From 0bd84ed25066fc28d3a0750d429a29c64bfb955d Mon Sep 17 00:00:00 2001 From: Christian Walter Date: Tue, 23 Jul 2019 10:26:30 +0200 Subject: security/vboot: Add Support for Intel PTT Add support for Intel PTT. For supporting Intel PTT we need to disable read and write access to the TPM NVRAM during the bootblock. TPM NVRAM will only be available once the DRAM is initialized. To circumvent this, we mock secdata if HAVE_INTEL_PTT is set. The underlying problem is, that the iTPM only supports a stripped down instruction set while the Intel ME is not fully booted up. Details can be found in Intel document number 571993 - Paragraph 2.10. Change-Id: I08c9a839f53f96506be5fb68f7c1ed5bf6692505 Signed-off-by: Christian Walter Reviewed-on: https://review.coreboot.org/c/coreboot/+/34510 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese Reviewed-by: Julius Werner --- src/security/vboot/secdata_mock.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'src/security/vboot/secdata_mock.c') diff --git a/src/security/vboot/secdata_mock.c b/src/security/vboot/secdata_mock.c index 3075d335f6..43206df6b9 100644 --- a/src/security/vboot/secdata_mock.c +++ b/src/security/vboot/secdata_mock.c @@ -43,12 +43,6 @@ int vb2ex_tpm_clear_owner(struct vb2_context *ctx) return VB2_SUCCESS; } -uint32_t vboot_extend_pcr(struct vb2_context *ctx, int pcr, - enum vb2_pcr_digest which_digest) -{ - return VB2_SUCCESS; -} - uint32_t antirollback_read_space_firmware(struct vb2_context *ctx) { vb2api_secdata_create(ctx); @@ -60,7 +54,7 @@ uint32_t antirollback_write_space_firmware(struct vb2_context *ctx) return VB2_SUCCESS; } -uint32_t antirollback_lock_space_firmware() +uint32_t antirollback_lock_space_firmware(void) { return VB2_SUCCESS; } -- cgit v1.2.3