diff options
-rw-r--r-- | common/ccd_config.c | 11 | ||||
-rw-r--r-- | include/ccd_config.h | 16 |
2 files changed, 22 insertions, 5 deletions
diff --git a/common/ccd_config.c b/common/ccd_config.c index a0f1ffe3e9..28262562e7 100644 --- a/common/ccd_config.c +++ b/common/ccd_config.c @@ -880,14 +880,16 @@ static enum vendor_cmd_rc ccd_open(struct vendor_cmd_params *p) } } else if (!board_battery_is_present()) { /* Open allowed with no password if battery is removed */ - } else if (board_vboot_dev_mode_enabled() && - !(p->flags & VENDOR_CMD_FROM_USB)) { + } else if ((ccd_is_cap_enabled(CCD_CAP_OPEN_WITHOUT_DEV_MODE) || + (board_vboot_dev_mode_enabled())) && + (ccd_is_cap_enabled(CCD_CAP_OPEN_FROM_USB) || + !(p->flags & VENDOR_CMD_FROM_USB))) { /* * Open allowed with no password if dev mode enabled and - * command came from the AP. + * command came from the AP. CCD capabilities can be used to + * bypass these checks. */ } else { -#ifndef CONFIG_CCD_OPEN_PREPVT /* * - Password not set * - Battery is present @@ -895,7 +897,6 @@ static enum vendor_cmd_rc ccd_open(struct vendor_cmd_params *p) */ why_denied = "nopwd"; goto denied; -#endif } /* Fail and abort if already checking physical presence */ diff --git a/include/ccd_config.h b/include/ccd_config.h index 240feb5240..fdcb1e20ff 100644 --- a/include/ccd_config.h +++ b/include/ccd_config.h @@ -100,6 +100,12 @@ enum ccd_capability { /* Read-only access to hash or dump EC or AP flash */ CCD_CAP_FLASH_READ = 16, + /* Allow ccd open without dev mode enabled */ + CCD_CAP_OPEN_WITHOUT_DEV_MODE = 17, + + /* Allow ccd open from usb */ + CCD_CAP_OPEN_FROM_USB = 18, + /* Number of currently defined capabilities */ CCD_CAP_COUNT }; @@ -130,6 +136,14 @@ struct ccd_capability_info { enum ccd_capability_state default_state; }; +#ifdef CONFIG_CCD_OPEN_PREPVT +/* In prepvt images always allow ccd open from the console without dev mode */ +#define CCD_CAP_STATE_OPEN_REQ CCD_CAP_STATE_ALWAYS +#else +/* In prod images restrict how ccd can be opened */ +#define CCD_CAP_STATE_OPEN_REQ CCD_CAP_STATE_IF_OPENED +#endif + #define CAP_INFO_DATA { \ {"UartGscRxAPTx", CCD_CAP_STATE_ALWAYS}, \ {"UartGscTxAPRx", CCD_CAP_STATE_ALWAYS}, \ @@ -151,6 +165,8 @@ struct ccd_capability_info { {"UpdateNoTPMWipe", CCD_CAP_STATE_ALWAYS}, \ {"I2C", CCD_CAP_STATE_IF_OPENED}, \ {"FlashRead", CCD_CAP_STATE_ALWAYS}, \ + {"OpenNoDevMode", CCD_CAP_STATE_OPEN_REQ}, \ + {"OpenFromUSB", CCD_CAP_STATE_OPEN_REQ}, \ } #define CCD_STATE_NAMES { "Locked", "Unlocked", "Opened" } |