| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update documentation to use `futility flash` instead of flashrom.
`futility flash` encapsulates low-level writeprotect logic, making it
more robust and easier to use than raw flashrom commands.
This commit also fixes documentation that incorrectly states that
`flashrom --wp-status` will check HW WP status; it only checks SW WP
status.
BUG=b:280362324
TEST=tested new commands
Change-Id: I78566f2319b8060b25436d70b52c48e94ae7ff29
Signed-off-by: Nikolai Artemiev <nartemiev@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4514137
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Matthew Blecker <matthewb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=none
Change-Id: I1dea7f32a70dfcd7a94d56f174a259c4124c4a93
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4500849
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a redirect link from original _cr50 to _gsc page to catch any
external links that point to the old location until they are
all updated.
BUG=b:275544927
TEST=none
Change-Id: Ic77ed3600464ed3cc28f31ac19e3630668ac2a32
Signed-off-by: Jett Rink <jettrink@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4470848
Commit-Queue: Jett Rink <jettrink@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Jett Rink <jettrink@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This tag is useless and is being dropped from a few remaining Chrome
OS git trees where it is still required.
BUG=none
TEST=repo uploading this patch did not complain about the missing tag
Change-Id: I225a9d6da08c030150db5eac9c17f78a08b251c1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4497835
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:265809963
TEST=none
Change-Id: I5468422f44382cf1f246e083ce658c0290c20341
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4496379
Reviewed-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:275356839
TEST=localhost ~ # gsctool -aD --factory_config
chassis_x_branded: false
hw_x_compliance_version: 08
raw value: 1122334455667788
Change-Id: I8b75886d22f921671160aa62a02d9872933200e1
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4477485
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=b:273347276
TEST=gsctool -aD --get_time
Change-Id: I7099b65949ea3da6b8c9ff2c8baab59db28c56c5
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4475134
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Jett Rink <jettrink@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently EPS seed when created during endorsement is immediately stored
to flash and copied to global state of TPM. However, its length in state
is not set. It seems that it was ok as state eventually was reloaded
from NV and size updated. But if TPM receives command shortly after
boot this may not be the case.
BUG=b:278028110,b:262324344
TEST=make; TCG tests
Change-Id: Ifac259ea3817d6d139d9b5ba2af4fc66d07df4ef
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4489113
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
| |
BUG=b:279784755
TEST=none
Change-Id: I475c44b47637a262c41316b02ab7c1748b865031
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4484785
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pinweaver needs a timer that counts through deep sleep. This change
keeps track of the time since cold boot in PWRDN_SCRATCH23. Before the
low speed timer is cleared during init add the value to PWRDN_SCRATCH23.
BUG=b:262036852,b:279759625
TEST=manual
After hard reset the cold reset time and system time should be
the same.
> sysinfo
Reset flags: 0x00000800 (hard)
Reset count: 0
> get
Time: 0x0000000006628dd7 = 107.122135 s
since cold_reset: 107 s
Verify the cold reset timer keeps counting during deep sleep.
dut-control cold_reset:on
[138.415843 AP off]
[Reset cause: hibernate wake-pin]
[Image: RW, ...
[0.003864 Inits done]
[0.009647 init_jittery_clock_locking_o...
[0.039134 init took 22838]
> get
Time: 0x0000000000bf3e3a = 12.533306 s
since cold_reset: 150 s
> sysi
Reset flags: 0x00000140 (hibernate wake-pin)
Verify cold reset and system time are the same after H1_RST_L
is pulsed
dut-control gsc_reset:on gsc_reset:off
> get
Time: 0x00000000001cdea9 = 1.892009 s
since cold_reset: 1 s
> sysi
Reset flags: 0x00000008 (power-on)
Reset count: 1
Change-Id: Ie57324880c8b8068ddff62760848e161b2df903d
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4093120
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
0xffffffff is the maximum source time. Define a constant and use it
everywhere the source time is referenced.
BUG=b:262036852
TEST=none
Change-Id: I788515261ec8a1e810cc1fa1983ee348dbe091c4
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4481392
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL checks if the space was defined but not written, and if so,
returns TPM_READ_NOT_FOUND from read_tpm_nvmem().
BUG=b:276384456
TEST=with crrev.com/c/2494503, verify that calling chkfwmp
prints "read_tpm_nvmem: object at 0x100a not written"
and then the following when the space is not written:
```
FWMP read result: 1
ccd unlock allowed: 1
policy update allowed: 1
```
To create an unwritten space, run
tpm_manager_client define_space --index=0x100a --size=40
Change-Id: I8eff2be8da1e28204216d4dbbd54e57e8a8127b3
Signed-off-by: Andrey Pronin <apronin@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4483017
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Auto-Submit: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=b:273347276
TEST=build
Change-Id: I115030362a5f3a7c04d88e020382cc9de42a787a
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4475133
Reviewed-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:278264277
TEST=none
Change-Id: I8d46b034bd68acce361e4fef6ffb947b31ba5ea2
Signed-off-by: Jett Rink <jettrink@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4472394
Auto-Submit: Jett Rink <jettrink@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Jett Rink <jettrink@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the existing instruction that help a developer manually prepare
a cr50 image to be in the format that the rescue utility needs with a
link to the brescue.sh utility which automates the process.
BUG=b:275544927
TEST=none
Change-Id: I75ea0453233212e3326e5038764432620e29a0ed
Signed-off-by: Jett Rink <jettrink@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4470847
Commit-Queue: Jett Rink <jettrink@chromium.org>
Tested-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update doc to include Ti50 specific information and
generalize other sections.
BUG=b:275544927
TEST=none
Change-Id: I45765c652abffe93df6fd007445caef43ef581ea
Signed-off-by: Jett Rink <jettrink@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4424876
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Hou-Hsun Lee <hhlee@google.com>
Commit-Queue: Jett Rink <jettrink@chromium.org>
Tested-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=view in gitiles
Change-Id: Ia6002ecf09d744127b6868a9ba8ecc4fc91fdbc8
Signed-off-by: Matt Turner <msturner@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4470068
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Tom Hughes <tomhughes@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a reland of commit c0d219f6a26a3c379f90201dff4dac8f93c13467
Original change's description:
> gsctool: Use OpenSSL EVP API for compat
>
> The primitive `SHA_*` functions are marked deprecated in OpenSSL v3,
> which causes the build to fail (warnings treated as errors, as is good
> and proper). Using the EVP APIs should work both with OSSL v1 and v3,
> enabling us to upgrade to 3.
>
> BUG=b:275420721
> TEST=builds and tests pass
>
> Change-Id: I709309f9aadd2ec238d69ba40b4947619b0463c7
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4405312
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Tested-by: Chris Palmer <palmer@chromium.org>
> Commit-Queue: Chris Palmer <palmer@chromium.org>
Bug: b:275420721
Change-Id: I77d9cbafc638f32932b1049729d8b8bf0249c155
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4412089
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Chris Palmer <palmer@chromium.org>
Tested-by: Chris Palmer <palmer@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also run mdformat on file.
BUG=none
TEST=none
Change-Id: I8cf34ad6cf93f606df51c21e55ebf3d06b37eadd
Signed-off-by: Jett Rink <jettrink@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4472393
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Auto-Submit: Jett Rink <jettrink@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The single-letter arguments do not exist (anymore?).
BUG=none
TEST=view in gitiles
Change-Id: Id39fe6f0cecee3731c594516d8876c8883ae8c14
Signed-off-by: Matt Turner <msturner@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4469348
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:277611320
TEST=none
Change-Id: Ie7e55067afe774979a94e439a43c7b538b20249d
Signed-off-by: Jett Rink <jettrink@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4443266
Tested-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Jett Rink <jettrink@chromium.org>
Auto-Submit: Jett Rink <jettrink@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:278264277
TEST=none
Change-Id: Ie9ea45e85725d8a21e251a7a51ce210d3ad5e516
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4459720
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. -fconserve-stack costs 888 bytes (1.7K for CRYPTO_TEST=1) of code
size with unclear benefits. This option exists since initial commit
`e24fa592d` on 7 Dec 2011. Real stack usage after TCG tests is
sligthly reduced for TPM2 and CONSOLE tasks, slightly increased for
HOOKS task.
2. FIPS digest remains the same as FIPS module still compiles with this
option set. This has a penalty of ~200 bytes, but maintaining stable
digest is more important.
Before:
*** 3700 bytes in flash and 1100 bytes in RAM
Task Ready Name Events Time (s) StkUsed
0 R << idle >> 80000000 2622.363199 104/512
1 HOOKS 00000000 83.747318 664/1024
2 TPM 00000000 34.779582 7600/8192
3 R CONSOLE 00000000 0.338724 424/1024
After:
*** 4588 bytes in flash and 1100 bytes in RAM
Task Ready Name Events Time (s) StkUsed
0 R << idle >> 80000000 747.794338 104/512
1 R HOOKS 80000000 9.372003 704/1024
2 TPM 00000000 36.982134 7588/8192
3 R CONSOLE 00000000 0.428505 408/1024
BUG=b:277777628
TEST=make BOARD=cr50; tpm_test.py; TCG tests
Change-Id: I1ae1c8af6b0870b48f3f985476fa0a0d2b8f57d0
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4426791
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:274517542
TEST=none
Change-Id: I3238b87a4c7c30d2ecba303bcbb916f612169541
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4440808
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:278703558,b:268352167
TEST=set the fwmp. Verify the WP policy is updated and enforced.
Change-Id: I8cedfc14ecd5c51eed996abaa9f55098c6f3e673
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4440807
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move ap_ro_status to ap_ro_status.h from ap_ro_integrity_check.h so that
we could have enum ap_ro_status exposed to trunks and tpm_manager.
BUG=b:275524662
TEST=make buildall -j
Change-Id: Ibe0a6ef5de1fe63d9bb0a677b5902857109251fb
Signed-off-by: Ching-Kang Yen <chingkang@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4431682
Commit-Queue: Ching-Kang Yen <chingkang@chromium.org>
Tested-by: Ching-Kang Yen <chingkang@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
| |
BUG=b:267674073
TEST=none
Change-Id: Icbd9bb41f875f9d93ebeb6f14554401d88558e94
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4367526
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
| |
BUG=b:268352167
TEST=see bug
Change-Id: I3a4f2ae746cbc2e64df535c4c91b16cdbd7f292a
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4367525
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the FWMP WP policies whenever the fwmp is written or whenever the
AP comes out of reset. Add a board_fwmp_update_policies function that is
when TPM_RST_L is deasserted and called _plat__NvInformIndexDataChanged
shows the FWMP is written.
BUG=b:268352167
TEST=make buildall -j
Change-Id: Ia00a356b88a36fb879c208b248da08825f21abca
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4367524
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
| |
BUG=b:274517542
TEST=none
Change-Id: Ie709c8df7e99b22bb5b02512bca3a1e69d713d0c
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4433929
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Check the size of the field to determine what size each space is.
BUG=none
TEST=BOARD_ID size is still 12, SN DATA size is still 16, APRV size is
still 4, and FACTORY CFG size is still 8.
Change-Id: Ib01baa7a9b63c5d6cc99b5feff71f50095cac901
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4426795
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for reading the factory config from virtual nvmem. This
change uses the same index as ti50 --index=0x3fff06. There are two
indices that are reserved, but not implemented for cr50. This change
registers a REGISTER_DEPRECATED_CONFIG for VIRTUAL_NV_INDEX_RMA_BYTES
and VIRTUAL_NV_INDEX_WV_UDS_BYTES.
BUG=b:278118981,b:214065944
TEST=manual
Set the factory config to 0xface
Read the config from virtual nvmem
tpm_manager_client read_space --index=0x3fff06 --file=/tmp/contents
INFO tpm_manager_client: [main.cc(595)] ...
result: NVRAM_RESULT_SUCCESS
data: CEFA000000000000
}
RMA_BYTES and the WV_UDS_BYTES index still return nothing
tpm_manager_client read_space --index=0x3fff04 --file=/tmp/contents
INFO tpm_manager_client: [main.cc(595)] ...
result: NVRAM_RESULT_SUCCESS
data:
}
tpm_manager_client read_space --index=0x3fff05 --file=/tmp/contents
INFO tpm_manager_client: [main.cc(595)] ...
result: NVRAM_RESULT_SUCCESS
data:
}
Change-Id: I651f00851b1e60fe0f898fd75111be27b2bf497e
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4424877
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a 64 bit write once factory config space to info1. If the factory
has something they want to configure, they can use part of the space to
store that configration.
Right now nothing in cr50 uses the factory config space. If we need to
modify cr50 behavior based on the space value, we can add functionality
later. The factory just needs to set the bit in the factory config.
