hatch_fp: initial upload

First draft, lots of features still missing.

Dev key generated with this command:
openssl genrsa -3 -out board/hatch_fp/dev_key.pem 3072

BRANCH=none
BUG=b:124996507
TEST=make BOARD=hatch_fp

Change-Id: I7d7f0ce6807f7db9ee67e2e9b72ba6b2a0b87591
Signed-off-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1482059
Reviewed-by: Tom Hughes <tomhughes@chromium.org>

6 files changed, 376 insertions, 0 deletions

diff --git a/board/hatch_fp/board.c b/board/hatch_fp/board.c
new file mode 100644
index 0000000000..b86f0b8f46
--- /dev/null
+++ b/board/hatch_fp/board.c
@@ -0,0 +1,85 @@
+/* Copyright 2019 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+/* Meowth Fingerprint MCU configuration */
+
+#include "common.h"
+#include "console.h"
+#include "gpio.h"
+#include "hooks.h"
+#include "registers.h"
+#include "spi.h"
+#include "system.h"
+#include "task.h"
+#include "util.h"
+
+#ifndef HAS_TASK_FPSENSOR
+void fps_event(enum gpio_signal signal)
+{
+}
+#endif
+
+static void ap_deferred(void)
+{
+	/*
+	 * in S3:   SLP_S3_L is 0 and SLP_S0_L is X.
+	 * in S0ix: SLP_S3_L is X and SLP_S0_L is 0.
+	 * in S0:   SLP_S3_L is 1 and SLP_S0_L is 1.
+	 * in S5/G3, the FP MCU should not be running.
+	 */
+	int running = gpio_get_level(GPIO_PCH_SLP_S3_L)
+			&& gpio_get_level(GPIO_PCH_SLP_S0_L);
+
+	if (running) { /* S0 */
+		disable_sleep(SLEEP_MASK_AP_RUN);
+		hook_notify(HOOK_CHIPSET_RESUME);
+	} else { /* S0ix/S3 */
+		hook_notify(HOOK_CHIPSET_SUSPEND);
+		enable_sleep(SLEEP_MASK_AP_RUN);
+	}
+}
+DECLARE_DEFERRED(ap_deferred);
+
+/* PCH power state changes */
+void slp_event(enum gpio_signal signal)
+{
+	hook_call_deferred(&ap_deferred_data, 0);
+}
+
+#include "gpio_list.h"
+
+/* SPI devices */
+const struct spi_device_t spi_devices[] = {
+	/* Fingerprint sensor (SCLK at 4Mhz) */
+	{ CONFIG_SPI_FP_PORT, 3, GPIO_SPI2_NSS }
+};
+const unsigned int spi_devices_used = ARRAY_SIZE(spi_devices);
+
+static void spi_configure(void)
+{
+	/* Configure SPI GPIOs */
+	gpio_config_module(MODULE_SPI_MASTER, 1);
+	/*
+	 * Set all SPI master signal pins to very high speed:
+	 * pins B12/13/14/15
+	 */
+	STM32_GPIO_OSPEEDR(GPIO_B) |= 0xff000000;
+	/* Enable clocks to SPI2 module (master) */
+	STM32_RCC_APB1ENR |= STM32_RCC_PB1_SPI2;
+
+	spi_enable(CONFIG_SPI_FP_PORT, 1);
+}
+
+/* Initialize board. */
+static void board_init(void)
+{
+	spi_configure();
+
+	/* Enable interrupt on PCH power signals */
+	gpio_enable_interrupt(GPIO_PCH_SLP_S3_L);
+	gpio_enable_interrupt(GPIO_PCH_SLP_S0_L);
+	/* enable the SPI slave interface if the PCH is up */
+	hook_call_deferred(&ap_deferred_data, 0);
+}
+DECLARE_HOOK(HOOK_INIT, board_init, HOOK_PRIO_DEFAULT);
diff --git a/board/hatch_fp/board.h b/board/hatch_fp/board.h
new file mode 100644
index 0000000000..166ee508be
--- /dev/null
+++ b/board/hatch_fp/board.h
@@ -0,0 +1,184 @@
+/* Copyright 2019 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+/* Hatch Fingerprint MCU configuration */
+
+#ifndef __BOARD_H
+#define __BOARD_H
+
+#define CONFIG_SYSTEM_UNLOCKED
+
+/*
+ * Flash layout: we redefine the sections offsets and sizes as we want to
+ * include a rollback region, and will use RO/RW regions of different sizes.
