cr50: expose spihash PP polling to the host

When running the spihash command using gsctool (as opposed to the
running it from the Cr50 console), the operator needs to be prompted
when the PP button needs to be pressed.

This patch extends spihash command implementation by adding a new
subcommand for polling physical presence.

BRANCH=cr50, cr50-mp
BUG=b:73668125
TEST=with the appropriate gsctool changes the user is periodically
     prompted to press the physical presence button, and eventually it
     is possible to set up spi hash access to AP and EC.

Change-Id: I96aed1619d364c80a2f35ca8dc41241f1a444103
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/930568
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit d015bc937c0eecf1cb8f1b163874ea69c890dea4)
Reviewed-on: https://chromium-review.googlesource.com/942117
(cherry picked from commit 683dc5cfda7eb6246f9aea89d296597eb60ed765)
Reviewed-on: https://chromium-review.googlesource.com/949072

2 files changed, 52 insertions, 6 deletions

diff --git a/board/cr50/usb_spi.c b/board/cr50/usb_spi.c
index cba20e58b3..86a53e6b8e 100644
--- a/board/cr50/usb_spi.c
+++ b/board/cr50/usb_spi.c
@@ -470,6 +470,32 @@ static void spi_hash_pp_done(void)
 		(spi_hash_device == USB_SPI_AP ? "AP" : "EC"));
 }
 
+/* Process vendor subcommand dealing with Physical presence polling. */
+static enum vendor_cmd_rc spihash_pp_poll(void *buf,
+					  size_t input_size,
+					  size_t *response_size)
+{
+	char *buffer = buf;
+
+	if (spi_hash_device != USB_SPI_DISABLE) {
+		buffer[0] = CCD_PP_DONE;
+	} else {
+		switch (physical_presense_fsm_state()) {
+		case PP_AWAITING_PRESS:
+			buffer[0] = CCD_PP_AWAITING_PRESS;
+			break;
+		case PP_BETWEEN_PRESSES:
+			buffer[0] = CCD_PP_BETWEEN_PRESSES;
+			break;
+		default:
+			buffer[0] = CCD_PP_CLOSED;
+			break;
+		}
+	}
+	*response_size = 1;
+	return VENDOR_RC_SUCCESS;
+}
+
 /**
  * Set the SPI hashing device.
  *
@@ -478,8 +504,12 @@ static void spi_hash_pp_done(void)
  *
  * @return Vendor command return code
  */
-static enum vendor_cmd_rc spi_hash_set_device(int dev, int gang_mode)
+static enum vendor_cmd_rc spi_hash_set_device(int dev, int gang_mode,
+					      uint8_t *response_buf,
+					      size_t *response_size)
 {
+	*response_size = 0;
+
 	if (dev == spi_hash_device)
 		return VENDOR_RC_SUCCESS;
 
@@ -506,7 +536,15 @@ static enum vendor_cmd_rc spi_hash_set_device(int dev, int gang_mode)
 		 * that's more bookkeeping, so for now the only way to
 		 * skip physical presence is to have access to both.
 		 */
-		return physical_detect_start(0, spi_hash_pp_done);
+		int rv = physical_detect_start(0, spi_hash_pp_done);
+
+		if (rv == EC_SUCCESS)
+			return VENDOR_RC_IN_PROGRESS;
+
+		*response_size = 1;
+		response_buf[0] = rv;
+
+		return VENDOR_RC_INTERNAL_ERROR;
 	}
 
 	/*
@@ -613,11 +651,12 @@ static enum vendor_cmd_rc spi_hash_vendor(enum vendor_cmd_cc code,
 		/* Handle disabling */
 		return spi_hash_disable();
 	case SPI_HASH_SUBCMD_AP:
-		return spi_hash_set_device(USB_SPI_AP, 0);
+		return spi_hash_set_device(USB_SPI_AP, 0, buf, response_size);
 	case SPI_HASH_SUBCMD_EC:
 		return spi_hash_set_device(USB_SPI_EC,
 					   !!(req->flags &
-					      SPI_HASH_FLAG_EC_GANG));
+					      SPI_HASH_FLAG_EC_GANG),
+					   buf, response_size);
 	case SPI_HASH_SUBCMD_SHA256:
 		*response_size = SHA256_DIGEST_SIZE;
 		rc = spi_hash_sha256(buf, req->offset, req->size);
@@ -631,8 +670,12 @@ static enum vendor_cmd_rc spi_hash_vendor(enum vendor_cmd_cc code,
 		if (rc != VENDOR_RC_SUCCESS)
 			*response_size = 0;
 		return rc;
+	case SPI_HASH_PP_POLL:
+		return spihash_pp_poll(buf, input_size, response_size);
+
 	default:
-		CPRINTS("%s:%d - unknown subcommand", __func__, __LINE__);
+		CPRINTS("%s:%d - unknown subcommand %d",
+			__func__, __LINE__, req->subcmd);
 		*response_size = 0;
 		return VENDOR_RC_NO_SUCH_SUBCOMMAND;
 	}
@@ -703,8 +746,9 @@ static int hash_command_wrapper(int argc, char *argv[])
 	 * error code is the first byte after the header.
 	 */
 	return_code = be32toh(tpm_header->command_code);
+
 	if ((return_code != EC_SUCCESS) &&
-	    (return_code != VENDOR_RC_IN_PROGRESS)) {
+	    ((return_code - VENDOR_RC_ERR) != VENDOR_RC_IN_PROGRESS)) {
 		rv = p[0];
 	} else {
 		rv = EC_SUCCESS;
diff --git a/include/tpm_vendor_cmds.h b/include/tpm_vendor_cmds.h
index b5d20c7200..1cdfb7599c 100644
--- a/include/tpm_vendor_cmds.h
+++ b/include/tpm_vendor_cmds.h
@@ -124,6 +124,8 @@ enum vendor_cc_spi_hash_request_subcmd {
 	SPI_HASH_SUBCMD_SHA256 = 4,
 	/* Read SPI data */
 	SPI_HASH_SUBCMD_DUMP = 5,
+	/* Poll spi hash PP state. */
+	SPI_HASH_PP_POLL = 6,
 };
 
 enum vendor_cc_spi_hash_request_flags {