diff options
| -rw-r--r-- | board/cr50/board.c | 5 | ||||
| -rw-r--r-- | common/ap_ro_integrity_check.c | 17 | ||||
| -rw-r--r-- | include/ap_ro_integrity_check.h | 6 | ||||
| -rw-r--r-- | include/flash_log.h | 1 |
4 files changed, 28 insertions, 1 deletions
diff --git a/board/cr50/board.c b/board/cr50/board.c index bc19800758..2ddc4ae2dd 100644 --- a/board/cr50/board.c +++ b/board/cr50/board.c @@ -2,6 +2,7 @@ * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ +#include "ap_ro_integrity_check.h" #include "board_id.h" #include "ccd_config.h" #include "clock.h" @@ -1240,6 +1241,10 @@ static void key_combo0_irq(void) hook_call_deferred(&board_reboot_ec_data, 0); } +#ifdef CONFIG_AP_RO_VERIFICATION + ap_ro_clear_ec_rst_override(); +#endif + CPRINTS("Recovery Requested"); } DECLARE_IRQ(GC_IRQNUM_RBOX0_INTR_BUTTON_COMBO0_RDY_INT, key_combo0_irq, 0); diff --git a/common/ap_ro_integrity_check.c b/common/ap_ro_integrity_check.c index 44d7145b4f..c08faa3eeb 100644 --- a/common/ap_ro_integrity_check.c +++ b/common/ap_ro_integrity_check.c @@ -325,6 +325,8 @@ static const struct ap_ro_check *p_chk = * reset. */ static enum ap_ro_status apro_result = AP_RO_NOT_RUN; +static uint8_t apro_fail_status_cleared; + /* * In dev signed Cr50 images this is the hash of @@ -501,6 +503,7 @@ void ap_ro_device_reset(void) ec_rst_override()) return; CPRINTS("%s: clear apro result", __func__); + apro_fail_status_cleared = 0; apro_result = AP_RO_NOT_RUN; } @@ -1408,9 +1411,20 @@ static void release_ec_reset_override(void) enable_sleep(SLEEP_MASK_AP_RO_VERIFICATION); } +/* Only call this through a key combo. */ +void ap_ro_clear_ec_rst_override(void) +{ + if (!ec_rst_override()) + return; + apro_fail_status_cleared = 1; + release_ec_reset_override(); + ap_ro_add_flash_event(APROF_FAIL_CLEARED); + CPRINTS("%s: done", __func__); +} + int ec_rst_override(void) { - return apro_result == AP_RO_FAIL; + return !apro_fail_status_cleared && apro_result == AP_RO_FAIL; } @@ -1421,6 +1435,7 @@ static uint8_t do_ap_ro_check(void) bool v1_record_found; apro_result = AP_RO_IN_PROGRESS; + apro_fail_status_cleared = 0; support_status = ap_ro_check_unsupported(true); if ((support_status == ARCVE_BOARD_ID_BLOCKED) || (support_status == ARCVE_FLASH_READ_FAILED)) { diff --git a/include/ap_ro_integrity_check.h b/include/ap_ro_integrity_check.h index cb01017dcc..dbc6644d47 100644 --- a/include/ap_ro_integrity_check.h +++ b/include/ap_ro_integrity_check.h @@ -41,4 +41,10 @@ int ap_ro_board_id_blocked(void); */ void ap_ro_device_reset(void); +/* + * Clear the AP RO result and release the EC from reset. This should only be + * done through a key combo. + */ +void ap_ro_clear_ec_rst_override(void); + #endif /* ! __CR50_INCLUDE_AP_RO_INTEGRITY_CHECK_H */ diff --git a/include/flash_log.h b/include/flash_log.h index 30bd326712..0ece03415d 100644 --- a/include/flash_log.h +++ b/include/flash_log.h @@ -101,6 +101,7 @@ enum ap_ro_verification_ev { APROF_CHECK_FAILED = 6, APROF_CHECK_SUCCEEDED = 7, APROF_CHECK_UNSUPPORTED = 8, + APROF_FAIL_CLEARED = 9, }; struct ap_ro_entry_payload { |