From 30cf14ff3fdd9fbbaa3ffb841359c2ee1a0bfcad Mon Sep 17 00:00:00 2001 From: Werner Zeh Date: Tue, 23 Oct 2018 07:40:08 +0200 Subject: security/tpm: Add function to measure a region device Add a new function which can hash a given region device and extend a PCR in the TPM with the result. The needed SHA algorithms are included from 3rdparty/vboot and thus not duplicated in the coreboot tree. For now VB2_LIB is not usable in postcar stage. Follow-up commits will add the ability to use the lib in postcar as well. Once this feature is ready, the library will be included in postcar stage to make this function available in every stage. Change-Id: I126cc3500fd039d63743db78002a04d201ab18aa Signed-off-by: Werner Zeh Reviewed-on: https://review.coreboot.org/29234 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese --- src/security/vboot/Makefile.inc | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/security/vboot') diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc index c9dd39f3f4..704b6c92b9 100644 --- a/src/security/vboot/Makefile.inc +++ b/src/security/vboot/Makefile.inc @@ -107,7 +107,11 @@ $(1)-srcs += $$(VB2_LIB_$(1)) endef # vboot-for-stage +CFLAGS_common += -I3rdparty/vboot/firmware/2lib/include + $(eval $(call vboot-for-stage,verstage)) +$(eval $(call vboot-for-stage,bootblock)) +$(eval $(call vboot-for-stage,ramstage)) ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) -- cgit v1.2.3