erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coreboot/src/security/vboot
History
Andrey Pronin 441c63d5f0 security/vboot: fix policy digest for nvmem spaces 
This CL fixes the policy digest that restricts deleting the nvmem spaces
to specific PCR0 states.

BRANCH=none
BUG=b:140958855
TEST=verified that nvmem spaces created with this digest can be deleted
     in the intended states, and cannot be deleted in other states
     (test details for ChromeOS - in BUG comments).

Change-Id: I3cb7d644fdebda71cec3ae36de1dc76387e61ea7
Signed-off-by: Andrey Pronin <apronin@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46772
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-10-28 01:29:37 +00:00
..
antirollback.h security/vboot: Add new TPM NVRAM index MRC_RW_HASH_NV_INDEX 2020-10-20 23:25:50 +00:00
bootmode.c src: Remove unused 'include <cbmem.h>' 2020-07-26 20:59:44 +00:00
common.c security/vboot: Add option to run verstage before bootblock 2020-06-15 21:04:00 +00:00
ec_sync.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
Kconfig mrc_cache: Add config MRC_SAVE_HASH_IN_TPM 2020-10-20 23:20:30 +00:00
Makefile.inc mrc_cache: Move mrc_cache_*_hash functions into mrc_cache driver 2020-10-20 23:25:31 +00:00
misc.h src/security: Drop unneeded empty lines 2020-09-21 16:26:17 +00:00
mrc_cache_hash_tpm.c mrc_cache: Add tpm_hash_index field to cache_region struct 2020-10-20 23:26:01 +00:00
mrc_cache_hash_tpm.h security/vboot: Make mrc_cache hash functions generic 2020-10-20 23:25:39 +00:00
secdata_mock.c security/vboot: Make mrc_cache hash functions generic 2020-10-20 23:25:39 +00:00
secdata_tpm.c security/vboot: fix policy digest for nvmem spaces 2020-10-28 01:29:37 +00:00
symbols.h treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
tpm_common.c src/security: Drop unneeded empty lines 2020-09-21 16:26:17 +00:00
tpm_common.h treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv.h treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv_cmos.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv_ec.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv_flash.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv_layout.h treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vboot_common.c src: Remove unused 'include <boot_device.h>' 2020-08-18 12:15:10 +00:00
vboot_common.h vboot: Disable vboot functions in SMM 2020-10-26 06:58:54 +00:00
vboot_lib.c src: Change BOOL CONFIG_ to CONFIG() in comments & strings 2020-07-26 21:20:30 +00:00
vboot_loader.c security/vboot: Add option to run verstage before bootblock 2020-06-15 21:04:00 +00:00
vboot_logic.c security/vboot: Make mrc_cache hash functions generic 2020-10-20 23:25:39 +00:00
verstage.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00