diff options
author | Philipp Deppenwiese <zaolin.daisuki@gmail.com> | 2018-11-08 10:59:40 +0100 |
---|---|---|
committer | Philipp Deppenwiese <zaolin.daisuki@gmail.com> | 2019-02-25 22:29:16 +0000 |
commit | 66f9a09916368bfab09da42ef0beed84a4bb7206 (patch) | |
tree | 57ab1cd5851055c117db7fee991d03207b28c69d /src/security/tpm | |
parent | bacd57dfaf7b4c5d3bc5400dbd82b896d0ed23cc (diff) | |
download | coreboot-66f9a09916368bfab09da42ef0beed84a4bb7206.tar.xz |
security/vboot: Add measured boot mode
* Introduce a measured boot mode into vboot.
* Add hook for stage measurements in prog_loader and cbfs.
* Implement and hook-up CRTM in vboot and check for suspend.
Change-Id: I339a2f1051e44f36aba9f99828f130592a09355e
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: https://review.coreboot.org/c/29547
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security/tpm')
-rw-r--r-- | src/security/tpm/tspi/tspi.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c index 285f18dde2..b8ebf7b809 100644 --- a/src/security/tpm/tspi/tspi.c +++ b/src/security/tpm/tspi/tspi.c @@ -90,7 +90,6 @@ static uint32_t tpm_setup_s3_helper(void) default: printk(BIOS_ERR, "TPM: Resume failed (%#x).\n", result); break; - } return result; @@ -215,8 +214,6 @@ uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, if (result != TPM_SUCCESS) return result; - tcpa_log_add_table_entry(name, pcr, digest, digest_len); - return TPM_SUCCESS; } @@ -240,7 +237,7 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, } if (IS_ENABLED(CONFIG_TPM1)) hash_alg = VB2_HASH_SHA1; - else /* CONFIG_TPM2 */ + else /* CONFIG_TPM2 */ hash_alg = VB2_HASH_SHA256; digest_len = vb2_digest_size(hash_alg); @@ -258,7 +255,7 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, len = MIN(sizeof(buf), region_device_sz(rdev) - offset); if (rdev_readat(rdev, buf, offset, len) < 0) { printk(BIOS_ERR, "TPM: Not able to read region %s.\n", - rname); + rname); return TPM_E_READ_FAILURE; } if (vb2_digest_extend(&ctx, buf, len)) { |