+ */
+#undef _IMAGE_SIZE
+#undef CONFIG_ROLLBACK_OFF
+#undef CONFIG_ROLLBACK_SIZE
+#undef CONFIG_FLASH_PSTATE
+#undef CONFIG_FW_PSTATE_SIZE
+#undef CONFIG_FW_PSTATE_OFF
+#undef CONFIG_SHAREDLIB_SIZE
+#undef CONFIG_RO_MEM_OFF
+#undef CONFIG_RO_STORAGE_OFF
+#undef CONFIG_RO_SIZE
+#undef CONFIG_RW_MEM_OFF
+#undef CONFIG_RW_STORAGE_OFF
+#undef CONFIG_RW_SIZE
+#undef CONFIG_EC_PROTECTED_STORAGE_OFF
+#undef CONFIG_EC_PROTECTED_STORAGE_SIZE
+#undef CONFIG_EC_WRITABLE_STORAGE_OFF
+#undef CONFIG_EC_WRITABLE_STORAGE_SIZE
+#undef CONFIG_WP_STORAGE_OFF
+#undef CONFIG_WP_STORAGE_SIZE
+
+#undef  CONFIG_RAM_SIZE
+#define CONFIG_RAM_SIZE         0x40000 /* 256 KB */
+#undef  CONFIG_FLASH_SIZE
+#define CONFIG_FLASH_SIZE       (1 * 1024 * 1024)
+
+#define CONFIG_FLASH_WRITE_SIZE STM32_FLASH_WRITE_SIZE_3300
+
+#define CONFIG_SHAREDLIB_SIZE   0
+
+#define CONFIG_RO_MEM_OFF       0
+#define CONFIG_RO_STORAGE_OFF   0
+#define CONFIG_RO_SIZE          (128 * 1024)
+
+/* EC rollback protection block */
+#define CONFIG_ROLLBACK_OFF (CONFIG_RO_MEM_OFF + CONFIG_RO_SIZE)
+#define CONFIG_ROLLBACK_SIZE (128 * 1024 * 2) /* 2 blocks of 128KB each */
+
+#define CONFIG_RW_MEM_OFF	(CONFIG_ROLLBACK_OFF + CONFIG_ROLLBACK_SIZE)
+#define CONFIG_RW_STORAGE_OFF	0
+#define CONFIG_RW_SIZE		(CONFIG_FLASH_SIZE -			\
+				(CONFIG_RW_MEM_OFF - CONFIG_RO_MEM_OFF))
+
+#define CONFIG_EC_PROTECTED_STORAGE_OFF         CONFIG_RO_MEM_OFF
+#define CONFIG_EC_PROTECTED_STORAGE_SIZE        CONFIG_RO_SIZE
+#define CONFIG_EC_WRITABLE_STORAGE_OFF          CONFIG_RW_MEM_OFF
+#define CONFIG_EC_WRITABLE_STORAGE_SIZE         CONFIG_RW_SIZE
+
+#define CONFIG_WP_STORAGE_OFF           CONFIG_EC_PROTECTED_STORAGE_OFF
+#define CONFIG_WP_STORAGE_SIZE          CONFIG_EC_PROTECTED_STORAGE_SIZE
+
+/*
+ * We want to prevent flash readout, and use it as indicator of protection
+ * status.
