coreboot.git - my copy of coreboot

diff options

author	Aseda Aboagye <aaboagye@google.com>	2021-05-24 17:04:38 -0700
committer	Julius Werner <jwerner@chromium.org>	2021-06-10 23:38:53 +0000
commit	08938a9be3fd5f02650926f87d00d0029fafc3c2 (patch)
tree	987be1e8f7d52f3b5231892e31f3c75c70e66246 /src/mainboard/asus
parent	4ad0420e82f46b2d92e318019a89842f28e6c08a (diff)

security/vboot: Add support for ZTE spaces

This commit adds support for the Chrome OS Zero-Touch Enrollment related spaces. For TPM 2.0 devices which don't use Cr50, coreboot will define the RMA+SN Bits, Board ID, and RMA Bytes counter spaces. The RMA+SN Bits space is 16 bytes initialized to all 0xFFs. The Board ID space is 12 bytes initialized to all 0xFFs. The RMA Bytes counter space is 8 bytes intialized to 0. BUG=b:184676425 BRANCH=None TEST=Build and flash lalala, verify that the ZTE spaces are created successfully by undefining the firmware antirollback space in the TPM such that the TPM undergoes factory initialization in coreboot. Reboot the DUT. Boot to CrOS and run `tpm_manager_client list_spaces` and verify that the ZTE spaces are listed. Run `tpm_manager_client read_space` with the various indices and verify that the sizes and initial values of the spaces are correct. TEST=Attempt to undefine the ZTE spaces and verify that it fails due to the unsatisfiable policy. Signed-off-by: Aseda Aboagye <aaboagye@google.com> Change-Id: I97e3ae7e18fc9ee9a02afadbbafeb226b41af0eb Reviewed-on: https://review.coreboot.org/c/coreboot/+/55242 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>

Diffstat (limited to 'src/mainboard/asus')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: