diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2017-12-08 13:37:13 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2017-12-08 20:37:24 -0800 |
| commit | 9e73e2235eb0b510d2a1a1cf53895cdf52cce447 (patch) | |
| tree | 6b9d4d9a4bbfc76aa760d4e5d30c4f74fb98ff9f /board/cr50 | |
| parent | 5ff463659c44ee9fdc5a8cb6e730ec19a91790c6 (diff) | |
| download | chrome-ec-9e73e2235eb0b510d2a1a1cf53895cdf52cce447.tar.gz | |
cr50: do not cache FWMP contents
Using FWMP for CCD management requires that FWMP contents could be
read even when the AP is not operational, i.e. before TPM2_Startup
command is issued.
A fix is added to the TPM2 library to allow access to FWMP contents
even if TPM is not used by the AP. With that in mind there is no need
to delay reading FWMP until TPM2_Startup command is issued. With the
console task stack increase FWMP contents can be read directly on the
console task context.
BRANCH=Cr50
BUG=b:62537474
TEST=with TPM patch applied verified that CCD can be opened when AP is
down (i.e. TPM2_Startup command was not issued).
Change-Id: Ibf4325917a512a855fc658edb9e51e4837328f43
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/817896
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Diffstat (limited to 'board/cr50')
| -rw-r--r-- | board/cr50/wp.c | 38 |
1 files changed, 12 insertions, 26 deletions
diff --git a/board/cr50/wp.c b/board/cr50/wp.c index e4fc54c630..63de13ed0b 100644 --- a/board/cr50/wp.c +++ b/board/cr50/wp.c @@ -259,6 +259,7 @@ struct RollbackSpaceFwmp { uint8_t dev_key_hash[FWMP_HASH_SIZE]; } __packed; +#ifndef CR50_DEV static int lock_enforced(const struct RollbackSpaceFwmp *fwmp) { uint8_t crc; @@ -279,51 +280,36 @@ static int lock_enforced(const struct RollbackSpaceFwmp *fwmp) return !!(fwmp->flags & FWMP_DEV_DISABLE_CCD_UNLOCK); } +#endif -static int fwmp_allows_unlock; -void read_fwmp(void) +int board_fwmp_allows_unlock(void) { +#ifdef CR50_DEV + return 1; +#else /* Let's see if FWMP disables console activation. */ struct RollbackSpaceFwmp fwmp; + int allows_unlock; switch (read_tpm_nvmem(FWMP_NV_INDEX, sizeof(struct RollbackSpaceFwmp), &fwmp)) { default: /* Something is messed up, let's not allow console unlock. */ - fwmp_allows_unlock = 0; + allows_unlock = 0; break; case tpm_read_not_found: - fwmp_allows_unlock = 1; + allows_unlock = 1; break; case tpm_read_success: - fwmp_allows_unlock = !lock_enforced(&fwmp); + allows_unlock = !lock_enforced(&fwmp); break; } - CPRINTS("Console unlock %sallowed", fwmp_allows_unlock ? "" : "not "); -} + CPRINTS("Console unlock %sallowed", allows_unlock ? "" : "not "); -/** - * Return non-zero if FWMP allows unlock - */ -int board_fwmp_allows_unlock(void) -{ - /* - * TODO(rspangler): This doesn't work right for CCD config unlock and - * open, because read_fwmp() isn't called until TPM2_Startup is sent by - * the AP. But that means if the AP can't boot, it's not possible to - * unlock or open CCD. - * - * CCD config isn't connected to anything else yet, so let's bypass - * the fwmp check for now. But we need to fix this before we make - * a Cr50 release that could run on a MP device. - */ -#ifdef CR50_DEV - return 1; -#else - return fwmp_allows_unlock; + return allows_unlock; #endif } |