[coreboot-gerrit] Patch merged into coreboot/master: tpm2: implement locking firmware rollback counter
gerrit at coreboot.org
gerrit at coreboot.org
Thu Jul 14 00:00:21 CEST 2016
the following patch was just integrated into master:
commit 4c0851cc37f42ed88d62b876357b71cfdaac480f
Author: Vadim Bendebury <vbendeb at chromium.org>
Date: Sun Jul 3 17:08:10 2016 -0700
tpm2: implement locking firmware rollback counter
TPM1.2 is using the somewhat misnamed tlcl_set_global_lock() command
function to lock the hardware rollback counter. For TPM2 let's
implement and use the TPM2 command to lock an NV Ram location
(TPM2_NV_WriteLock).
BRANCH=none
BUG=chrome-os-partner:50645
TEST=verified that TPM2_NV_WriteLock command is invoked before RO
firmware starts RW, and succeeds.
Change-Id: I52aa8db95b908488ec4cf0843afeb6310dc7f38b
Signed-off-by: Martin Roth <martinroth at chromium.org>
Original-Commit-Id: 2f859335dfccfeea900f15bbb8c6cb3fd5ec8c77
Original-Change-Id: I62f22b9991522d4309cccc44180a5ebd4dca488d
Original-Signed-off-by: Vadim Bendebury <vbendeb at chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/358097
Original-Reviewed-by: Aaron Durbin <adurbin at chromium.org>
Original-Reviewed-by: Darren Krahn <dkrahn at chromium.org>
Reviewed-on: https://review.coreboot.org/15638
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi at google.com>
See https://review.coreboot.org/15638 for details.
-gerrit
More information about the coreboot-gerrit
mailing list