diff options
| author | Namyoon Woo <namyoon@chromium.org> | 2018-12-11 13:41:54 -0800 |
|---|---|---|
| committer | Vadim Bendebury <vbendeb@chromium.org> | 2019-09-21 19:11:24 -0700 |
| commit | df87a37cf5e73b37c0d53aaf4a835c9323896ecd (patch) | |
| tree | 257e7b57327f25c152d298c626c46e97cac39ca5 | |
| parent | 2b2b146d02b736a9431c47a19441b1af2ed5a27d (diff) | |
| download | chrome-ec-df87a37cf5e73b37c0d53aaf4a835c9323896ecd.tar.gz | |
cr50: clear confidential TPM Data on TPM disabling
On TPM disabling, AUTH/SEED/PROOF data in TPM persistent data set
and the loaded objects shall be cleared for better security.
CQ-DEPEND=CL:1362203
BRANCH=cr50
BUG=b:119221935
TEST=Tested manually on eve-campfire dual boot dut.
Checked S3 resume from short|long suspend on Windows.
Checked Warm reboot from Windows to Chrome OS.
Checked Warm reboot from Windows to Windows.
Checked Chrome OS login info preserving.
Change-Id: I8e03f6242cf04e7c824ee54cca99413eb809edea
Signed-off-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1372029
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit ae966f6cf0b82bd65074599d71a753a7375dc327)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1657311
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit 0a61a1e684a658e3f800ae1f393023f2c8f6510f)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1705726
(cherry picked from commit ec274ac338ca7aa292bc7564758e33f6e2c4b743)
| -rw-r--r-- | board/cr50/tpm2/nvmem_ops.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/board/cr50/tpm2/nvmem_ops.c b/board/cr50/tpm2/nvmem_ops.c index 0f2e977967..048b852732 100644 --- a/board/cr50/tpm2/nvmem_ops.c +++ b/board/cr50/tpm2/nvmem_ops.c @@ -5,6 +5,7 @@ #include "Global.h" #include "NV_fp.h" +#include "util.h" void nvmem_wipe_cache(void) { @@ -15,4 +16,27 @@ void nvmem_wipe_cache(void) const uint16_t whitelist_range[] = { 0x1007, 0x100b }; NvSelectivelyInvalidateCache(whitelist_range); + + /* + * Wipe some confidential persistent data + */ + memset(&gp.ownerAuth, 0, sizeof(gp.ownerAuth)); + memset(&gp.endorsementAuth, 0, sizeof(gp.endorsementAuth)); + memset(&gp.lockoutAuth, 0, sizeof(gp.lockoutAuth)); + memset(&gp.EPSeed, 0, sizeof(gp.EPSeed)); + memset(&gp.SPSeed, 0, sizeof(gp.SPSeed)); + memset(&gp.PPSeed, 0, sizeof(gp.PPSeed)); + memset(&gp.phProof, 0, sizeof(gp.phProof)); + memset(&gp.shProof, 0, sizeof(gp.shProof)); + memset(&gp.ehProof, 0, sizeof(gp.ehProof)); + + NvWriteReserved(NV_OWNER_AUTH, &gp.ownerAuth); + NvWriteReserved(NV_ENDORSEMENT_AUTH, &gp.endorsementAuth); + NvWriteReserved(NV_LOCKOUT_AUTH, &gp.lockoutAuth); + NvWriteReserved(NV_EP_SEED, &gp.EPSeed); + NvWriteReserved(NV_SP_SEED, &gp.SPSeed); + NvWriteReserved(NV_PP_SEED, &gp.PPSeed); + NvWriteReserved(NV_PH_PROOF, &gp.phProof); + NvWriteReserved(NV_SH_PROOF, &gp.shProof); + NvWriteReserved(NV_EH_PROOF, &gp.ehProof); } |