diff options
| author | Mary Ruthven <mruthven@chromium.org> | 2022-09-21 15:48:30 -0500 |
|---|---|---|
| committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-11-07 18:07:20 +0000 |
| commit | 52b9c34f7a054b8a0de9146b5ffb771480c8e611 (patch) | |
| tree | dc289f8ba86f1c4bf075dca6ebf868e8f152a6ed /include/flash_log.h | |
| parent | b08b1eeca736388709381471cebbd80b6e969921 (diff) | |
| download | chrome-ec-52b9c34f7a054b8a0de9146b5ffb771480c8e611.tar.gz | |
apro: save the gbb descriptor after verification passes
Save the GBBD in AP RO flash after verification passes. It takes a while
to cycle through all of the factory flags. If Cr50 successfully matches
the saved AP RO hash with injected factory flags, save the flags to save
for future runs.
The gbb descriptor data is saved 512 bytes after the start of the AP RO
check data. The max v1 size is currently 296 bytes, so there's extra
room if we need to increase the AP RO check data size. The entire AP RO
data space is 2048, so there's a lot of extra space after the gbb
descriptor if we need to add more stuff.
BUG=b:236844541
TEST=manual
# erase hash
> ap_ro_info erase
# set the GBB flags to 0x239
/usr/share/vboot/bin/set_gbb_flags.sh 0x239
# add test key to RO_VPD
vpd -i RO_VPD -s "apro_test=original"
# save hash
ap_ro_hash.py WP_RO
# trigger verification. Make sure it fails because the flags
# are 0x239
[200.425891 RO Validation triggered]
...
[200.481670 AP RO FAILED!]
# set the GBB flags to 0
/usr/share/vboot/bin/set_gbb_flags.sh 0
# change test RO_VPD key. make sure verification fails.
vpd -i RO_VPD -s "apro_test=wrong"
[3.822818 RO Validation triggered]
...
[61.407680 spi_hash_disable]
[61.407955 AP RO FAILED!]
[61.418949 AP off]
# restore test RO_VPD key.
vpd -i RO_VPD -s "apro_test=original"
# trigger verification. Make sure it passes and saves the gbbd.
[3.822818 RO Validation triggered]
[3.825035 enable_spi_pinmux: AP]
...
[25.695068 spi_hash_disable]
[25.696224 AP RO PASS!]
# check saved gbbd shows 0x239
> ap
result : 6
gbb : saved (0x239)
supported : yes
...
# Trigger verification. Verify Cr50 just uses 0x239
[356.968860 RO Validation triggered]
[356.969795 enable_spi_pinmux: AP]
...
[364.289047 AP RO PASS!]
# change test RO_VPD key make sure verification fails.
vpd -i RO_VPD -s "apro_test=wrong"
[213.868492 RO Validation triggered]
...
[221.192661 AP RO FAILED!]
# erase the AP RO data. Verify gbbd gets cleared
> ap_ro_info erase
result : 6
[400.206562 ap_ro_check_unsupported: RO verification not programmed]
supported : no
> ap
result : 6
[403.772743 ap_ro_check_unsupported: RO verification not programmed]
supported : no
>
Change-Id: Iad8cfd4a448c2e5798a94aa8b4e3a735281eb849
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3915000
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Diffstat (limited to 'include/flash_log.h')
| -rw-r--r-- | include/flash_log.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/flash_log.h b/include/flash_log.h index 05f3e3319e..407a184e2f 100644 --- a/include/flash_log.h +++ b/include/flash_log.h @@ -102,6 +102,8 @@ enum ap_ro_verification_ev { APROF_CHECK_SUCCEEDED = 7, APROF_CHECK_UNSUPPORTED = 8, APROF_FAIL_CLEARED = 9, + APROF_SAVED_GBBD = 10, + APROF_FAILED_TO_SAVE_GBBD = 11, }; struct ap_ro_entry_payload { |