diff options
author | Vadim Bendebury <vbendeb@chromium.org> | 2017-06-21 12:23:22 -0700 |
---|---|---|
committer | Vadim Bendebury <vbendeb@chromium.org> | 2017-06-21 20:29:11 +0000 |
commit | 08f93599a9728682783505fe7e6fa3e3b025a497 (patch) | |
tree | 83cc72f8af4b813b699a44921e368f0f6810fb62 /src/include/bootmode.h | |
parent | ca117e7f49a618883b0fdaa83bd653e31df0046d (diff) | |
download | coreboot-08f93599a9728682783505fe7e6fa3e3b025a497.tar.xz |
cr50: process uninitialized values gracefully
The vboot code tries reading rollback protection indices from the TPM,
and if the attempt to read returns TPM_E_BADINDEX, it decides that the
TPM has not yet been initialized for the Chromebook use, and needs to
be taken through the factory initialization sequence.
TPM_E_BADINDEX is an internal representation of the TPM error 0x28b,
generated on attempts to read a non existing NVMEM space.
If the space exists, but has never been written the TPM returns error
0x14a. This condition (the space exists but not written) could happen
if the previous factory initialization attempt was interrupted right
after the space was created.
Let's map this error to the same internal representation
(TPM_E_BADINDEX) so that the Chrome OS device could recover when this
condition occurs.
BRANCH=reef, gru
BUG=b:37443842
TEST=verified that the Pyro device stuck in TPM error state recovered
when this patch was applied.
Change-Id: I6ff976c839efcd23ae26cef3ee428e7ae02e68f8
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://review.coreboot.org/20299
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Diffstat (limited to 'src/include/bootmode.h')
0 files changed, 0 insertions, 0 deletions