diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2016-09-23 17:00:53 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-09-24 16:22:21 -0700 |
| commit | 4e3bdedf3268839fc3553d35ccda61294ff74dd3 (patch) | |
| tree | 44002eb25923c7019f6357c92a62dda1fa10df81 | |
| parent | 9b7f0b7066d356faab7e61bfd920266b48d5a361 (diff) | |
| download | chrome-ec-4e3bdedf3268839fc3553d35ccda61294ff74dd3.tar.gz | |
Cr50: Lock console by default, with long timeout
This locks the Cr50 console by default, and makes the unlock
process take the full 5 minutes unless the battery is removed.
BUG=chrome-os-partner:57408
BRANCH=none
TEST=make buildall; test on Gru & Reef
Build the image with
make buildall
or
make BOARD=cr50
Put it on Gru & Reef, and confirm that the console is locked, by
running "lock" or "help". Try to unlock it with "lock off" and
observe that you have to poke the power button for five minutes
before it unlocks.
Remove the battery and confirm that "lock off" now only requires
a single power button press to take effect.
Build the image with
CR50_DEV=1 make BOARD=cr50
and now the behavior is back to the way it was before this CL.
Change-Id: I9f2cc67a1dd63f260221a8711a8591070018be3b
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/389238
Reviewed-by: Randall Spangler <rspangler@chromium.org>
| -rw-r--r-- | board/cr50/wp.c | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/board/cr50/wp.c b/board/cr50/wp.c index 61873ce7d7..823abdf145 100644 --- a/board/cr50/wp.c +++ b/board/cr50/wp.c @@ -42,8 +42,12 @@ DECLARE_CONSOLE_COMMAND(wp, command_wp, /* When the system is locked down, provide a means to unlock it */ #ifdef CONFIG_RESTRICTED_CONSOLE_COMMANDS -/* TODO(crosbug.com/p/55510): It should be locked by default */ +/* Hand-built images may be initially unlocked; Buildbot images are not. */ +#ifdef CR50_DEV static int console_restricted_state; +#else +static int console_restricted_state = 1; +#endif int console_is_restricted(void) { @@ -53,6 +57,17 @@ int console_is_restricted(void) /****************************************************************************/ /* Stuff for the unlock sequence */ +/* + * The normal unlock sequence should take 5 minutes (unless the case is + * opened). Hand-built images only need to be long enough to demonstrate that + * they work. + */ +#ifdef CR50_DEV +#define UNLOCK_SEQUENCE_DURATION (10 * SECOND) +#else +#define UNLOCK_SEQUENCE_DURATION (300 * SECOND) +#endif + /* Max time that can elapse between power button pokes */ static int unlock_beat; @@ -183,7 +198,8 @@ static int command_lock(int argc, char **argv) * We'll be satisified with the first press (so the * unlock_deadine is now + 0us), but we're willing to * wait for up to 10 seconds for that first press to - * happen. If we don't get one, the unlock will fail. + * happen. If we don't get one by then, the unlock will + * fail. */ start_unlock_process(0, 10 * SECOND); @@ -202,13 +218,13 @@ static int command_lock(int argc, char **argv) ccprintf("go!\n"); /* - * We won't be happy until we've poked the button for a - * good long while, but we'll only wait a short time - * between each press before deciding that the user has - * given up. + * We won't be happy until we've been poking the button + * for a good long while, but we'll only wait a couple + * of seconds between each press before deciding that + * the user has given up. */ - /* TODO(crbug.com/p/57408): Poke 5 mins, not 10 secs */ - start_unlock_process(10 * SECOND, 2 * SECOND); + start_unlock_process(UNLOCK_SEQUENCE_DURATION, + 2 * SECOND); ccprintf("Unlock sequence starting." " Continue until %.6ld\n", unlock_deadline); |