+ */
+/*TODO(b/125419658): enable CONFIG_FLASH_READOUT_PROTECTION_AS_PSTATE*/
+
+/* the UART console is on USART1 */
+#undef CONFIG_UART_CONSOLE
+#define CONFIG_UART_CONSOLE 1
+
+#define CONFIG_UART_TX_DMA
+#define CONFIG_UART_TX_DMA_PH DMAMUX1_REQ_USART1_TX
+#undef CONFIG_UART_TX_BUF_SIZE
+#define CONFIG_UART_TX_BUF_SIZE 2048
+#undef CONFIG_UART_TX_DMA
+#undef CONFIG_UART_RX_DMA
+#define CONFIG_UART_TX_REQ_CH 4
+#define CONFIG_UART_RX_REQ_CH 4
+
+/* Optional features */
+#undef CONFIG_ADC
+#define CONFIG_CMD_IDLE_STATS
+#define CONFIG_DMA
+/*FIXME*/
+/*#define CONFIG_FORCE_CONSOLE_RESUME*/
+#define CONFIG_FPU
+#undef CONFIG_HIBERNATE
+#define CONFIG_HOST_COMMAND_STATUS
+#undef CONFIG_I2C
+#undef CONFIG_LID_SWITCH
+/*FIXME*/
+/*#define CONFIG_LOW_POWER_IDLE*/
+#define CONFIG_MKBP_EVENT
+#define CONFIG_MKBP_USE_GPIO
+#define CONFIG_PRINTF_LEGACY_LI_FORMAT
+#define CONFIG_SHA256
+#define CONFIG_SHA256_UNROLLED
+#define CONFIG_SPI
+#define CONFIG_STM_HWTIMER32
+#define CONFIG_SUPPRESSED_HOST_COMMANDS \
+	EC_CMD_CONSOLE_SNAPSHOT, EC_CMD_CONSOLE_READ, EC_CMD_PD_GET_LOG_ENTRY
+#undef CONFIG_TASK_PROFILING
+#define CONFIG_WATCHDOG_HELP
+#define CONFIG_WP_ACTIVE_HIGH
+
+/* SPI configuration for the fingerprint sensor */
+#define CONFIG_SPI_MASTER
+#define CONFIG_SPI_FP_PORT  0 /* SPI2: first master config */
+#ifdef SECTION_IS_RW
+/* TODO(b/124773209): Enable FP once rollback code has been fixed */
+#if 0
+#define CONFIG_FP_SENSOR_FPC1025
+#define CONFIG_CMD_FPSENSOR_DEBUG
+#endif
+/*
+ * Use the malloc code only in the RW section (for the private library),
+ * we cannot enable it in RO since it is not compatible with the RW verification
+ * (shared_mem_init done too late).
+ */
+#define CONFIG_MALLOC
+/* Special memory regions to store large arrays */
+#define FP_FRAME_SECTION    __SECTION(ahb4)
+#define FP_TEMPLATE_SECTION __SECTION(ahb)
+
+#else /* SECTION_IS_RO */
+/* RO verifies the RW partition signature */
+#define CONFIG_RSA
+#define CONFIG_RSA_KEY_SIZE 3072
+#define CONFIG_RSA_EXPONENT_3
+#define CONFIG_RWSIG
+#endif
+#define CONFIG_RWSIG_TYPE_RWSIG
+
+/* RW does slow compute, RO does slow flash erase. */
+#undef CONFIG_WATCHDOG_PERIOD_MS
+#define CONFIG_WATCHDOG_PERIOD_MS 10000
+
+/*
+ * Add rollback protection
+ */
+/*TODO(b/125506600): Support rollback protection */
+#if 0
+#define CONFIG_ROLLBACK
+#define CONFIG_ROLLBACK_SECRET_SIZE 32
+
+#define CONFIG_ROLLBACK_MPU_PROTECT
+#endif
+
+/*
+ * We do not use any "locally" generated entropy: this is normally used
+ * to add local entropy when the main source of entropy is remote.
+ */
+#undef CONFIG_ROLLBACK_SECRET_LOCAL_ENTROPY_SIZE
+#ifdef SECTION_IS_RW
+#undef CONFIG_ROLLBACK_UPDATE
+#endif
+
+#define CONFIG_AES
+#define CONFIG_AES_GCM
+
+#define CONFIG_RNG
+
+#define CONFIG_CMD_FLASH
