diff options
author | Furquan Shaikh <furquan@chromium.org> | 2016-11-07 23:47:11 -0800 |
---|---|---|
committer | Furquan Shaikh <furquan@google.com> | 2016-11-10 18:10:42 +0100 |
commit | b038f41420c47d91cc9919930242f9d38696a0a0 (patch) | |
tree | 125c816757ae12b2a91167cb5cac3db2ee92f9b0 /src/vboot/Kconfig | |
parent | 1232666b6f1ff9be8dd2ef458aba7c202d8ba069 (diff) | |
download | coreboot-b038f41420c47d91cc9919930242f9d38696a0a0.tar.xz |
vboot: Add support for recovery hash space in TPM
1. Add a new index for recovery hash space in TPM - 0x100b
2. Add helper functions to read/write/lock recovery hash space in TPM
3. Add Kconfig option that can be selected by mainboards that want to
define this space.
4. Lock this new space while jumping from RO to RW.
BUG=chrome-os-partner:59355
BRANCH=None
TEST=Verified use of recovery hash space on reef.
Change-Id: I1cacd54f0a896d0f2af32d4b7c9ae581a918f9bb
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/17273
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Diffstat (limited to 'src/vboot/Kconfig')
-rw-r--r-- | src/vboot/Kconfig | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/vboot/Kconfig b/src/vboot/Kconfig index f3df7c524b..b5c862620f 100644 --- a/src/vboot/Kconfig +++ b/src/vboot/Kconfig @@ -134,6 +134,14 @@ config VBOOT_OPROM_MATTERS it works functionally the same for other platforms that can skip their native display initialization code instead. +config VBOOT_HAS_REC_HASH_SPACE + bool + default n + depends on VBOOT + help + Set this option to indicate to vboot that recovery data hash space + is present in TPM. + config VBOOT bool "Verify firmware with vboot." default n |