diff options
author | Vadim Bendebury <vbendeb@chromium.org> | 2018-01-10 11:31:03 -0800 |
---|---|---|
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2018-12-05 00:46:00 +0000 |
commit | 92231832049f2166709c8ec974839e6eb33e7371 (patch) | |
tree | 5e45c88365e4543082fb6e886ffb02bf15f2cc0e | |
parent | 7dea869ef9dcd98b6b66ed7a25af185c13a796c3 (diff) | |
download | chrome-ec-92231832049f2166709c8ec974839e6eb33e7371.tar.gz |
ccd: add 'in progress' return value
Depending on device configuration and compile time options, CCD
commands 'open' and 'unlock' could either be executed immediately, or
require the user to take the device through physical presence state
machine.
As these commands execute through TPM vendor commands, there needs to
be a different return value indicating that the command action is not
finished and PP process is in progress.
Let's add another vendor command return value, and do not consider it
a failure if vendor command returns this value in response to 'ccd
open' or 'ccd unlock'.
BRANCH=cr50
BUG=b:62537474
TEST=took an Eve through 'ccd open' sequence
Change-Id: Ie62ccfb4319a13b6fb6c1c854a0ea26beb9f517c
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/860999
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/1333224
Reviewed-by: Marco Chen <marcochen@chromium.org>
Commit-Queue: Marco Chen <marcochen@chromium.org>
Tested-by: Marco Chen <marcochen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/1359943
Reviewed-by: Chia-Hsiu Chang <chia-hsiu.chang@quanta.corp-partner.google.com>
Tested-by: Chia-Hsiu Chang <chia-hsiu.chang@quanta.corp-partner.google.com>
Commit-Queue: Chia-Hsiu Chang <chia-hsiu.chang@quanta.corp-partner.google.com>
-rw-r--r-- | common/ccd_config.c | 19 | ||||
-rw-r--r-- | include/tpm_vendor_cmds.h | 2 |
2 files changed, 14 insertions, 7 deletions
diff --git a/common/ccd_config.c b/common/ccd_config.c index 37b2964d33..2a5650233c 100644 --- a/common/ccd_config.c +++ b/common/ccd_config.c @@ -827,6 +827,7 @@ static int ccd_command_wrapper(int argc, char *password, struct ccd_vendor_cmd_header *vch; size_t command_size; size_t password_size; + uint32_t return_code; if (argc > 1) { password_size = strlen(password); @@ -856,7 +857,8 @@ static int ccd_command_wrapper(int argc, char *password, * Return status in the command code field now, in case of error, * error code is the first byte after the header. */ - if (vch->tpm_header.command_code) { + return_code = be32toh(vch->tpm_header.command_code); + if (return_code && (return_code != VENDOR_RC_IN_PROGRESS)) { ccprintf("Command error %d\n", vch->ccd_subcommand); rv = EC_ERROR_UNKNOWN; } else { @@ -938,11 +940,12 @@ static enum vendor_cmd_rc ccd_open(void *buf, buffer[0] = rv; return VENDOR_RC_INTERNAL_ERROR; } - } else { - /* No physical presence required; go straight to done */ - ccd_open_done(); + return VENDOR_RC_IN_PROGRESS; } + /* No physical presence required; go straight to done */ + ccd_open_done(); + return VENDOR_RC_SUCCESS; } @@ -1039,10 +1042,12 @@ static enum vendor_cmd_rc ccd_unlock(void *buf, buffer[0] = rv; return VENDOR_RC_INTERNAL_ERROR; } - } else { - /* Unlock immediately */ - ccd_unlock_done(); + return VENDOR_RC_IN_PROGRESS; } + + /* Unlock immediately */ + ccd_unlock_done(); + return VENDOR_RC_SUCCESS; } diff --git a/include/tpm_vendor_cmds.h b/include/tpm_vendor_cmds.h index 2ebe04667f..1d395eb18e 100644 --- a/include/tpm_vendor_cmds.h +++ b/include/tpm_vendor_cmds.h @@ -77,6 +77,8 @@ enum vendor_cmd_rc { VENDOR_RC_INTERNAL_ERROR = 6, VENDOR_RC_NOT_ALLOWED = 7, VENDOR_RC_NO_SUCH_SUBCOMMAND = 8, + VENDOR_RC_IN_PROGRESS = 9, + /* Only 7 bits available; max is 127 */ VENDOR_RC_NO_SUCH_COMMAND = 127, }; |