diff options
author | Bill XIE <persmule@hardenedlinux.org> | 2020-02-13 11:11:35 +0800 |
---|---|---|
committer | Philipp Deppenwiese <zaolin.daisuki@gmail.com> | 2020-03-31 10:37:38 +0000 |
commit | bad08c2c29210530e584436a562a1c03a68eb693 (patch) | |
tree | 3a31836bb0e512010bf9a196120f200f8071e752 /src/soc/intel/broadwell/smi.c | |
parent | ea861ce83118217f1f639cd696dbdb8de87f8ccf (diff) | |
download | coreboot-bad08c2c29210530e584436a562a1c03a68eb693.tar.xz |
security/tpm: Include mrc.bin in CRTM if present
mrc.bin, on platforms where it is present, is code executed on CPU, so
it should be considered a part of CRTM.
cbfs_locate_file_in_region() is hooked to measurement here too, since
mrc.bin is loaded with it, and CBFS_TYPE_MRC (the type of mrc.bin) is
measured to TPM_CRTM_PCR rather than TPM_RUNTIME_DATA_PCR.
TODO: I have heard that SMM is too resource-limited to link with vboot
library, so currently tspi_measure_cbfs_hook() is masked in SMM.
Please correct me if I am wrong.
Change-Id: Ib4c3cf47b919864056baf725001ca8a4aaafa110
Signed-off-by: Bill XIE <persmule@hardenedlinux.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38858
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'src/soc/intel/broadwell/smi.c')
0 files changed, 0 insertions, 0 deletions