diff options
author | Mary Ruthven <mruthven@chromium.org> | 2021-06-09 17:39:28 -0500 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-06-18 18:45:12 +0000 |
commit | 49a02d634caaa5db07653f1669ff9ae35268116d (patch) | |
tree | 8921725986da8d33eee54e87913f7cd7da2d846c /include | |
parent | b231b059c0947522e4a0c9815eab1a5c2601718f (diff) | |
download | chrome-ec-49a02d634caaa5db07653f1669ff9ae35268116d.tar.gz |
ap_ro_integrity_check: Add vendor command to check status
AP RO verification has four outcomes. Shimless RMA needs to be able to
check the status. This change adds a vendor command to check the AP RO
verification status
NOT_TRIGGERED: The last AP reboot was not triggered by RO verification
key combination.
PASS: The last AP reboot was triggered by RO verification key
combination, and the verification passes
FAIL: The last AP reboot was triggered by RO verification key
combination, and it fails. In reality, the device should brick and
the system will not see this response.
UNSUPPORTED: The last AP reboot was triggered by RO verification key
combination, but there is no data to perform it or the
board doesn't support it.
BUG=b:182594555
TEST=manual
# Erase board id
# Erase AP RO hash
cr50 > ap_ro_info erase
# Check status
AP RO status = 3: unsupported
# Set gbb flags
/usr/share/vboot/bin/set_gbb_flags.sh 0x140
# Set AP RO hash
./util/ap_ro_hash.py -v True GBB
# Check status
AP RO status = 0: not run
# Trigger verification
# Check status
AP RO status = 1: pass
# Change gbb flags
/usr/share/vboot/bin/set_gbb_flags.sh 0xa39
# Trigger verification
# Check status
AP RO status = 2: FAIL
# Set board id to DUKI:0x10
# Check status
AP RO status = 3: unsupported
Change-Id: I354ccd6317cd36008a66ffd93afb3ee95f3c3561
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2950314
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/ap_ro_integrity_check.h | 11 | ||||
-rw-r--r-- | include/tpm_registers.h | 3 | ||||
-rw-r--r-- | include/tpm_vendor_cmds.h | 2 |
3 files changed, 16 insertions, 0 deletions
diff --git a/include/ap_ro_integrity_check.h b/include/ap_ro_integrity_check.h index 30181289e6..b07e4b71c7 100644 --- a/include/ap_ro_integrity_check.h +++ b/include/ap_ro_integrity_check.h @@ -8,6 +8,12 @@ #include "flash_log.h" +enum ap_ro_status { + AP_RO_NOT_RUN = 0, + AP_RO_PASS, + AP_RO_FAIL, + AP_RO_UNSUPPORTED, +}; /* * validate_ap_ro: based on information saved in an H1 RO flash page verify * contents of the AP flash. @@ -33,4 +39,9 @@ void ap_ro_add_flash_event(enum ap_ro_verification_ev event); */ int ap_ro_board_id_blocked(void); +/* + * ap_ro_device_reset: Clear AP RO verification state on a new boot. + */ +void ap_ro_device_reset(void); + #endif /* ! __CR50_INCLUDE_AP_RO_INTEGRITY_CHECK_H */ diff --git a/include/tpm_registers.h b/include/tpm_registers.h index d35824dfce..45c9910ded 100644 --- a/include/tpm_registers.h +++ b/include/tpm_registers.h @@ -46,6 +46,9 @@ void tpm_register_interface(interface_control_func interface_start, */ int tpm_reset_request(int wait_until_done, int wipe_nvmem_first); +/* Returns True if successive TPM_RST_L pulses are being debounced. */ +int tpm_reset_in_progress(void); + /* * Tell the TPM task to re-enable nvmem commits. * diff --git a/include/tpm_vendor_cmds.h b/include/tpm_vendor_cmds.h index 40c1849e86..83a0f700f5 100644 --- a/include/tpm_vendor_cmds.h +++ b/include/tpm_vendor_cmds.h @@ -153,6 +153,8 @@ enum vendor_cmd_cc { VENDOR_CC_GET_AP_RO_HASH = 56, + VENDOR_CC_GET_AP_RO_STATUS = 57, + LAST_VENDOR_COMMAND = 65535, }; |