sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security: Add memory subfolder

Browse Source 
Add files to introduce a memory clearing framework.
Introduce Kconfig PLATFORM_HAS_DRAM_CLEAR that is to be selected by
platforms, that are able to clear all DRAM.

Introduce Kconfig SECURITY_CLEAR_DRAM_ON_REGULAR_BOOT that is user
selectable to always clear DRAM on non S3 boot.

The function security_clear_dram_request tells the calling platform when
to wipe all DRAM. Will be extended by TEE frameworks.

Add Documentation for the new security API.

Change-Id: Ifba25bfdd1057049f5cbae8968501bd9be487110
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31548
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
This commit is contained in:
Patrick Rudolph
2019-02-21 12:04:21 +01:00
committed by Philipp Deppenwiese
parent eb20320d7b
commit 1b35295ec2
8 changed files with 136 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Documentation/security/index.md
View File

@@ -6,3 +6,4 @@ This section describes documentation about the security architecture of coreboot
- [Verified Boot](vboot/index.md)
- [Measured Boot](vboot/measured_boot.md)
- [Memory clearing](memory_clearing.md)