+#define CONFIG_CMD_SPI_XFER
+
+#ifndef __ASSEMBLER__
+
+/* Timer selection */
+#define TIM_CLOCK32 2
+#define TIM_WATCHDOG 16
+
+#include "gpio_signal.h"
+
+void fps_event(enum gpio_signal signal);
+
+#endif /* !__ASSEMBLER__ */
+
+#endif /* __BOARD_H */
diff --git a/board/hatch_fp/build.mk b/board/hatch_fp/build.mk
new file mode 100644
index 0000000000..038819ff4d
--- /dev/null
+++ b/board/hatch_fp/build.mk
@@ -0,0 +1,14 @@
+# Copyright 2019 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+#
+# Board specific files build
+
+# the IC is STmicro STM32F412
+CHIP:=stm32
+CHIP_FAMILY:=stm32f4
+CHIP_VARIANT:=stm32f412
+
+board-y=board.o
+
+test-list-y=aes sha256 sha256_unrolled
diff --git a/board/hatch_fp/dev_key.pem b/board/hatch_fp/dev_key.pem
new file mode 100644
index 0000000000..e3273cbccf
--- /dev/null
+++ b/board/hatch_fp/dev_key.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4wIBAAKCAYEAwVaB9PsLDGaHIMGp+uouwQvQGhNbIifTTX40aO7Sh00Pw9va
+tqggEe7AyeEKQLy7uxCfwLFkUABCmEIusLpsp7iGvAXz3R1N80pyszNGhsqV2UQH
+WW/M5L/3nPNjqjffje0ZMwoCNeE4YBqn+puiKEBEZXnnZsPV/f5lOn6v4GP7wzkF
+lTEq9InLhoWEKjuyL6gwfVZiEvNs52umzjSx/OaY9ux1SrnR6768xQdCRpah/RDC
+DAdL1v7lnzagBXq1p5WFFkAsIQhgSk7FhC0MX3BPqGE2c68t/g5AkyT1M7SZk4+5
+sY6oor7vVmfzUsShJOP1xb/Gv91cgRMOIU4y6mnQcf7YO68ex9YpnTnL2JGpZj/j
+MHzocI9l9a6R0PX17UOvXfVg2tQg+mU+zLqCG2xMe8R7+sA893/wgQdSXDiB5Nvh
+Vbp+89WxrX2vQK5lIObCUlKNLABsdeAMiTBN9IXMLdK5EP3gbL+wKG+/82DgAwaz
+l6hJZ2TLhV+BWdE3AgEDAoIBgQCA5FajUgddma9rK8anRsnWB+ARYjzBb+IzqXhF
+9IxaM1/X5+ckcBVhSdXb61wrKH0nYGqAdkLgACxlgXR10Z3FJa8oA/fovjP3hvci
+Ii8Ehw6Q2ATmSoiYf/pookJxepUJSLt3XAF5QNBAEcVRvRbFgC2Y+++Z1+P+qZjR
+qcqVl/0s0K5jdhyjBoevA61xfSF1Gsr+OZa3TPNE8m80IyFTRGX58vjce+FH1H3Y
+r4GEZGv+CywIBN05/0O/ecADpyKZ1m8PYrkpCwuNc+BK+BkEeEary61Y/IoQLVUx
+ntb4Y2meciFj5yr7PtRLcuwllWjEU5IfKPl2bB96fxITC6ALZVI9ksC6YDfCBXuU
+rWQNG1UFC6Ux//g1BdXhuPgl9MHS0nA37oJ8BxhdIgbQ1OxLlkY+VLwWN0IrC3vp
++MDTufSPh7sR7r4sMVTYcncyc4kE0pnXQw+LHg3lnwadwlFeKP2mJKAyeveMqTWd
+GdB0eMuyv2cp77/nrESWYDUa9ysCgcEA/dwIdGjXmhz9T4zleZUTM9/D+uzW5kG0
+eB/br+ztzP/9YC+W0+DDlHVG2bdrsJsooZEyuzDaiGd/JiW9wPTjdjtSpCksJUEE
+KImymQ2GFbs7If1ZCgcxFqdywjk8WVqxCcv/Bqhsa7lcIGOFiV9X8x067xpwNU3t
+yw8IRXchfUK80BKFPf8quP4RoYy6o4rkos28+Q+zIPSZlBaZXKsSKPQElyN0SysN
+UwGSpOJ4b9TOH88GZFLymKOY4DUhvSJXAoHBAML31grDPsla0aaUD5oj06TcIavC
+24fyqm2qZRjJxPIffcW08MfTJJVraguEJWnJW1zVZ9vRdgXTriMutUPH32MWgnF5
+iv7dxvxEPaUoL68tbryxElt1wwpfMmDf4T6sIic8CANnMLUQIE5Orwobx7btqC8q
+8aQfa+vfrlybD6Fe1j19w3zVNviNoMdFQdF2MvbdHpZeQrpevgla6T/hwb5USx14
+VHoaX8bATRfmjtTW4FcYknRttvM+y8OaD/Q8IQKBwQCpPVr4ReURaKjfs0OmY2Ii
+lS1R8znu1nhQFT0f80kzVVOVdQ836y0No4SRJPJ1vMXBC3cndecFmlTEGSkrTez5
+fOHCxh1uK1gbBncQs665J3zBU5CxWiC5xPcsJig7kctb3VSvGvLye5LAQlkGP4/3
+aNH0vErOM/PctLAuT2uo1yiKtwN+qhx7VAvBCHxtB0MXM9NQtSIV+GZiubuTHLbF
++AMPbPgyHLOMq7cYlvr1OIlqigRC4fcQbRCVeMEowY8CgcEAgfqOsdd/MOc2bw1f
