Add TPM version checking

Change-Id: Ic32b7bcf0bc5501e21dc84e79419a256d9b0d095 R=semenzato@chromium.org,reinauer@chromium.org BUG=chrome-os-partner:2832 TEST=manual crossystem tpm_fwver tpm_kernver On a debug system, this will return 0x00010001 0x00010001 Review URL: http://codereview.chromium.org/6685075
2026-01-07 16:11:43 +00:00 · 2011-03-17 17:58:56 -07:00
parent f4ba19d81d
commit 5ac39bfff0
8 changed files with 74 additions and 33 deletions
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -232,6 +232,12 @@ int LoadKernel(LoadKernelParams* params) {
      /* Ignore return code, since we need to boot recovery mode to
       * fix the TPM. */
    }
+
+    /* Read the key indices from the TPM; ignore any errors */
+    if (shared) {
+      RollbackFirmwareRead(&shared->fw_version_tpm);
+      RollbackKernelRead(&shared->kernel_version_tpm);
+    }
  } else {
    /* Use the kernel subkey passed from LoadFirmware(). */
    kernel_subkey = &shared->kernel_subkey;
@@ -247,6 +253,8 @@ int LoadKernel(LoadKernelParams* params) {
        recovery = VBNV_RECOVERY_RW_TPM_ERROR;
      goto LoadKernelExit;
    }
+    if (shared)
+      shared->kernel_version_tpm = tpm_version;
  }

  do {
@@ -521,6 +529,8 @@ int LoadKernel(LoadKernelParams* params) {
            recovery = VBNV_RECOVERY_RW_TPM_ERROR;
          goto LoadKernelExit;
        }
+        if (shared)
+          shared->kernel_version_tpm = (uint32_t)lowest_version;
      }
    }