diff options
| author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2020-06-15 15:31:09 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-06-16 18:08:46 +0000 |
| commit | 770e5cecfdc2ddd761b5b1cdb78e29c936e6cb92 (patch) | |
| tree | 6585847ca515b9316b920e08ad06e69e80953321 /include | |
| parent | b239403fed9873dd5a1b297d061ecded0c7a0804 (diff) | |
| download | chrome-ec-770e5cecfdc2ddd761b5b1cdb78e29c936e6cb92.tar.gz | |
console: add service functions to enable/disable console output
FIPS 140-2 certification requires that security related output from
module should be disabled until completion of known-answer tests.
However, it's tricky to justify what output is security related, as
most of output data can be used to track current execution stage which
may be helpful for attacker. So, its safer to disable any output for
a short time once internal testing is done.
Provide console_disable_output() and console_enable_output()
functions which are supposed to be used by board initialization code
driving FIPS mode initialization.
BUG=b:138577539
TEST=manual; make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I42902acef7a5e99142ce2b6517ae511f63206e93
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2247103
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/console.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/include/console.h b/include/console.h index f0367f7ffe..1bc46c1fd0 100644 --- a/include/console.h +++ b/include/console.h @@ -151,6 +151,16 @@ void cflush(void); void console_has_input(void); /** + * Disable console output by disabling all channels + */ +void console_disable_output(void); + +/** + * Enable console output to default channels + */ +void console_enable_output(void); + +/** * Register a console command handler. * * @param name Command name; must not be the beginning of another |