diff options
author | Andrey Pronin <apronin@google.com> | 2016-07-18 11:23:12 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-07-21 03:15:44 -0700 |
commit | a071c7697883e3a73570cf0c75fa5673cc83673d (patch) | |
tree | 9a6e60e724f47507a49e5faef8850526845438b3 /utility | |
parent | a15f82296dea0695cb60562f8bc12f0807697c85 (diff) | |
download | vboot-a071c7697883e3a73570cf0c75fa5673cc83673d.tar.gz |
Support 'tpmc setbgloballock' for tpm2 case
Some scripts call 'tpmc setbgloballock' or 'tpmc block'. For tpm2
it should be equivalent to pplock, i.e. perform rollback protection
actions: writelock for NVRAM firmware index and disable platform
hierarchy.
BRANCH=none
BUG=chrome-os-partner:55210
TEST=run 'tpmc block' on kevin, check that it attempts pplock
Change-Id: I51fae6bd111cf3ff3c1dfbed7441868abad8fc15
Reviewed-on: https://chromium-review.googlesource.com/361381
Commit-Ready: Dan Shi <dshi@google.com>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
Diffstat (limited to 'utility')
-rw-r--r-- | utility/tpmc.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/utility/tpmc.c b/utility/tpmc.c index f69bcd07..76a63e02 100644 --- a/utility/tpmc.c +++ b/utility/tpmc.c @@ -450,7 +450,10 @@ command_record command_table[] = { #endif { "lockphysicalpresence", "pplock", "lock (turn off) PP until reboot", TlclLockPhysicalPresence }, -#ifndef TPM2_MODE +#ifdef TPM2_MODE + { "setbgloballock", "block", "set rollback protection lock until reboot", + TlclLockPhysicalPresence }, +#else { "setbgloballock", "block", "set the bGlobalLock until reboot", TlclSetGlobalLock }, #endif |