[coreboot-gerrit] Change in coreboot[master]: src/security/vboot: Setup secure counter space in TPM NVRAM

Attention is currently required from: Andrey Pronin, Raul Rangel, Julius Werner, Yu-Ping Wu, Karthik Ramasubramanian. Andrey Pronin has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/59476 )

Change subject: src/security/vboot: Setup secure counter space in TPM NVRAM ......................................................................

Patch Set 1:

(1 comment)

File src/security/vboot/secdata_tpm.c:

https://review.coreboot.org/c/coreboot/+/59476/comment/19082f74_558b8da6 PS1, Line 368: rv = tlcl_read(index, &value, SECURE_COUNTER_SIZE);

I don't think you should do anything there. […]

wait, we actually do something: https://review.coreboot.org/c/coreboot/+/23456/ the code has changed since, but we still have https://source.chromium.org/chromiumos/chromiumos/codesearch/+/main:src/thir...

but setup_secure_counter already calls define_space, so let's just rely on that. if for the counter we want to make sure it's readable, let's do 'increment' as a part of each setup_secure_counter(). w/o that the reads will fail (WRITTEN=false) - we can either handle it in the subsequent apps, or increment to make sure it's written when defining.