+vBfibegWcoHnr/ccSRxDZdvYoWpT2SNLL+IYY5zxXQLDm9uSPeOakoukA+J0F3R4
+19qU7LmsS6ZcqekvUtgpGMV1H3OfKHYMPPkssZTMQJVA1HLBb31arO91zgrANDR0
+sWfaefPFdMdLwr+dR+p0Pby1Fj85flPXqI4kpbPAhNjWi6Qh+ei/DumB0ZR+sOdG
+KpaBKY2HaPri/BGVLyreD+8J4znq5LsMTZ55938ygma1TX1rAoHASPiGXtnpXS5d
+TH2LAGcvUyopOMgdEHbm9Xvkdet3rLrNPkJ+tuTsv7MwUprnoQQhCowbVwQ8IzS0
+MHSMcqBT68dJsq9Y3OB7tYHtSYDEcHEpbdIt1oRHO0tWo/XMC/qRvTSTiEqCv4LQ
+x2buZlD4KfmQOHh24EwuZMB7MsyvdMvY56LWrJExx+Cb1VcItGme9pxf5Tir0ho/
+xzKyVSGh59GI0weB/PQl1queFbSYDWeKF6Ra74appkWF1cb9z8P4
+-----END RSA PRIVATE KEY-----
diff --git a/board/hatch_fp/ec.tasklist b/board/hatch_fp/ec.tasklist
new file mode 100644
index 0000000000..ec2bc3c268
--- /dev/null
+++ b/board/hatch_fp/ec.tasklist
@@ -0,0 +1,23 @@
+/* Copyright 2017 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+/**
+ * List of enabled tasks in the priority order
+ *
+ * The first one has the lowest priority.
+ *
+ * For each task, use the macro TASK_ALWAYS(n, r, d, s) for base tasks and
+ * TASK_NOTEST(n, r, d, s) for tasks that can be excluded in test binaries,
+ * where :
+ * 'n' in the name of the task
+ * 'r' in the main routine of the task
+ * 'd' in an opaque parameter passed to the routine at startup
+ * 's' is the stack size in bytes; must be a multiple of 8
+ */
+#define CONFIG_TASK_LIST \
+	TASK_ALWAYS_RO(RWSIG, rwsig_task, NULL, 1280) \
+	TASK_ALWAYS(HOOKS, hook_task, NULL, 1024) \
+	TASK_ALWAYS(HOSTCMD, host_command_task, NULL, 4096) \
+	TASK_ALWAYS(CONSOLE, console_task, NULL, LARGER_TASK_STACK_SIZE)
diff --git a/board/hatch_fp/gpio.inc b/board/hatch_fp/gpio.inc
new file mode 100644
index 0000000000..807a76ae47
--- /dev/null
+++ b/board/hatch_fp/gpio.inc
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2019 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+/* Interrupts */
+GPIO_INT(FPS_INT,         PIN(A, 0), GPIO_INT_RISING, fps_event)
+GPIO_INT(SPI1_NSS,        PIN(A, 4), GPIO_INPUT, spi_event)
+
+GPIO_INT(PCH_SLP_S0_L,    PIN(B, 0), GPIO_INT_BOTH, slp_event)
+GPIO_INT(PCH_SLP_S3_L,    PIN(B, 1), GPIO_INT_BOTH, slp_event)
+GPIO(PCH_SLP_S4_L,        PIN(B, 2), GPIO_INPUT)
+GPIO(PCH_SLP_SUS_L,       PIN(B, 5), GPIO_INPUT)
+
+GPIO(WP,                  PIN(B, 7), GPIO_INPUT)
+
+/* Outputs */
+GPIO(EC_INT_L,            PIN(A, 1),  GPIO_OUT_HIGH)
+GPIO(FP_RST_ODL,          PIN(B,10),  GPIO_OUT_HIGH)
+GPIO(SPI2_NSS,            PIN(B,12),  GPIO_OUT_HIGH)
+GPIO(USER_PRES_L,         PIN(B, 9),  GPIO_ODR_HIGH)
+
+UNIMPLEMENTED(ENTERING_RW)
+
+/* USART1: PA9/PA10 */
+ALTERNATE(PIN_MASK(A, 0x0600), GPIO_ALT_USART,  MODULE_UART, GPIO_PULL_UP)
+/* SPI1 slave from the AP: PA4/5/6/7 */
+ALTERNATE(PIN_MASK(A, 0x00f0), GPIO_ALT_SPI, MODULE_SPI,  0)
+/* SPI2 master to sensor: PB12/13/14/15 */
+ALTERNATE(PIN_MASK(B, 0xf000), GPIO_ALT_SPI, MODULE_SPI_MASTER,  0)