diff options
| author | Philipp Deppenwiese <zaolin@das-labor.org> | 2018-08-14 09:46:55 -0700 |
|---|---|---|
| committer | Philipp Deppenwiese <zaolin.daisuki@gmail.com> | 2018-08-21 15:45:15 +0000 |
| commit | 4d2af9df7cc1aab4a48ddf0f06c3f92e6580f6fa (patch) | |
| tree | 8e68da928a527b66e785f397f03938c6fa47fad2 /src/drivers/tpm | |
| parent | e155e78a4726369aad2ef28054030adb7a2a204d (diff) | |
| download | coreboot-4d2af9df7cc1aab4a48ddf0f06c3f92e6580f6fa.tar.gz coreboot-4d2af9df7cc1aab4a48ddf0f06c3f92e6580f6fa.tar.bz2 coreboot-4d2af9df7cc1aab4a48ddf0f06c3f92e6580f6fa.zip | |
security/tpm: Fix TPM 1.2 state machine issues
* Fix ACPI resume path compilation for TPM ramstage
driver
* Move enabling of the TPM prior activation and remove
reboot return status from TPM enable.
More information can be found via the TCG
specification v1.2
Tested=Elgon
Change-Id: Ided110e0c1889b302e29acac6d8d2341f97eb10b
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/28085
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/drivers/tpm')
| -rw-r--r-- | src/drivers/tpm/tpm.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/drivers/tpm/tpm.c b/src/drivers/tpm/tpm.c index e4a81c3da48c..77d3a8e81e5b 100644 --- a/src/drivers/tpm/tpm.c +++ b/src/drivers/tpm/tpm.c @@ -18,16 +18,18 @@ #include <bootstate.h> #include <security/tpm/tspi.h> -#if IS_ENABLED(CONFIG_ARCH_X86) +#if IS_ENABLED(CONFIG_HAVE_ACPI_RESUME) #include <arch/acpi.h> #endif static void init_tpm_dev(void *unused) { -#if IS_ENABLED(CONFIG_ARCH_X86) +#if IS_ENABLED(CONFIG_HAVE_ACPI_RESUME) int s3resume = acpi_is_wakeup_s3(); tpm_setup(s3resume); #else + /* This can lead to PCR reset attacks but currently there + is no generic way to detect resume on other platforms. */ tpm_setup(false); #endif } |