diff options
| author | Meng-Huan Yu <menghuan@google.com> | 2018-10-25 11:19:56 +0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2018-11-01 02:17:43 -0700 |
| commit | e05cdbc1d3f10df0301fe0b4ec7a7ff7bc502097 (patch) | |
| tree | 7a4a080c9c506a1d26e686d87c3c96a3b22b58ee /utility/tpm_init_temp_fix.c | |
| parent | 737e34e377dfb547e64c278470a224bfcde3b97c (diff) | |
| download | vboot-e05cdbc1d3f10df0301fe0b4ec7a7ff7bc502097.tar.gz | |
tpmc: Add 'undef' command support to undefine NV space
For TPM 1.2, the undef command only works when NvLocked is not set
which is usually set before boot, even for recovery mode.
For TPM 2.0, it will automaticly choose the correct authorization
according to the TPMA_NV_PLATFORMCREATE attribute of that index.
BUG=chromium:895549
BRANCH=None
TEST=No test for TPM 1.2
Manually test for TPM 2.0:
1. Boot with platform hierarchy is disabled, then
# perm: TPMA_NV_AUTHREAD | TPMA_NV_AUTHWRITE
tpmc def 0x1020 0x10 0x40004
tpmc getp 0x1020 # check the space exists, expect success
tpmc undef 0x1020
2. Boot with platform hierarchy is enabled, then run
# perm: TPMA_NV_AUTHREAD | TPMA_NV_AUTHWRITE |
# TPMA_NV_PLATFORMCREATE
tpmc def 0x1020 0x1 0x40040004
tpmc getp 0x1020 # check the space exists, expect success
tpmc undef 0x1020
Change-Id: I1d814287fda3e7c11933eca7334fdc3ab1ebf895
Reviewed-on: https://chromium-review.googlesource.com/1298097
Commit-Ready: Meng-Huan Yu <menghuan@chromium.org>
Tested-by: Meng-Huan Yu <menghuan@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Diffstat (limited to 'utility/tpm_init_temp_fix.c')
0 files changed, 0 insertions, 0 deletions