Hello Simon Glass, Julius Werner, build bot (Jenkins), Joel Kitching,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/31260
to look at the new patch set (#3).
Change subject: coreboot: check Cr50 PM mode on normal boot ......................................................................
coreboot: check Cr50 PM mode on normal boot
Under some scenearios the key ladder on the Cr50 can get disabled. If this state is detected, trigger a reboot of the Cr50 to restore full TPM functionality.
BUG=b:121463033 BRANCH=none TEST=Built coreboot on sarien and grunt platforms. TEST=Ran 'gsctool -a -m disable' and reboot. Verfied coreboot sends VENDOR_CC_IMMEDIATE_RESET command to Cr50 and that the Cr50 resets and then the platform boots normally. TEST=Performed Cr50 rollback to 0.0.22 which does not support the VENDOR_CC_TPM_MODE command, confirmed that platform boots normally and the coreboot log captures the unsupported command. Tested-by: Keith Short keithshort@chromium.org
Change-Id: I70e012efaf1079d43890e909bc6b5015bef6835a Signed-off-by: Keith Short keithshort@chromium.org --- M src/include/elog.h M src/mainboard/google/sarien/chromeos.c M src/security/tpm/tss/tcg-2.0/tss_marshaling.c M src/security/tpm/tss/tcg-2.0/tss_structures.h M src/security/tpm/tss/vendor/cr50/cr50.c M src/security/tpm/tss/vendor/cr50/cr50.h M src/security/tpm/tss_errors.h M src/vendorcode/google/chromeos/chromeos.h M src/vendorcode/google/chromeos/cr50_enable_update.c 9 files changed, 241 insertions(+), 20 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/60/31260/3