vboot: Add firmware management parameters
This adds RW firmware support for the optional firmware management
parameters TPM space.
System-level tests require CL:339262 to add cryptohome support.
BUG=chromium:601492
BRANCH=baytrail and newer platforms
TEST=make -j runtests
Or better, COV=1 make, and then make sure all new code is covered.
Additional manual tests. MUST use a test image for these, because a
test image has a root shell even with dev mode disabled:
Set FWMP:
crossystem clear_tpm_owner_request=1
reboot
cryptohome --action=tpm_take_ownership
cryptohome --action=tpm_wait_ownership
cryptohome --action=set_firmware_management_parameters --flags=1
cryptohome --action=get_firmware_management_parameters
Reboot system with power+refresh+esc
Use Ctrl+D then Enter to enable dev mode.
Goes to the TONORM screen. Â
Pressing Esc doesn't exit it.
Pressing Enter turns dev mode off.
Then let it boot.
Just to make sure FWMP did get set persistently:
cryptohome --action=get_firmware_management_parameters
Now remove the FWMP
crossystem clear_tpm_owner_request=1
reboot
cryptohome --action=tpm_take_ownership
cryptohome --action=tpm_wait_ownership
cryptohome --action=remove_firmware_management_parameters
Reboot system with power+refresh+esc
Use Ctrl+D then Enter to enable dev mode.
Goes to the DEV screen.
Change-Id: I0ac31bb2c64671ee9c3c810174baaf02b4cce641
Original-Change-Id: Ifaf644c80809552d5961615be6017c2a332a034b
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/339234
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356790
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
12 files changed
