scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-29 12:43:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Read NVRAM with proper authorization for tpm2

Browse Source 
In TPM2 case, NVRAM must be read with empty password
authorization in tpmc, since platform hierarchy is
disabled by firmware or trunksd for rollback prevention.

Since all NVRAM indices are now defined with
AUTHREAD, switch to empty password authorization from
platform authorization for all NVRAM reads in Tlcl.

BRANCH=none
BUG=chrome-os-partner:55210
BUG=chrome-os-partner:55251
TEST=Run 'initctl stop trunksd; tpmc read 0x1008 0xd" on
     kevin, verify that it returns the right output.

Change-Id: Ifb72ff5080a4ac5f8d63b5c0713e5bb184f176ca
Reviewed-on: https://chromium-review.googlesource.com/360944
Commit-Ready: Dan Shi <dshi@google.com>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
This commit is contained in:
Andrey Pronin
2016-07-19 13:41:11 -07:00
committed by chrome-bot
parent 3467bd7c1e
commit a15f82296d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
firmware/lib/tpm2_lite/marshaling.c
View File

@@ -263,7 +263,7 @@ static void marshal_nv_read(void **buffer,
{ {
struct tpm2_session_header session_header; struct tpm2_session_header session_header;
marshal_TPM_HANDLE(buffer, TPM_RH_PLATFORM, buffer_space); marshal_TPM_HANDLE(buffer, command_body->nvIndex, buffer_space);
marshal_TPM_HANDLE(buffer, command_body->nvIndex, buffer_space); marshal_TPM_HANDLE(buffer, command_body->nvIndex, buffer_space);
Memset(&session_header, 0, sizeof(session_header)); Memset(&session_header, 0, sizeof(session_header));
session_header.session_handle = TPM_RS_PW; session_header.session_handle = TPM_RS_PW;