erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coreboot/src/security/vboot
History
Miriam Polzer 7dce190808 security/vboot: Add NVRAM counter for TPM 2.0 
Create an NVRAM counter in TPM 2.0 that survives owner clear and can be
read and written without authorization. This counter allows to seal data
with the TPM that can only be unsealed before the counter was
incremented. It will be used during Chrome OS rollback to securely carry
data across a TPM clear.

Signed-off-by: Miriam Polzer <mpolzer@google.com>
Change-Id: I511dba3b3461713ce20fb2bda9fced0fee6517e1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59097
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2021-11-19 17:19:50 +00:00
..
antirollback.h security/vboot: Add NVRAM counter for TPM 2.0 2021-11-19 17:19:50 +00:00
bootmode.c Reland "vboot_logic: Set VB2_CONTEXT_EC_TRUSTED in verstage_main" 2021-11-15 12:00:12 +00:00
common.c src/security: Remove unused <console/console.h> 2021-02-15 10:49:53 +00:00
ec_sync.c vboot: ec_sync: Switch to new CBFS API 2021-04-14 01:03:22 +00:00
Kconfig vboot: add VBOOT_X86_SHA256_ACCELERATION config 2021-07-01 09:38:19 +00:00
Makefile.inc vboot: add VBOOT_X86_SHA256_ACCELERATION config 2021-07-01 09:38:19 +00:00
misc.h src/security: Drop unneeded empty lines 2020-09-21 16:26:17 +00:00
mrc_cache_hash_tpm.c mrc_cache: Add tpm_hash_index field to cache_region struct 2020-10-20 23:26:01 +00:00
mrc_cache_hash_tpm.h security/vboot: Make mrc_cache hash functions generic 2020-10-20 23:25:39 +00:00
secdata_mock.c vboot/secdata_mock: Make v0 kernel secdata context 2021-05-18 15:30:47 +00:00
secdata_tpm.c security/vboot: Add NVRAM counter for TPM 2.0 2021-11-19 17:19:50 +00:00
symbols.h treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
tpm_common.c security: vboot: Clarify PCR extension algorithms/sizes 2021-03-30 21:07:56 +00:00
tpm_common.h Add Kconfig TPM 2021-05-26 12:31:10 +00:00
vbnv.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv.h treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv_cmos.c coreboot_table: Move VBOOT_VBNV support 2021-02-04 08:43:39 +00:00
vbnv_ec.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv_flash.c treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vbnv_layout.h treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
vboot_common.c src: Remove unused 'include <boot_device.h>' 2020-08-18 12:15:10 +00:00
vboot_common.h cbfs: Add metadata cache 2020-11-21 10:43:53 +00:00
vboot_lib.c src: Change BOOL CONFIG_ to CONFIG() in comments & strings 2020-07-26 21:20:30 +00:00
vboot_loader.c security/vboot: Add timestamps when loading verstage 2021-06-14 05:11:07 +00:00
vboot_logic.c Reland "vboot_logic: Set VB2_CONTEXT_EC_TRUSTED in verstage_main" 2021-11-15 12:00:12 +00:00
verstage.c verstage: Add debug print when returning from verstage 2021-04-06 07:49:43 +00:00