diff options
| author | Mattias Nissler <mnissler@chromium.org> | 2018-03-22 12:56:15 +0100 |
|---|---|---|
| committer | Mattias Nissler <mnissler@chromium.org> | 2018-04-13 10:03:39 +0000 |
| commit | e4e246f15cd7c553bff62a990b2fa08be32a60f2 (patch) | |
| tree | b9e2173fe54dd3d666f75e5883bd19e3ce6367c9 /firmware | |
| parent | dc060ace1b461e09a8e0547f180377d707ff347d (diff) | |
| download | vboot-e4e246f15cd7c553bff62a990b2fa08be32a60f2.tar.gz | |
tpm_lite: tpmc command to check owner auth
Add a command that checks whether the well-known secret (SHA1 hash of
20 zero bytes) works for owner authentication. This is accomplished by
sending a DefineSpace command for TPM_NV_INDEX_TRIAL, which will
trigger auth checks but not actually allocate an NVRAM space.
Successful command execution thus indicates that authorization was
successful. tpmc exposes the status via its exit status. This will be
used in the tpm-firmware-updater driver script to verify that the TPM
is in upgradable state.
BRANCH=None
BUG=chromium:788719
TEST=compiles
Change-Id: I630831127e0e01186650412a92643c2153fbe2ee
Reviewed-on: https://chromium-review.googlesource.com/978171
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Diffstat (limited to 'firmware')
| -rw-r--r-- | firmware/include/tpm1_tss_constants.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/firmware/include/tpm1_tss_constants.h b/firmware/include/tpm1_tss_constants.h index d839791d..3deef34e 100644 --- a/firmware/include/tpm1_tss_constants.h +++ b/firmware/include/tpm1_tss_constants.h @@ -18,6 +18,7 @@ #define TPM_NV_INDEX0 ((uint32_t) 0x00000000) #define TPM_NV_INDEX_LOCK ((uint32_t) 0xffffffff) +#define TPM_NV_INDEX_TRIAL ((uint32_t) 0x0000f004) #define TPM_NV_PER_READ_STCLEAR (((uint32_t)1) << 31) #define TPM_NV_PER_AUTHREAD (((uint32_t)1) << 18) |