coreboot.git - my copy of coreboot

diff options

author	Miriam Polzer <mpolzer@google.com>	2022-08-11 06:38:46 +0000
committer	Julius Werner <jwerner@chromium.org>	2022-09-17 01:42:11 +0000
commit	2c38933a0e461855c8eab997fc66baffa449f674 (patch)
tree	aca3bc075aff0737b5bafcad0d4dc94cf3b4d018 /src/arch/riscv
parent	f634aed758e2c4822ea1512a9d828572bdf4e459 (diff)

security/vboot: Add rollback NVRAM space for TPM 2

Create an NVRAM space in TPM 2.0 that survives owner clear and can be read and written without authorization. This space allows to seal data with the TPM that can only be unsealed before the space was cleared. It will be used during ChromeOS enterprise rollback to securely carry data across a TPM clear. Public documentation on the rollback feature: https://source.chromium.org/chromium/chromiumos/platform2/+/main:oobe_config/README.md BUG=b/233746744 Signed-off-by: Miriam Polzer <mpolzer@google.com> Change-Id: I59ca0783b41a6f9ecd5b72f07de6fb403baf2820 Reviewed-on: https://review.coreboot.org/c/coreboot/+/66623 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>

Diffstat (limited to 'src/arch/riscv')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: