hammer: Disable USB I2C passthrough when system is locked

Leaving the I2C passthrough to the trackpad open causes security
issues, let's make sure we disable that in the field, whenever
the WP screw is on (and system is locked, which will be synonymous
for production firmwares).

BRANCH=none
BUG=b:37926507
TEST=- In board/hammer/board.h, uncomment CONFIG_SYSTEM_UNLOCKED
     - Flash hammer (both RO and RW)
     - Trackpad updating still works (touchpad_updater on DUT)
     - Make sure WP is on
       dut-control -p 9000 fw_wp_vref:pp3300 fw_wp_en:on fw_wp:on
     - hammer console: flashwp true; reboot
     - Trackpad updating fails (cannot read iap password.)

Change-Id: I247bb9c62ea00d6cb3631c919d27305f4d291d68
Signed-off-by: Nicolas Boichat <drinkcat@google.com>
Reviewed-on: https://chromium-review.googlesource.com/595290
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>

1 files changed, 6 insertions, 1 deletions

diff --git a/board/hammer/board.c b/board/hammer/board.c
index a3e90dc14b..f3b693e93a 100644
--- a/board/hammer/board.c
+++ b/board/hammer/board.c
@@ -80,7 +80,12 @@ BUILD_ASSERT(ARRAY_SIZE(pwm_channels) == PWM_CH_COUNT);
 
 int usb_i2c_board_enable(void) { return EC_SUCCESS; }
 void usb_i2c_board_disable(void) {}
-int usb_i2c_board_is_enabled(void) { return 1; }
+
+int usb_i2c_board_is_enabled(void)
+{
+	/* Disable I2C passthrough when the system is locked */
+	return !system_is_locked();
+}
 
 #ifdef CONFIG_KEYBOARD_BOARD_CONFIG
 struct keyboard_scan_config keyscan_config = {