summaryrefslogtreecommitdiff
path: root/include/tpm_vendor_cmds.h
diff options
context:
space:
mode:
authorRandall Spangler <rspangler@chromium.org>2018-05-24 14:56:14 -0700
committerchrome-bot <chrome-bot@chromium.org>2018-05-25 20:31:57 -0700
commitd7705eb311f919ab4c93aeea401ba58771c28dd4 (patch)
treec233b833fa4fe944f8ccfaa57e9a638de90bcffa /include/tpm_vendor_cmds.h
parentb3218b9533b607dd53fec13671e3d91b50c0122a (diff)
downloadchrome-ec-d7705eb311f919ab4c93aeea401ba58771c28dd4.tar.gz
ccd_config: Simplify open and password
Allow setting password from the AP, but not from USB. Remove the old password control logic, which is no longer needed. Allow open if: - Not explicitly blocked - Not blocked via FWMP - One of the following is true: - A password is set - Battery is removed (also doesn't require physical presence) - Dev mode is on, and request came from the AP Reduces cr50 binary by 152 bytes. BUG=b:79983505 BRANCH=cr50 TEST=manual, with a CR50_DEV=1 build ccd oops ccd lock ccd unlock -> fails gsctool -U -> fails from host gsctool -t -U -> fails from AP ccd oops ccd password foo -> fails from console gsctool -P -> fails from host gsctool -t -P -> works from AP ccd get -> confirms password set ccd lock ccd unlock foo -> works ccd lock gsctool -U -> works from host, if correct password supplied ccd lock gsctool -t -U -> works from AP, if correct password supplied ccd open foo -> works ccd lock gsctool -O -> works from host, if correct password supplied ccd lock gsctool -t -O -> works from AP, if correct password supplied ccd oops ccd lock (remove battery) ccd open -> works without physical presence (reattach battery) ccd lock gsctool -O -> works from host ccd lock gsctool -t -O -> works from AP, if dev mode is enabled Change-Id: I364b322d03db250e7dd140767d7a22dbb3ac1eef Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1072957 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Diffstat (limited to 'include/tpm_vendor_cmds.h')
-rw-r--r--include/tpm_vendor_cmds.h10
1 files changed, 3 insertions, 7 deletions
diff --git a/include/tpm_vendor_cmds.h b/include/tpm_vendor_cmds.h
index 2d460badfa..72dc670b7d 100644
--- a/include/tpm_vendor_cmds.h
+++ b/include/tpm_vendor_cmds.h
@@ -35,9 +35,7 @@ enum vendor_cmd_cc {
VENDOR_CC_IMMEDIATE_RESET = 19,
VENDOR_CC_INVALIDATE_INACTIVE_RW = 20,
VENDOR_CC_COMMIT_NVMEM = 21,
-
- /* A gap left for the deep sleep control command. */
-
+ /* DEPRECATED(22): deep sleep control command. */
VENDOR_CC_REPORT_TPM_STATE = 23,
VENDOR_CC_TURN_UPDATE_ON = 24,
VENDOR_CC_GET_BOARD_ID = 25,
@@ -46,11 +44,9 @@ enum vendor_cmd_cc {
VENDOR_CC_POP_LOG_ENTRY = 28,
VENDOR_CC_GET_REC_BTN = 29,
VENDOR_CC_RMA_CHALLENGE_RESPONSE = 30,
-
- /* A gap left for the no longer supported CCD password command. */
-
+ /* DEPRECATED(31): CCD password command (now part of VENDOR_CC_CCD) */
VENDOR_CC_DISABLE_RMA = 32,
- VENDOR_CC_MANAGE_CCD_PWD = 33,
+ /* DEPRECATED(33): Manage CCD password phase */
VENDOR_CC_CCD = 34,
VENDOR_CC_GET_ALERTS_DATA = 35,
VENDOR_CC_SPI_HASH = 36,
View Lorry Controller Status