diff options
Diffstat (limited to 'src/security/vboot')
| -rw-r--r-- | src/security/vboot/bootmode.c | 5 | ||||
| -rw-r--r-- | src/security/vboot/secdata_tpm.c | 6 | ||||
| -rw-r--r-- | src/security/vboot/vboot_logic.c | 8 |
3 files changed, 10 insertions, 9 deletions
diff --git a/src/security/vboot/bootmode.c b/src/security/vboot/bootmode.c index 3c50e4ef83..44149af048 100644 --- a/src/security/vboot/bootmode.c +++ b/src/security/vboot/bootmode.c @@ -61,8 +61,9 @@ int __weak get_ec_is_trusted(void) { /* * If board doesn't override this, by default we always assume EC is in - * RW and untrusted. However, newer platforms are supposed to use cr50 - * BOOT_MODE to report this and won't need to override this anymore. + * RW and untrusted. However, newer platforms with Google TPM are supposed + * to use GSC BOOT_MODE to report this and won't need to override this + * anymore. */ return 0; } diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index bc9d3d5070..3229dd022f 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -53,7 +53,7 @@ uint32_t antirollback_read_space_kernel(struct vb2_context *ctx) uint8_t size = VB2_SECDATA_KERNEL_SIZE; uint32_t ret; - /* Start with the version 1.0 size used by all modern cr50-boards. */ + /* Start with the version 1.0 size used by all modern Cr50/Ti50 boards. */ ret = tlcl_read(KERNEL_NV_INDEX, ctx->secdata_kernel, size); if (ret == TPM_E_RANGE) { /* Fallback to version 0.2(minimum) size and re-read. */ @@ -400,8 +400,8 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) RETURN_ON_FAILURE(setup_fwmp_space(ctx)); /* - * Define and write zero-touch enrollment (ZTE) spaces. For Cr50 devices, - * these are set up elsewhere via TPM vendor commands. + * Define and write zero-touch enrollment (ZTE) spaces. For ChromeOS devices with + * Google TPM, these are set up elsewhere via TPM vendor commands. */ if (CONFIG(CHROMEOS) && !(CONFIG(TPM_GOOGLE))) RETURN_ON_FAILURE(setup_zte_spaces()); diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 53314b2143..491615a4db 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -212,19 +212,19 @@ static void check_boot_mode(struct vb2_context *ctx) rv = tlcl_cr50_get_boot_mode(&boot_mode); switch (rv) { case TPM_E_NO_SUCH_COMMAND: - printk(BIOS_WARNING, "Cr50 does not support GET_BOOT_MODE.\n"); + printk(BIOS_WARNING, "GSC does not support GET_BOOT_MODE.\n"); /* Proceed to legacy boot model. */ return; case TPM_SUCCESS: break; default: printk(BIOS_ERR, - "Communication error in getting Cr50 boot mode.\n"); - vb2api_fail(ctx, VB2_RECOVERY_CR50_BOOT_MODE, rv); + "Communication error in getting GSC boot mode.\n"); + vb2api_fail(ctx, VB2_RECOVERY_GSC_BOOT_MODE, rv); return; } - printk(BIOS_INFO, "Cr50 says boot_mode is %s(0x%02x).\n", + printk(BIOS_INFO, "GSC says boot_mode is %s(0x%02x).\n", get_boot_mode_string(boot_mode), boot_mode); if (boot_mode == EC_EFS_BOOT_MODE_UNTRUSTED_RO) |