[coreboot-gerrit] Patch merged into coreboot/master: tpm2: implement and use pcr_extend command

[gerrit at coreboot.org]

the following patch was just integrated into master:
commit f5ef699f40ca36815069e9c1df72af6385e600f0
Author: Vadim Bendebury <vbendeb at chromium.org>
Date:   Sun Jul 3 22:20:17 2016 -0700

    tpm2: implement and use pcr_extend command
    
    TPM PCRs are used in Chrome OS for two purposes: to communicate
    crucial information from RO firmware and to protect FW and kernel
    rollback counters from being deleted.
    
    As implemented in a TPM1 compatible way, the PCR extension command
    requires a prebuilt digest to calculate a new PCR value.
    
    TPM2 specification introduces a PCR_Event command, where the TPM
    itself calculates the digest of an arbitrary length string, and then
    uses the calculated digest for PCR extension. PCR_Event could be a
    better option for Chrome OS, this needs to be investigated separately.
    
    BRANCH=none
    BUG=chrome-os-partner:50645
    TEST=verified that the two PCRs are successfully extended before the
         RW firmware is called.
    
    Change-Id: I38fc88172de8ec8bef56fec026f83058480c8010
    Signed-off-by: Martin Roth <martinroth at chromium.org>
    Original-Commit-Id: 73388139db3ffaf61a3d9027522c5ebecb3ad051
    Original-Change-Id: I1a9bab7396fdb652e2e3bc8529b828ea3423d851
    Original-Signed-off-by: Vadim Bendebury <vbendeb at chromium.org>
    Original-Reviewed-on: https://chromium-review.googlesource.com/358098
    Original-Reviewed-by: Aaron Durbin <adurbin at chromium.org>
    Original-Reviewed-by: Darren Krahn <dkrahn at chromium.org>
    Reviewed-on: https://review.coreboot.org/15639
    Tested-by: build bot (Jenkins)
    Reviewed-by: Philipp Deppenwiese <zaolin.daisuki at googlemail.com>


See https://review.coreboot.org/15639 for details.

-gerrit