diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2019-12-03 09:14:03 -0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2019-12-04 03:16:31 +0000 |
commit | 38d7d1cb7f7a2a75a375f82eaff887dc5757efe5 (patch) | |
tree | a2e4e846b7eb20fbdd290c51a2d43bbd6f0e310b | |
parent | 7d64b93ccf13623fa26ee865674e3b443ce253bd (diff) | |
download | vboot-38d7d1cb7f7a2a75a375f82eaff887dc5757efe5.tar.gz |
vboot/secdata: add fwmp parameter to enable FIPS 140-2 mode
Added VB2_SECDATA_FWMP_DEV_FIPS_MODE flag which would enable FIPS 140-2/3
compliant behavior in Cr50. This includes power-up self tests, known
answer tests for cryptographic functions, etc.
BUG=b:138577491
TEST=make clean && make runtests
BRANCH=none
Change-Id: I37334aab82fc36e6beff1a8902867fe316f901b6
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1947916
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
-rw-r--r-- | firmware/2lib/include/2secdata.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/firmware/2lib/include/2secdata.h b/firmware/2lib/include/2secdata.h index ec119e45..6f9b2816 100644 --- a/firmware/2lib/include/2secdata.h +++ b/firmware/2lib/include/2secdata.h @@ -127,6 +127,7 @@ enum vb2_secdata_fwmp_flags { VB2_SECDATA_FWMP_DEV_USE_KEY_HASH = (1 << 5), /* CCD = case-closed debugging on cr50; flag implemented on cr50 */ VB2_SECDATA_FWMP_DEV_DISABLE_CCD_UNLOCK = (1 << 6), + VB2_SECDATA_FWMP_DEV_FIPS_MODE = (1 << 7), }; /** |