erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coreboot/src/security
History
Miriam Polzer 2c38933a0e security/vboot: Add rollback NVRAM space for TPM 2 
Create an NVRAM space in TPM 2.0 that survives owner clear and can be
read and written without authorization. This space allows to seal data
with the TPM that can only be unsealed before the space was cleared.
It will be used during ChromeOS enterprise rollback to securely
carry data across a TPM clear.

Public documentation on the rollback feature:
https://source.chromium.org/chromium/chromiumos/platform2/+/main:oobe_config/README.md

BUG=b/233746744

Signed-off-by: Miriam Polzer <mpolzer@google.com>
Change-Id: I59ca0783b41a6f9ecd5b72f07de6fb403baf2820
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66623
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-09-17 01:42:11 +00:00
..
intel src/security: Use "if (!ptr)" in preference to "if (ptr == NULL)" 2022-09-15 13:02:33 +00:00
lockdown security/intel: Add option to enable SMM flash access only 2021-06-21 08:11:11 +00:00
memory security/memory/memory.c: Include 'stdbool' instead of 'stdint' 2022-01-04 14:56:37 +00:00
tpm src/security: Use "if (!ptr)" in preference to "if (ptr == NULL)" 2022-09-15 13:02:33 +00:00
vboot security/vboot: Add rollback NVRAM space for TPM 2 2022-09-17 01:42:11 +00:00
Kconfig cbfs: Add verification for RO CBFS metadata hash 2020-12-03 00:11:08 +00:00
Makefile.inc security: Add common boot media write protection 2020-04-28 01:19:32 +00:00