diff options
author | Mary Ruthven <mruthven@google.com> | 2018-05-21 13:03:44 -0700 |
---|---|---|
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2018-12-05 00:50:21 +0000 |
commit | 586177c4af3948115d06339a57548d33f88d0e58 (patch) | |
tree | b9576d72484fe7f3746d1fd1a74b070ac4066d18 | |
parent | 92df7b7a32728f58d95a4afba92a8eec51bb29cf (diff) | |
download | chrome-ec-586177c4af3948115d06339a57548d33f88d0e58.tar.gz |
cr50: add command for factory reset
The factory reset command can be used to enable ccd factory mode. The
command can open ccd if write protect is removed and ccd hasn't been
restricted. Right now we check FWMP and the ccd password before allowing
factory reset. Factory reset cannot be used to get around anything that
disables ccd.
This adds 72 bytes.
BUG=b:77543904
BRANCH=cr50
TEST=Try enabling factory mode using factory reset. Verify setting write
protect, setting the FWMP disable ccd bit, or setting a ccd password
prevents factory reset from enabling factory mode.
Change-Id: I6e203bf6068250f009881aa95c13bc56cb2aa9e7
Signed-off-by: Mary Ruthven <mruthven@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1069369
Commit-Ready: Mary Ruthven <mruthven@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/1333293
Reviewed-by: Marco Chen <marcochen@chromium.org>
Commit-Queue: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/1360493
Reviewed-by: Chia-Hsiu Chang <chia-hsiu.chang@quanta.corp-partner.google.com>
Tested-by: Chia-Hsiu Chang <chia-hsiu.chang@quanta.corp-partner.google.com>
Commit-Queue: Chia-Hsiu Chang <chia-hsiu.chang@quanta.corp-partner.google.com>
-rw-r--r-- | common/ccd_config.c | 5 | ||||
-rw-r--r-- | include/ccd_config.h | 9 | ||||
-rw-r--r-- | include/tpm_vendor_cmds.h | 8 |
3 files changed, 22 insertions, 0 deletions
diff --git a/common/ccd_config.c b/common/ccd_config.c index 24601ba4e2..544461b653 100644 --- a/common/ccd_config.c +++ b/common/ccd_config.c @@ -559,6 +559,11 @@ static void ccd_testlab_toggle(void) /******************************************************************************/ /* External interface */ +int ccd_has_password(void) +{ + return raw_has_password(); +} + void ccd_config_init(enum ccd_state state) { /* Set initial state, after making sure it's a valid one */ diff --git a/include/ccd_config.h b/include/ccd_config.h index 7153449883..240feb5240 100644 --- a/include/ccd_config.h +++ b/include/ccd_config.h @@ -276,6 +276,15 @@ int ccd_reset_config(unsigned int flags); void ccd_tpm_reset_callback(void); /** + * Return True if the ccd password is set. It is possible that a pending ccd + * change would set or clear the password, but we don't think this is a big + * issue or risk for now. + * + * @return 1 if password is set, 0 if it's not + */ +int ccd_has_password(void); + +/** * Enter CCD factory mode. This will clear the TPM and do a hard reboot after * updating the ccd config. */ diff --git a/include/tpm_vendor_cmds.h b/include/tpm_vendor_cmds.h index 92530c502a..4091ac646b 100644 --- a/include/tpm_vendor_cmds.h +++ b/include/tpm_vendor_cmds.h @@ -59,6 +59,14 @@ enum vendor_cmd_cc { VENDOR_CC_GET_ALERTS_DATA = 35, VENDOR_CC_SPI_HASH = 36, VENDOR_CC_PINWEAVER = 37, + /* + * Check the factory reset settings. If they're all set correctly, do a + * factory reset to enable ccd factory mode. All capabilities will be + * set to Always and write protect will be permanently disabled. This + * mode can't be reset unless VENDOR_CC_DISABLE_FACTORY is called or + * the 'ccd reset' console command is run. + */ + VENDOR_CC_RESET_FACTORY = 38, LAST_VENDOR_COMMAND = 65535, }; |