Attention is currently required from: Andrey Pronin, Paul Menzel, Julius Werner, Aaron Durbin. Hello build bot (Jenkins), Andrey Pronin, Julius Werner, Aaron Durbin,

I'd like you to reexamine a change. Please visit

https://review.coreboot.org/c/coreboot/+/55242

to look at the new patch set (#4).

Change subject: security/vboot: Add support for ZTE spaces ......................................................................

security/vboot: Add support for ZTE spaces

This commit adds support for the Chrome OS Zero-Touch Enrollment related spaces. For TPM 2.0 devices which don't use Cr50, coreboot will define the RMA+SN Bits, Board ID, and RMA Bytes counter spaces.

The RMA+SN Bits space is 16 bytes initialized to all 0xFFs. The Board ID space is 12 bytes initialized to all 0xFFs. The RMA Bytes counter space is 8 bytes intialized to 0.

BUG=b:184676425 BRANCH=None TEST=Build and flash lalala, verify that the ZTE spaces are created successfully by undefining the firmware antirollback space in the TPM such that the TPM undergoes factory initialization in coreboot. Reboot the DUT. Boot to CrOS and run `tpm_manager_client list_spaces` and verify that the ZTE spaces are listed. Run `tpm_manager_client read_space` with the various indices and verify that the sizes and initial values of the spaces are correct.

Signed-off-by: Aseda Aboagye aaboagye@google.com Change-Id: I97e3ae7e18fc9ee9a02afadbbafeb226b41af0eb --- M src/security/vboot/antirollback.h M src/security/vboot/secdata_tpm.c 2 files changed, 118 insertions(+), 9 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/42/55242/4