summaryrefslogtreecommitdiff
path: root/src/mainboard/facebook/fbg1701/board_verified_boot.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/mainboard/facebook/fbg1701/board_verified_boot.c')
-rw-r--r--src/mainboard/facebook/fbg1701/board_verified_boot.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/mainboard/facebook/fbg1701/board_verified_boot.c b/src/mainboard/facebook/fbg1701/board_verified_boot.c
index bb5768fdc1..09f4e6791e 100644
--- a/src/mainboard/facebook/fbg1701/board_verified_boot.c
+++ b/src/mainboard/facebook/fbg1701/board_verified_boot.c
@@ -43,7 +43,10 @@ static const verify_item_t ram_stage_additional_list[] = {
{ VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 }
};
-/* The items used by the romstage */
+/*
+ * The items used by the romstage. Bootblock and PublicKey are added here to make sure they
+ * are measured
+ */
const verify_item_t romstage_verify_list[] = {
{ VERIFY_FILE, ROMSTAGE, { { NULL, CBFS_TYPE_STAGE } },
HASH_IDX_ROM_STAGE, MBOOT_PCR_INDEX_0 },
@@ -61,6 +64,12 @@ const verify_item_t romstage_verify_list[] = {
{ { (void *)0xffffffff - CONFIG_C_ENV_BOOTBLOCK_SIZE + 1,
CONFIG_C_ENV_BOOTBLOCK_SIZE, } }, HASH_IDX_BOOTBLOCK,
MBOOT_PCR_INDEX_0 },
+#if CONFIG(VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST)
+ { VERIFY_BLOCK, "PublicKey",
+ { { (void *)CONFIG_VENDORCODE_ELTAN_VBOOT_KEY_LOCATION,
+ CONFIG_VENDORCODE_ELTAN_VBOOT_KEY_SIZE, } }, HASH_IDX_PUBLICKEY,
+ MBOOT_PCR_INDEX_6 },
+#endif
{ VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 }
};
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 19:16:02 +0000