cr50: use new conventions to determine key ladder mode

The new RW dev key does not follow the existing convention of bit 0x4 set in prod Key ID and unset in dev key ID. The suggested approach is to check values of some key manager registers to determine if the device is running in fully configured prod mode or not. BRANCH=cr50, cr50-mp BUG=b:144455990 TEST=tried running this patch on a node locked image: > sysinfo ... RO keyid: 0xaa66150f RW keyid: 0x334f70df ... Key Ladder: dev Change-Id: I73088ce44a8b8bf8e11a0d240d07152b49a3225b Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1915504 Reviewed-by: Andrey Pronin <apronin@chromium.org> (cherry picked from commit 74237689eb277bf1fe0e682cb256825508fa511f) Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1954338
author: Vadim Bendebury <vbendeb@chromium.org> 2019-11-13 18:11:53 -0800
committer: Commit Bot <commit-bot@chromium.org> 2019-12-06 23:48:31 +0000
commit: d2ffa5f72aae0fcbc5aea7c985d09680f201a08f (patch)
tree: 9afd7efeb14743e42f34482da9007e7e58258fbe
parent: e10b6b3c836ac8e0c2cc86e7ea05e15fa39e8526 (diff)
download: chrome-ec-d2ffa5f72aae0fcbc5aea7c985d09680f201a08f.tar.gz
3 files changed, 21 insertions, 17 deletions
diff --git a/board/cr50/board.c b/board/cr50/board.c
index b5bde68718..d6cef9f816 100644
--- a/board/cr50/board.c
+++ b/board/cr50/board.c
@@ -91,6 +91,7 @@ uint32_t nvmem_user_sizes[NVMEM_NUM_USERS] = {
 /*  Board specific configuration settings */
 static uint32_t board_properties; /* Mainly used as a cache for strap config. */
 static uint8_t reboot_request_posted;
+static uint8_t in_prod_mode;
 
 /* Which UARTs we'd like to be able to bitbang. */
 struct uart_bitbang_properties bitbang_config = {
@@ -720,6 +721,14 @@ static void board_init(void)
 	init_trng();
 	maybe_trigger_ite_sync();
 	init_jittery_clock(1);
+
+	/*
+	 * Need to cache this, because key manager registers are not available
+	 * after run level is lowered.
+	 */
+	in_prod_mode = (GREG32(KEYMGR, HKEY_FWR7) == 0) &&
+		(GREG32(KEYMGR, HKEY_RWR7) == 0xaa66150f);
+
 	init_runlevel(PERMISSION_MEDIUM);
 	/* Initialize NvMem partitions */
 	nvmem_init();
@@ -1458,15 +1467,6 @@ void i2cs_set_pinmux(void)
 	GWRITE_FIELD(PINMUX, EXITEN0, DIOA1, 1);   /* enable powerdown exit */
 }
 
-/* Determine key type based on the key ID. */
-static const char *key_type(const struct SignedHeader *h)
-{
-	if (G_SIGNED_FOR_PROD(h))
-		return "prod";
-	else
-		return "dev";
-}
-
 static int command_sysinfo(int argc, char **argv)
 {
 	enum system_image_copy_t active;
@@ -1489,12 +1489,12 @@ static int command_sysinfo(int argc, char **argv)
 	active = system_get_ro_image_copy();
 	vaddr = get_program_memory_addr(active);
 	h = (const struct SignedHeader *)vaddr;
-	ccprintf("RO keyid:    0x%08x(%s)\n", h->keyid, key_type(h));
+	ccprintf("RO keyid:    0x%08x\n", h->keyid);
 
 	active = system_get_image_copy();
 	vaddr = get_program_memory_addr(active);
 	h = (const struct SignedHeader *)vaddr;
-	ccprintf("RW keyid:    0x%08x(%s)\n", h->keyid, key_type(h));
+	ccprintf("RW keyid:    0x%08x\n", h->keyid);
 
 	ccprintf("DEV_ID:      0x%08x 0x%08x\n",
 		 GREG32(FUSE, DEV_ID0), GREG32(FUSE, DEV_ID1));
@@ -1507,7 +1507,8 @@ static int command_sysinfo(int argc, char **argv)
 		(tpm_mode == TPM_MODE_DISABLED) ? "disabled" : "enabled",
 		tpm_mode);
 	ccprintf("Key Ladder:  %s\n",
-		DCRYPTO_ladder_is_enabled() ? "enabled" : "disabled");
+		DCRYPTO_ladder_is_enabled() ?
+		 (board_in_prod_mode() ? "prod" : "dev") : "disabled");
 
 	return EC_SUCCESS;
 }
@@ -1712,3 +1713,8 @@ void board_unwedge_i2cs(void)
 	/* Restore external pin connection to the i2cs_scl. */
 	GWRITE(PINMUX, DIOA9_SEL, GC_PINMUX_I2CS0_SCL_SEL);
 }
+
+int board_in_prod_mode(void)
+{
+	return in_prod_mode;
+}
diff --git a/board/cr50/board.h b/board/cr50/board.h
index 51e7b76251..3dd8b100cf 100644
--- a/board/cr50/board.h
+++ b/board/cr50/board.h
@@ -375,6 +375,8 @@ void board_start_ite_sync(void);
  */
 void board_unwedge_i2cs(void);
 
+int board_in_prod_mode(void);
+
 #endif /* !__ASSEMBLER__ */
 
 /* USB interface indexes (use define rather than enum to expand them) */
diff --git a/board/cr50/tpm2/endorsement.c b/board/cr50/tpm2/endorsement.c
index 4167fe0745..e85d3dfd0e 100644
--- a/board/cr50/tpm2/endorsement.c
+++ b/board/cr50/tpm2/endorsement.c
@@ -599,7 +599,6 @@ enum manufacturing_status tpm_endorse(void)
 		HASH_update(&hmac.hash, p, RO_CERTS_REGION_SIZE - 32);
 		if (!DCRYPTO_equals(p + RO_CERTS_REGION_SIZE - 32,
 				   DCRYPTO_HMAC_final(&hmac), 32)) {
-			const struct SignedHeader *h;
 
 			CPRINTF("%s: bad cert region hmac;", __func__);
 #ifdef CR50_INCLUDE_FALLBACK_CERT
@@ -620,10 +619,7 @@ enum manufacturing_status tpm_endorse(void)
 				break;
 			}
 #else
-			h = (const struct SignedHeader *)
-				get_program_memory_addr
-				(system_get_image_copy());
-			if (G_SIGNED_FOR_PROD(h)) {
+			if (board_in_prod_mode()) {
 
 				/* TODO(ngm): is this state considered
 				 * endorsement failure?
author	Vadim Bendebury <vbendeb@chromium.org>	2019-11-13 18:11:53 -0800
committer	Commit Bot <commit-bot@chromium.org>	2019-12-06 23:48:31 +0000
commit	d2ffa5f72aae0fcbc5aea7c985d09680f201a08f (patch)
tree	9afd7efeb14743e42f34482da9007e7e58258fbe
parent	e10b6b3c836ac8e0c2cc86e7ea05e15fa39e8526 (diff)
download	chrome-ec-d2ffa5f72aae0fcbc5aea7c985d09680f201a08f.tar.gz