Martin L Roth has submitted this change. ( https://review.coreboot.org/c/coreboot/+/67219 )

Change subject: security/vboot/tpm: Avoid duplicate vb2api_secdata_firmware_create calls ......................................................................

security/vboot/tpm: Avoid duplicate vb2api_secdata_firmware_create calls

For TPM2, vb2api_secdata_firmware_create() is already called from setup_firmware_space() from _factory_initialize_tpm(). Therefore move the duplicate call from factory_initialize_tpm() to TPM1's _factory_initialize_tpm().

Change-Id: I892df65c847e1aeeabef8a7578bec743b639a127 Signed-off-by: Yu-Ping Wu yupingso@chromium.org Reviewed-on: https://review.coreboot.org/c/coreboot/+/67219 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Aseda Aboagye aaboagye@google.com Reviewed-by: Julius Werner jwerner@chromium.org --- M src/security/vboot/secdata_tpm.c 1 file changed, 20 insertions(+), 6 deletions(-)

Approvals: build bot (Jenkins): Verified Julius Werner: Looks good to me, approved Aseda Aboagye: Looks good to me, but someone else must approve

diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index 450c681..3ad7fc8 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -488,6 +488,7 @@ TPM_PERMANENT_FLAGS pflags; uint32_t result;

+ vb2api_secdata_firmware_create(ctx); vb2api_secdata_kernel_create_v0(ctx);

result = tlcl_get_permanent_flags(&pflags); @@ -558,12 +559,6 @@ { uint32_t result;

- /* - * Set initial values of secdata_firmware space. - * kernel space is created in _factory_initialize_tpm(). - */ - vb2api_secdata_firmware_create(ctx); - VBDEBUG("TPM: factory initialization\n");

/*