| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sysincludes.h and 2sysincludes.h are almost identical except for
one extra header (ctype.h) in the vboot1 variant. Add this to
2sysincludes.h, and nuke sysincludes.h.
Depends on: https://review.coreboot.org/c/coreboot/+/33525
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: Iaba21a9b8bb2ae0c081184019576663898317bd1
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1680325
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1659990
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Auto-Submit: Joel Kitching <kitching@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new TlclGetSpaceInfo function returns more detailed information
about a defined NVRAM space. The existing TlclGetPermissions function
is now using TlclGetSpaceInfo behind the scenes.
BRANCH=None
BUG=chromium:788719
TEST=New unit tests.
Change-Id: I6c4f490d575788b696fd742a69e81e2767ec50f1
Reviewed-on: https://chromium-review.googlesource.com/937705
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds two new functions and their corresponding TPM commands to create
delegation families and list the delegation family table, respectively.
This isn't sufficient to meaningfully manage delegation families, but good
enough for the (ab)use case of storing flags in delegation family labels, which
we are going to do in order to strengthen encrypted stateful to guarantee
recreation of the encrypted file system after TPM clear..
BRANCH=None
BUG=chromium:788719
TEST=new unit tests
Change-Id: I31beb662784a8fff450b485c7cabc553944d7772
Reviewed-on: https://chromium-review.googlesource.com/817199
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a TlclDefineSpaceEx function that allows to pass additional
parameters when creating NVRAM spaces, i.e. owner authorization as
well as PCR bindings.
BRANCH=None
BUG=chromium:788719
TEST=New unit tests.
Change-Id: I73404c05528a89604fea3bcb1f00741fb865ba77
Reviewed-on: https://chromium-review.googlesource.com/814114
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the ability to take TPM ownership. This requires two new commands:
TPM_OIAP to start an auth session and TPM_TakeOwnership to establish
ownership. TPM_TakeOwnership requires an auth session and proper
command authentication to work, which is also added.
BRANCH=None
BUG=chromium:788719
TEST=new unit tests
Change-Id: Ib70144eedb0b1c7c43b26c06529d33ccbaa51a0e
Reviewed-on: https://chromium-review.googlesource.com/790414
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a TlclReadPubek library function to read the public endorsement
key.
BRANCH=None
BUG=chromium:788719
TEST=New unit tests.
Change-Id: I5f23b76b88198d656f4ba5782d2b4f25aaa082b1
Reviewed-on: https://chromium-review.googlesource.com/790413
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add tpm_lite library support for the IFX specific TPM_FieldUpgrade
subcommand "FieldUpgradeInfoRequest2". Expose this via tpmc so it can
be used from shell scripts.
BRANCH=none
BUG=chromium:728130
TEST=Builds and tpmc ifxfieldupgradeinfo prints plausible results.
Change-Id: Ie58ebccef7fe90f7fca65d7cd9c78e1f16f9f29a
Reviewed-on: https://chromium-review.googlesource.com/562772
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This command exposes the vendor and TPM firmware version.
BRANCH=none
BUG=chromium:728130
TEST=Builds and tpmc getversion prints plausible results.
Change-Id: Iec556a298e025e10bda00121b40a25d8dc3839d1
Reviewed-on: https://chromium-review.googlesource.com/565287
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is done to break a circular DEPENDency as we want to
send UMA stats from tcsd. Without this, metrics depends on
vboot_reference which depends on trousers which depends on
metrics. Technically the vboot_reference dependency on trousers
is header-file only, but we can't cope with that.
BUG=chromium:481552
TEST=compiled with emerge-<something> vboot_reference
BRANCH=none
Change-Id: Iea5c0c39bb70977c9d375e63ea607687debe9f9f
Reviewed-on: https://chromium-review.googlesource.com/267744
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Luigi Semenzato <semenzato@chromium.org>
Tested-by: Luigi Semenzato <semenzato@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix suggested by the OpenSUSE friends:
https://build.opensuse.org/package/view_file?expand=1&file=fix-tlcl-generator.patch&package=vboot&project=devel%3AFactory%3AARM%3AContrib%3AChromebook
for this bug:
http://paste.opensuse.org/86254908
BUG=chromium-os:37707
TEST=emerge-daisy vboot_reference
BRANCH=none
Change-Id: I61c116152fab7b997a84f44da89c93b89659e852
Reviewed-on: https://gerrit.chromium.org/gerrit/40902
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Luigi Semenzato <semenzato@chromium.org>
Commit-Queue: Luigi Semenzato <semenzato@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the "ownership" permament flag does not indicate if the TPM is
currently owned, the state of TPM Ownership must be read via a Capability
read of TPM_CAP_PROP_OWNER. This adds the "getownership" function.
BUG=chromium-os:22172
TEST=x86-alex build & manual test
Change-Id: I2fc9e933e891ba40190d008436b22496dced1c93
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/24784
Reviewed-by: Will Drewry <wad@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide TPM_GetRandom function to library callers.
BUG=chromium-os:22172
TEST=lumpy build & manual testing
Change-Id: Id604fd92490ba697033158a580b0b4df1d975932
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/17120
Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add ability to report a single PCR value via the tpmc utility. Using
/sys/devices/platform/tpm_tis/pcrs is too slow, since it reads all
PCRs before returning. Anything wanting to read PCR0 on a time-critical
path needs maximum speed.
BUG=chromium-os:22172
TEST=install and test x86-alex.
Change-Id: I2d450961d33fa314d54b909135a74aa756279ec6
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/13891
Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
|
|
|
|
|
|
|
|
|
| |
Change-Id: If7b6ef3cba733b74ba13db0871e6ac554d0d84ef
BUG=chromium-os:433
TEST=none
Review URL: http://codereview.chromium.org/6696043
|
|
|
|
|
|
|
|
|
| |
Change-Id: I7f135584536c7437824ae65f74a8f7ef27c28665
BUG=
TEST=
Review URL: http://codereview.chromium.org/3271006
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ia85c3cdbcb74c6cd8e7bd53c51eaccc98b13677e
BUG=
TEST=
Review URL: http://codereview.chromium.org/3232006
|
|
|
|
|
|
|
|
|
| |
Change-Id: If2b6041fe93bc97885e45bbb0cf7e1b81cb06c18
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/3229011
|
|
|
|
|
|
| |
Change-Id: Id8b6ac3c75d1ee34237cde8adde55cea33b25889
Review URL: http://codereview.chromium.org/3163045
|
|
|
|
|
|
| |
Review URL: http://codereview.chromium.org/3116025
Change-Id: Ideb82562f6b1c3ce5cd9e0b79de250d0a7bd976e
|
|
|
|
|
|
|
|
| |
Do not directly manipulate global structs. Work on the local copy instead.
In firmware-land, globals are a bad idea.
Review URL: http://codereview.chromium.org/3027011
|
|
Review URL: http://codereview.chromium.org/2919010
|