xenbits.xensource.com Git - people/andrewcoop/seabios.git/commit

author	Stefan Berger <stefanb@linux.ibm.com>
	Wed, 30 Jan 2019 19:06:07 +0000 (14:06 -0500)
committer	Kevin O'Connor <kevin@koconnor.net>
	Tue, 5 Feb 2019 02:23:37 +0000 (21:23 -0500)
commit	171fc8979dc712eab7544a81ab381786ced9242c
tree	47b743c1684dea95535dbdb8c803b67271d723de	tree
parent	b7dbd200cfe938698ed09b339ac3209ecb893648	commit \| diff

tcgbios: Implement TPM 2.0 menu item to activate and deactivate PCR banks

Implement a TPM 2.0 menu item that allows a user to toggle the activation
of PCR banks of the TPM 2.0. After successful activation we shut down the
TPM 2.0 and reset the machine.

Background:

A TPM 2.0 may have multiple PCR banks, such as for SHA1, SHA256, SHA384,
SHA512, and SM3-256. One or multiple of those banks may be active (by
factory for example) and modifying the set of active PCR banks is only
possible while in the firmware since it requires platform authorization.
Platform authorization is not possible for a user when in the OS since
the firmware generates a random password for the platform authorization
before booting the system and it throws that password away.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

src/std/tcg.h		diff \| blob \| blame \| history
src/tcgbios.c		diff \| blob \| blame \| history