Change in ...coreboot[master]: {devices, lib, security} Add Eltan vendor code for measured and verifie... - coreboot-gerrit

21 Dec 2018


      Hello Philipp Deppenwiese, build bot (Jenkins), Martin Roth, Patrick Georgi,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/30218
to look at the new patch set (#5).
Change subject: {devices,lib,security} Add Eltan vendor code for measured and verified boot.
......................................................................
{devices,lib,security} Add Eltan vendor code for measured and verified boot.
coreboot supports verfied boot based on ChromeOS verified boot.
No verified boot support without dependency on ChromeOS is available.
Create measured boot (vendorcode/eltan/mboot) and verified_boot
(vendorcode/eltan/verified_boot) directories. These features use the security/lib
which is a 'wrapper' using only sha1, sha256 and sha512 of
3rdparty/vboot/firmware.
prog_locate_hook() is added and used to start verified boot.
At board level can be specified with parts of SPI must be verified and/or
measured.
BUG=N/A
TEST=Created verified binary and verify logging on Portwell PQ-M107
Change-Id: Ic1d5a21d40b6a31886777e8e9fe7b28c860f1a80
Signed-off-by: Frans Hendriks fhendriks@eltan.com
---
A Documentation/vendorcode/eltan/index.md
A Documentation/vendorcode/eltan/security.md
M Documentation/vendorcode/index.md
M src/device/pci_device.c
M src/include/device/pci_rom.h
M src/include/program_loading.h
M src/lib/prog_loaders.c
M src/security/tpm/tss.h
M src/security/tpm/tss/tcg-2.0/tss.c
M src/security/tpm/tss/tcg-2.0/tss_marshaling.c
M src/security/tpm/tss/tcg-2.0/tss_structures.h
M src/vendorcode/Makefile.inc
A src/vendorcode/eltan/Kconfig
A src/vendorcode/eltan/Makefile.inc
A src/vendorcode/eltan/security/Kconfig
A src/vendorcode/eltan/security/Makefile.inc
A src/vendorcode/eltan/security/include/cb_sha1.h
A src/vendorcode/eltan/security/include/cb_sha256.h
A src/vendorcode/eltan/security/include/cb_sha512.h
A src/vendorcode/eltan/security/include/cryptolib.h
A src/vendorcode/eltan/security/lib/Makefile.inc
A src/vendorcode/eltan/security/lib/cb_sha1.c
A src/vendorcode/eltan/security/lib/cb_sha256.c
A src/vendorcode/eltan/security/lib/cb_sha512.c
A src/vendorcode/eltan/security/mboot/Kconfig
A src/vendorcode/eltan/security/mboot/Makefile.inc
A src/vendorcode/eltan/security/mboot/mboot.c
A src/vendorcode/eltan/security/mboot/mboot.h
A src/vendorcode/eltan/security/mboot/mboot_func.c
A src/vendorcode/eltan/security/verified_boot/Kconfig
A src/vendorcode/eltan/security/verified_boot/Makefile.inc
A src/vendorcode/eltan/security/verified_boot/vboot_check.c
A src/vendorcode/eltan/security/verified_boot/vboot_check.h
33 files changed, 2,197 insertions(+), 20 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/18/30218/5
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/30218
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ic1d5a21d40b6a31886777e8e9fe7b28c860f1a80
Gerrit-Change-Number: 30218
Gerrit-PatchSet: 5
Gerrit-Owner: Frans Hendriks fhendriks@eltan.com
Gerrit-Reviewer: Frans Hendriks fhendriks@eltan.com
Gerrit-Reviewer: Martin Roth martinroth@google.com
Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com
Gerrit-Reviewer: Philipp Deppenwiese zaolin.daisuki@gmail.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-CC: Nico Huber nico.h@gmx.de
Gerrit-CC: Patrick Rudolph siro@das-labor.org
Gerrit-MessageType: newpatchset