erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tpm2: implement tlcl_force_clear and use it before factory initialization

Browse source 
tlcl_force_clear() needs to be issued each time when the device mode
switches between normal/development/recovery.

This patch adds command implementation using TPM_Clear TPM2 command,
and also invokes it before factory initialization.

BRANCH=none
BUG=chrome-os-partner:50645
TEST=verified that TPM_Clear command succeeds at factory startup and
     the boot proceeds normally.

Change-Id: I2a0e62527ad46f9dd060afe5e75c7e4d56752849
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/358095
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
This commit is contained in:
Vadim Bendebury 2016-07-03 15:56:41 -07:00 committed by chrome-bot
commit 347ff17b97
2 changed files with 10 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/vendorcode/google/chromeos/vboot2/antirollback.c
View file

@ -145,6 +145,7 @@ static uint32_t set_kernel_space(const void *kernel_blob)
static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
{
RETURN_ON_FAILURE(tlcl_force_clear());
RETURN_ON_FAILURE(set_firmware_space(ctx->secdata));
RETURN_ON_FAILURE(set_kernel_space(secdata_kernel));
return TPM_SUCCESS;