[coreboot-gerrit] Change in coreboot[master]: security/vboot: Add NVRAM counter for TPM 2.0

17 Nov 2021


      Attention is currently required from: Miriam Polzer, Yu-Ping Wu.
Andrey Pronin has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/59097 )
Change subject: security/vboot: Add NVRAM counter for TPM 2.0
......................................................................
Patch Set 6:
(2 comments)
File src/security/vboot/secdata_tpm.c:
https://review.coreboot.org/c/coreboot/+/59097/comment/9860b778_48281ba2 
PS6, Line 120: TPMA_NV_WRITE_STCLEAR
do we need the ability to WriteLock until reboot?
https://review.coreboot.org/c/coreboot/+/59097/comment/43bf9498_e0a10335 
PS6, Line 385: enterprise_rollback_create_counter
adding it here only creates the counter on new devices, which didn't pass factory_initialize yet (happens on the first boot with coreboot normally). is it what's expected?
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/59097
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I511dba3b3461713ce20fb2bda9fced0fee6517e1
Gerrit-Change-Number: 59097
Gerrit-PatchSet: 6
Gerrit-Owner: Miriam Polzer mpolzer@google.com
Gerrit-Reviewer: Andrey Pronin apronin@chromium.org
Gerrit-Reviewer: Julius Werner jwerner@chromium.org
Gerrit-Reviewer: Yu-Ping Wu yupingso@google.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-Attention: Miriam Polzer mpolzer@google.com
Gerrit-Attention: Yu-Ping Wu yupingso@google.com
Gerrit-Comment-Date: Wed, 17 Nov 2021 00:17:12 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] Change in coreboot[master]: security/vboot: Add NVRAM counter for TPM 2.0