Add call to se_generate_stored_vector() before validating

This commit is contained in:
Michael Scire 2018-03-02 12:59:12 -08:00
parent 3388198a26
commit ca7b441079
2 changed files with 4 additions and 4 deletions

View File

@ -16,13 +16,12 @@
void bootup_misc_mmio(void) {
/* Initialize Fuse registers. */
fuse_init();
/* Verify Security Engine sanity. */
se_set_in_context_save_mode(false);
/* TODO: se_verify_keys_unreadable(); */
se_validate_stored_vector();
for (unsigned int i = 0; i < KEYSLOT_SWITCH_SESSIONKEY; i++) {
clear_aes_keyslot(i);
}

View File

@ -74,7 +74,8 @@ static void setup_se(void) {
decrypt_data_into_keyslot(KEYSLOT_SWITCH_SESSIONKEY, KEYSLOT_SWITCH_DEVICEKEY, work_buffer, 0x10);
set_aes_keyslot_flags(KEYSLOT_SWITCH_SESSIONKEY, 0xFF);
/* TODO: Create Test Vector, to validate keyslot data is unchanged post warmboot. */
/* Generate test vector for our keys. */
se_generate_stored_vector();
}
static void setup_boot_config(void) {
@ -452,6 +453,6 @@ void load_package2(coldboot_crt0_reloc_list_t *reloc_list) {
/* TODO: Update SCR_EL3 depending on value in Bootconfig. */
if (MAILBOX_NX_BOOTLOADER_IS_SECMON_AWAKE) {
panic(0xFFF00001);
panic(0x7A700001);
}
}