summaryrefslogtreecommitdiff
path: root/src/security/vboot/secdata_tpm.c
AgeCommit message (Collapse)Author
2018-11-16src: Get rid of duplicated includesElyes HAOUAS
Change-Id: I252a1cd77bf647477edb7dddadb7e527de872439 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/29582 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2018-08-03security/tpm: Improve TCPA log generationPhilipp Deppenwiese
* Make tcpa_log_init static and move init code into the tcpa_log_add_table_entry routine. * Add more checks for log initialization. * Fix minor issues Change-Id: I215d79eed7ad17c6ab87f0c4b14a282e519ef07d Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/27769 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-07-30security/vboot: Enable TCPA log extensionPhilipp Deppenwiese
* Implement TCPA log for tspi extend function. * Hook tcpa_log_init into vboot tpm_setup function. * Add TCPA log output for vboot GBB flags and HWID Change-Id: I22b1aa8da1a95380c39715727615ce5ce4c9443f Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/27727 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org>
2018-06-04security/tpm: Unify the coreboot TPM software stackPhilipp Deppenwiese
* Remove 2nd software stack in pc80 drivers directory. * Create TSPI interface for common usage. * Refactor TSS / TIS code base. * Add vendor tss (Cr50) directory. * Change kconfig options for TPM to TPM1. * Add user / board configuration with: * MAINBOARD_HAS_*_TPM # * BUS driver * MAINBOARD_HAS_TPM1 or MAINBOARD_HAS_TPM2 * Add kconfig TPM user selection (e.g. pluggable TPMs) * Fix existing headers and function calls. * Fix vboot for interface usage and antirollback mode. Change-Id: I7ec277e82a3c20c62a0548a1a2b013e6ce8f5b3f Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/24903 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-02-07security/vboot: overwrite existing spaces during factory init for tpm2Andrey Pronin
In TPM 2.0 case, if the factory initialization is interrupted after defining, say, the kernel tpm nvram space but before writing to this space, the following will happen upon reboot when the factory initialization will be re-attempted. Writing to this space will be skipped, and coreboot will finish the factory initialization with this space remained unwritten. At a later stage, when the rollback logic will attempt to check the version in the kernel space, it will fail (TPM2.0 returns an error when reading from unwritten spaces), and the system will go into recovery with no way out (since the kernel space will never be written). This change fixes that by always writing to the kernel, MRC hash and firmware spaces during factory initialization, even if the space already existed by that time. BUG=b:71884828 TEST=delete, define, but not write to the kernel space; trigger factory initialization; coreboot should fill the kernel space and continue booting. Change-Id: I48d8bb4f9fc0e5276e6ec81247b3b6768ec9fa3b Signed-off-by: Andrey Pronin <apronin@google.com> Reviewed-on: https://review.coreboot.org/23456 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
2018-01-18security/tpm: Change TPM naming for different layers.Philipp Deppenwiese
* Rename tlcl* to tss* as tpm software stack layer. * Fix inconsistent naming. Change-Id: I206dd6a32dbd303a6d4d987e424407ebf5c518fa Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22104 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2018-01-18security/tpm: Move tpm TSS and TSPI layer to security sectionPhilipp Deppenwiese
* Move code from src/lib and src/include into src/security/tpm * Split TPM TSS 1.2 and 2.0 * Fix header includes * Add a new directory structure with kconfig and makefile includes Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22103 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-10-22security/vboot: Move vboot2 to security kconfig sectionPhilipp Deppenwiese
This commit just moves the vboot sources into the security directory and fixes kconfig/makefile paths. Fix vboot2 headers Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22074 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 12:30:07 +0000