Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(116)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: vboot_firmware/lib/rollback_index.c

Issue 2807006: Add ForceClear also on dev->normal transitions. Fix wrong API description. (Closed) Base URL: ssh://git@chromiumos-git/vboot_reference.git
Patch Set: Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « vboot_firmware/include/rollback_index.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * Functions for querying, manipulating and locking rollback indices 5 * Functions for querying, manipulating and locking rollback indices
6 * stored in the TPM NVRAM. 6 * stored in the TPM NVRAM.
7 */ 7 */
8 8
9 #include "rollback_index.h" 9 #include "rollback_index.h"
10 10
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after
207 207
208 /* Checks for transitions between protected mode to developer mode. When going 208 /* Checks for transitions between protected mode to developer mode. When going
209 * into developer mode, clear the TPM. 209 * into developer mode, clear the TPM.
210 */ 210 */
211 static uint32_t CheckDeveloperModeTransition(uint32_t current_developer) { 211 static uint32_t CheckDeveloperModeTransition(uint32_t current_developer) {
212 uint32_t past_developer; 212 uint32_t past_developer;
213 int must_clear; 213 int must_clear;
214 RETURN_ON_FAILURE(TlclRead(DEVELOPER_MODE_NV_INDEX, 214 RETURN_ON_FAILURE(TlclRead(DEVELOPER_MODE_NV_INDEX,
215 (uint8_t*) &past_developer, 215 (uint8_t*) &past_developer,
216 sizeof(past_developer))); 216 sizeof(past_developer)));
217 must_clear = current_developer && !past_developer; 217 must_clear = current_developer != past_developer;
218 if (must_clear) { 218 if (must_clear) {
219 RETURN_ON_FAILURE(TlclForceClear()); 219 RETURN_ON_FAILURE(TlclForceClear());
220 } 220 }
221 if (past_developer != current_developer) { 221 if (past_developer != current_developer) {
222 /* (Unauthorized) writes to the TPM succeed even when the TPM is disabled 222 /* (Unauthorized) writes to the TPM succeed even when the TPM is disabled
223 * and deactivated. 223 * and deactivated.
224 */ 224 */
225 RETURN_ON_FAILURE(TlclWrite(DEVELOPER_MODE_NV_INDEX, 225 RETURN_ON_FAILURE(TlclWrite(DEVELOPER_MODE_NV_INDEX,
226 (uint8_t*) &current_developer, 226 (uint8_t*) &current_developer,
227 sizeof(current_developer))); 227 sizeof(current_developer)));
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after
355 return TPM_SUCCESS; 355 return TPM_SUCCESS;
356 } 356 }
357 357
358 uint32_t LockFirmwareVersions() { 358 uint32_t LockFirmwareVersions() {
359 return TlclSetGlobalLock(); 359 return TlclSetGlobalLock();
360 } 360 }
361 361
362 uint32_t LockKernelVersionsByLockingPP() { 362 uint32_t LockKernelVersionsByLockingPP() {
363 return TlclLockPhysicalPresence(); 363 return TlclLockPhysicalPresence();
364 } 364 }
OLDNEW
« no previous file with comments | « vboot_firmware/include/rollback_index.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698