diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2020-04-24 18:43:45 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-05-29 04:42:17 +0000 |
| commit | 85d2ae0a9056859a0c159406121fc586c99d98e1 (patch) | |
| tree | ed48f8ccc51fd3be879421c6d093415c3d100c32 /chip | |
| parent | 000c22149838ac3ffcb2b6115d5442432c028416 (diff) | |
| download | chrome-ec-85d2ae0a9056859a0c159406121fc586c99d98e1.tar.gz | |
Plug in the AP RO verification implementation
This adds plumbing necessary to invoke the AP RO verification function
in response to the operator entering the 'magic sequence' of holding
the power button pressed and pressing/releasing the refresh button
three times within five seconds.
The code used during the 'Open box RMA' verification process is used,
with the physical presence confirmation phase bypassed.
This patch also makes sure that attempts to use CCD to program AP or
EC flash while AP RO verification is in progress would fail.
BUG=b:153764696, b:154966209
TEST=with the next patch applied, generated AP integrity verification
data using the ap_ro_hash.py script and then ran the verification
procedure, observing the 'hash match' message on the Cr50
console.
Also verified that the Open Box RMA procedure still succeeds.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ic101fb892554ebb05f9ebe6d1546bfb439f74043
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2171399
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Diffstat (limited to 'chip')
| -rw-r--r-- | chip/g/usb_spi.c | 2 | ||||
| -rw-r--r-- | chip/g/usb_spi.h | 12 |
2 files changed, 13 insertions, 1 deletions
diff --git a/chip/g/usb_spi.c b/chip/g/usb_spi.c index e41d9eab67..54f32fd553 100644 --- a/chip/g/usb_spi.c +++ b/chip/g/usb_spi.c @@ -106,7 +106,7 @@ void usb_spi_deferred(struct usb_spi_config const *config) (!write_count && read_count == (uint8_t)SPI_READBACK_ALL)) return; - if (!config->state->enabled) { + if (!config->state->enabled || usb_spi_shortcut_active()) { res = USB_SPI_DISABLED; } else if (write_count > USB_SPI_MAX_WRITE_COUNT || write_count != (count - HEADER_SIZE)) { diff --git a/chip/g/usb_spi.h b/chip/g/usb_spi.h index 0c2707df4f..7a3d5652b3 100644 --- a/chip/g/usb_spi.h +++ b/chip/g/usb_spi.h @@ -243,6 +243,18 @@ int usb_spi_interface(struct usb_spi_config const *config, int usb_spi_board_enable(int host); void usb_spi_board_disable(void); +#ifdef CONFIG_AP_RO_VERIFICATION +/* Returns true if AP RO verification is in progress. */ +bool usb_spi_shortcut_active(void); +#else +/* Make sure other than Cr50 boards build fine. */ +static inline bool usb_spi_shortcut_active(void) { return false; } +#endif + +/* Functions to use to fast track AP RO flash verification. */ +void enable_ap_spi_hash_shortcut(void); +void disable_ap_spi_hash_shortcut(void); + int usb_spi_sha256_start(HASH_CTX *ctx); int usb_spi_sha256_update(HASH_CTX *ctx, uint32_t offset, uint32_t size); void usb_spi_sha256_final(HASH_CTX *ctx, void *digest, size_t digest_size); |