353683633fbf73e4ee62ba0ed72ff89
Reviewed-on: http://review.coreboot.org/9706
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2015-04-20 17:06:28 +02:00
3rdparty@892a6976ba 3rdparty: move checkout marker forward 2015-04-14 01:09:51 +02:00
documentation documentation: define downstream data consumption rules 2015-04-07 00:20:13 +02:00
payloads libpayload udc: Support legal edge case of GET_CONFIGURATION call 2015-04-18 08:42:40 +02:00
src chromeos: vboot2: Add TPM PCR extension support 2015-04-20 17:06:28 +02:00
util cbfstool: clean up source code 2015-04-18 08:50:38 +02:00
.gitignore .gitignore: add the doxygen directory. 2014-12-14 23:30:45 +01:00
.gitmodules nvidia/cbootimage: avoid upstream's build system 2014-10-02 10:26:58 +02:00
.gitreview
COPYING
Makefile Makefile: Fix dependency tracking for ramstage objects 2015-04-17 09:55:31 +02:00
Makefile.inc Makefile: Fix dependency tracking for ramstage objects 2015-04-17 09:55:31 +02:00
README
toolchain.inc ARM: Remove -mno-unaligned-access 2015-04-17 09:21:16 +02:00

README

-------------------------------------------------------------------------------
coreboot README
-------------------------------------------------------------------------------

coreboot is a Free Software project aimed at replacing the proprietary BIOS
(firmware) found in most computers.  coreboot performs a little bit of
hardware initialization and then executes additional boot logic, called a
payload.

With the separation of hardware initialization and later boot logic,
coreboot can scale from specialized applications that run directly
firmware, run operating systems in flash, load custom
bootloaders, or implement firmware standards, like PC BIOS services or
UEFI. This allows for systems to only include the features necessary
in the target application, reducing the amount of code and flash space
required.

coreboot was formerly known as LinuxBIOS.


Payloads
--------

After the basic initialization of the hardware has been performed, any
desired "payload" can be started by coreboot.

See http://www.coreboot.org/Payloads for a list of supported payloads.


Supported Hardware
------------------

coreboot supports a wide range of chipsets, devices, and mainboards.

For details please consult:

 * http://www.coreboot.org/Supported_Motherboards
 * http://www.coreboot.org/Supported_Chipsets_and_Devices


Build Requirements
------------------

 * gcc / g++
 * make

Optional:

 * doxygen (for generating/viewing documentation)
 * iasl (for targets with ACPI support)
 * gdb (for better debugging facilities on some targets)
 * ncurses (for 'make menuconfig')
 * flex and bison (for regenerating parsers)


Building coreboot
-----------------

Please consult http://www.coreboot.org/Build_HOWTO for details.


Testing coreboot Without Modifying Your Hardware
------------------------------------------------

If you want to test coreboot without any risks before you really decide
to use it on your hardware, you can use the QEMU system emulator to run
coreboot virtually in QEMU.

Please see http://www.coreboot.org/QEMU for details.


Website and Mailing List
------------------------

Further details on the project, a FAQ, many HOWTOs, news, development
guidelines and more can be found on the coreboot website:

  http://www.coreboot.org

You can contact us directly on the coreboot mailing list:

  http://www.coreboot.org/Mailinglist


Copyright and License
---------------------

The copyright on coreboot is owned by quite a large number of individual
developers and companies. Please check the individual source files for details.

coreboot is licensed under the terms of the GNU General Public License (GPL).
Some files are licensed under the "GPL (version 2, or any later version)",
and some files are licensed under the "GPL, version 2". For some parts, which
were derived from other projects, other (GPL-compatible) licenses may apply.
Please check the individual source files for details.

This makes the resulting coreboot images licensed under the GPL, version 2.