diff options
| author | Mary Ruthven <mruthven@google.com> | 2018-08-27 11:35:03 -0700 |
|---|---|---|
| committer | Mary Ruthven <mruthven@chromium.org> | 2018-08-29 04:20:29 +0000 |
| commit | 5496a29d847d4fc2383ec68a6b371b3fa0e445e0 (patch) | |
| tree | 19b0f2e7902f456af729a0efc8ff8568dc5fc2df | |
| parent | 129807aa19f5d375f8574438d37b729c709f4cf2 (diff) | |
| download | chrome-ec-5496a29d847d4fc2383ec68a6b371b3fa0e445e0.tar.gz | |
cr50: add more ccd open capabilities
Add a capability for opening cr50 without dev mode and a capability for
opening cr50 from the console. This will make it so cr50 can easily be
opened from the console after RMA open.
BUG=b:113266255,b:113267161
BRANCH=cr50
TEST=verify OpenFromConsole and OpenW/ODevMode are set to IfOpened with
CCD_OPEN_PREPVT isn't defined and set to Always when it is defined. Make
sure they are set to Always after factory mode is enabled.
Change-Id: Ic149b4163ee9a3ce5e0c051dc42634a31a4a0a7e
Signed-off-by: Mary Ruthven <mruthven@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1191386
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
| -rw-r--r-- | common/ccd_config.c | 11 | ||||
| -rw-r--r-- | include/ccd_config.h | 16 |
2 files changed, 22 insertions, 5 deletions
diff --git a/common/ccd_config.c b/common/ccd_config.c index a0f1ffe3e9..28262562e7 100644 --- a/common/ccd_config.c +++ b/common/ccd_config.c @@ -880,14 +880,16 @@ static enum vendor_cmd_rc ccd_open(struct vendor_cmd_params *p) } } else if (!board_battery_is_present()) { /* Open allowed with no password if battery is removed */ - } else if (board_vboot_dev_mode_enabled() && - !(p->flags & VENDOR_CMD_FROM_USB)) { + } else if ((ccd_is_cap_enabled(CCD_CAP_OPEN_WITHOUT_DEV_MODE) || + (board_vboot_dev_mode_enabled())) && + (ccd_is_cap_enabled(CCD_CAP_OPEN_FROM_USB) || + !(p->flags & VENDOR_CMD_FROM_USB))) { /* * Open allowed with no password if dev mode enabled and - * command came from the AP. + * command came from the AP. CCD capabilities can be used to + * bypass these checks. */ } else { -#ifndef CONFIG_CCD_OPEN_PREPVT /* * - Password not set * - Battery is present @@ -895,7 +897,6 @@ static enum vendor_cmd_rc ccd_open(struct vendor_cmd_params *p) */ why_denied = "nopwd"; goto denied; -#endif } /* Fail and abort if already checking physical presence */ diff --git a/include/ccd_config.h b/include/ccd_config.h index 240feb5240..fdcb1e20ff 100644 --- a/include/ccd_config.h +++ b/include/ccd_config.h @@ -100,6 +100,12 @@ enum ccd_capability { /* Read-only access to hash or dump EC or AP flash */ CCD_CAP_FLASH_READ = 16, + /* Allow ccd open without dev mode enabled */ + CCD_CAP_OPEN_WITHOUT_DEV_MODE = 17, + + /* Allow ccd open from usb */ + CCD_CAP_OPEN_FROM_USB = 18, + /* Number of currently defined capabilities */ CCD_CAP_COUNT }; @@ -130,6 +136,14 @@ struct ccd_capability_info { enum ccd_capability_state default_state; }; +#ifdef CONFIG_CCD_OPEN_PREPVT +/* In prepvt images always allow ccd open from the console without dev mode */ +#define CCD_CAP_STATE_OPEN_REQ CCD_CAP_STATE_ALWAYS +#else +/* In prod images restrict how ccd can be opened */ +#define CCD_CAP_STATE_OPEN_REQ CCD_CAP_STATE_IF_OPENED +#endif + #define CAP_INFO_DATA { \ {"UartGscRxAPTx", CCD_CAP_STATE_ALWAYS}, \ {"UartGscTxAPRx", CCD_CAP_STATE_ALWAYS}, \ @@ -151,6 +165,8 @@ struct ccd_capability_info { {"UpdateNoTPMWipe", CCD_CAP_STATE_ALWAYS}, \ {"I2C", CCD_CAP_STATE_IF_OPENED}, \ {"FlashRead", CCD_CAP_STATE_ALWAYS}, \ + {"OpenNoDevMode", CCD_CAP_STATE_OPEN_REQ}, \ + {"OpenFromUSB", CCD_CAP_STATE_OPEN_REQ}, \ } #define CCD_STATE_NAMES { "Locked", "Unlocked", "Opened" } |