diff options
author | Namyoon Woo <namyoon@chromium.org> | 2018-10-31 17:35:09 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2018-12-05 01:13:31 -0800 |
commit | 2b9ee186544863f29a84477aa46a80a57d8f09e0 (patch) | |
tree | 6c07caddb65c4002adf6f3632a0af765d24c6fdb /chip/g/dcrypto | |
parent | 6851e82deeedd89bee94560a75a2c7347836bc48 (diff) | |
download | chrome-ec-2b9ee186544863f29a84477aa46a80a57d8f09e0.tar.gz |
cr50: revoke key ladder on disabling TPM
Disabling TPM will do revoke H1 key laddder.
Querying TPM_MODE or enabling TPM_MODE will fail if H1 Key
Ladder is already revoked.
BUG=b:118504817
BRANCH=cr50
TEST=Manually tested with TPM disabling and Resume or Warm Reboot.
(1) Resume
$ trunks_send --raw 80 01 00 00 00 0c 00 00 01 45 00 01
80010000000A00000000
$ gsctool -a -m disable
TPM Mode: disabled (2)
$ echo mem > /sys/power/state
(press key on chromebook either after three seconds or in a second.)
(2) Warm Reboot
$ gsctool -a -m disable
(press refresh + power button or run kernel command 'reboot')
Check Chrome os boot ok.
No TPM command failures were observed (in CR50 console).
(3) Windows Warm Reboot or Resume are checked.
Change-Id: I32fffc432a9a6068ea324a97225974c581cb9359
Signed-off-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1312197
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Diffstat (limited to 'chip/g/dcrypto')
-rw-r--r-- | chip/g/dcrypto/dcrypto.h | 7 | ||||
-rw-r--r-- | chip/g/dcrypto/key_ladder.c | 29 |
2 files changed, 36 insertions, 0 deletions
diff --git a/chip/g/dcrypto/dcrypto.h b/chip/g/dcrypto/dcrypto.h index f51907f767..848373dbcb 100644 --- a/chip/g/dcrypto/dcrypto.h +++ b/chip/g/dcrypto/dcrypto.h @@ -304,6 +304,13 @@ struct APPKEY_CTX { int DCRYPTO_ladder_compute_frk2(size_t major_fw_version, uint8_t *frk2); int DCRYPTO_ladder_random(void *output); +void DCRYPTO_ladder_revoke(void); +/* + * Query whether Key Ladder is enabled. + * + * @return 1 if Key Ladder is enabled, and 0 otherwise. + */ +int DCRYPTO_ladder_is_enabled(void); int DCRYPTO_appkey_init(enum dcrypto_appid id, struct APPKEY_CTX *ctx); void DCRYPTO_appkey_finish(struct APPKEY_CTX *ctx); diff --git a/chip/g/dcrypto/key_ladder.c b/chip/g/dcrypto/key_ladder.c index 913a667417..7aca0ad2b3 100644 --- a/chip/g/dcrypto/key_ladder.c +++ b/chip/g/dcrypto/key_ladder.c @@ -287,3 +287,32 @@ int dcrypto_ladder_derive(enum dcrypto_appid appid, const uint32_t salt[8], dcrypto_release_sha_hw(); return !error; } + +void DCRYPTO_ladder_revoke(void) +{ + /* Revoke certificates */ + GWRITE(KEYMGR, CERT_REVOKE_CTRL0, 0xffffffff); + GWRITE(KEYMGR, CERT_REVOKE_CTRL1, 0xffffffff); + + /* Wipe out the hidden keys cached in AES and SHA engines. */ + GWRITE_FIELD(KEYMGR, AES_USE_HIDDEN_KEY, ENABLE, 0); + GWRITE_FIELD(KEYMGR, SHA_USE_HIDDEN_KEY, ENABLE, 0); + + /* Clear usr_ready[] */ + memset(usr_ready, 0, sizeof(usr_ready)); +} + +#define KEYMGR_CERT_REVOKE_CTRL0_DEFAULT_VAL 0xa8028a82 +#define KEYMGR_CERT_REVOKE_CTRL1_DEFAULT_VAL 0xaaaaaaaa + +int DCRYPTO_ladder_is_enabled(void) +{ + uint32_t ctrl0; + uint32_t ctrl1; + + ctrl0 = GREAD(KEYMGR, CERT_REVOKE_CTRL0); + ctrl1 = GREAD(KEYMGR, CERT_REVOKE_CTRL1); + + return ctrl0 == KEYMGR_CERT_REVOKE_CTRL0_DEFAULT_VAL && + ctrl1 == KEYMGR_CERT_REVOKE_CTRL1_DEFAULT_VAL; +} |