BUG=b:214065944
TEST=manual
Clear the Board ID
set the config to 0. Verify it does nothing
gsctool -a --factory_config 0
gsctool -a --factory_config
0
Set the flags
gsctool -ai 0xffffffff:0x10
Set the config to something
gsctool -a --factory_config 0x12345678cafecafe
gsctool -a --factory_config
12345678CAFECAFE
# Set it to the same thing. Verify cr50 returns EC_SUCCESS.
gsctool -a --factory_config 0x12345678cafecafe
gsctool -a --factory_config
12345678CAFECAFE
[40.114944 write_factory_config: ok.]
Try to set it to something else. Verify it's rejected because
the space is set.
gsctool -a --factory_config 0xcafe
[43.331302 write_factory_config: factory cfg already programmed]
gsctool -a --factory_config
12345678CAFECAFE
Set the Board ID Type
gsctool -ai ZZCR:0x10
Try to set the config again. Verify it's rejected because the
board id type is set.
gsctool -a --factory_config 0x12345678cafecafe
Factory config failed. (7)
gsctool -a --factory_config
12345678CAFECAFE
Change-Id: Ie816ebffcf6c24ad94bbcd2dc2f0c3936caafb11
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4424873
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=none
Change-Id: I38904ea19d451349c9fb062a7040ff0ed4863aff
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4426794
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per b/277777628 FIPS module build depends on value of `CC` env var,
which is not a desirable behavior.
1. Add -fconserve-stack to FIPS module builds explicitly to make sure
its digest is same as reported and doesn't depend on environment.
2. gcc specific option moved to core/cortex-m/build.mk
3. Verified that binutils workaround is still needed (b/238039591)
BUG=b:277777628, b:238039591
TEST=make BOARD=cr50; tpm_test.py, FIPS digest is the same
Change-Id: I664cee178de400efed3fe2e06b9b4b72f6ce6067
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4425068
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=wp vendor command is enabled in DBG images over usb. It's still
disabled in non-DBG images.
Change-Id: I2649edc71bf9a1c9c03ff3744ccb7beb60ab1ff9
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4367527
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove CONFIG_FLASH to save 1668 bytes in DBG images.
BUG=none
TEST=none
Change-Id: Ic8bc18107571f1e5c0d8d381b624cde6f1e5f05d
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4424872
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add '--factory_config' command to get the factory config if optarg is not
provided and set it if one is provided.
BUG=b:275356839
TEST=localhost ~ # gsctool -a --factory_config
EEDDCCBBAA998877
Failed because already set:
localhost ~ # gsctool -a --factory_config 001122334455667788
Factory config failed. (7)
Successful set:
localhost ~ # gsctool -a --factory_config
0
localhost ~ # gsctool -a --factory_config 001122334455667788
localhost ~ # gsctool -a --factory_config
1122334455667788
Change-Id: I128e9871eb2aece3a9173c5a6e31c2ce5a4d3cd0
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4404231
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
BUG=b:275356839
TEST=build
Change-Id: I6de6de6a43cfe45860bbe9b4aa7cce211da0166e
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4421422
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
| |
BUG=b:265310865
TEST=gsctool -aD --clog
Change-Id: Ifaeb6fcf97257bf525c0ad2ec84281f1d5718c24
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4409005
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit c0d219f6a26a3c379f90201dff4dac8f93c13467.
Reason for revert: We aren't ready to land this yet.
Original change's description:
> gsctool: Use OpenSSL EVP API for compat
>
> The primitive `SHA_*` functions are marked deprecated in OpenSSL v3,
> which causes the build to fail (warnings treated as errors, as is good
> and proper). Using the EVP APIs should work both with OSSL v1 and v3,
> enabling us to upgrade to 3.
>
> BUG=b:275420721
> TEST=builds and tests pass
>
> Change-Id: I709309f9aadd2ec238d69ba40b4947619b0463c7
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4405312
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Tested-by: Chris Palmer <palmer@chromium.org>
> Commit-Queue: Chris Palmer <palmer@chromium.org>
Bug: b:275420721
Change-Id: Ic702ee6cea62e1e854d2fcebc46e7bd59f41fb63
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4411763
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The primitive `SHA_*` functions are marked deprecated in OpenSSL v3,
which causes the build to fail (warnings treated as errors, as is good
and proper). Using the EVP APIs should work both with OSSL v1 and v3,
enabling us to upgrade to 3.
BUG=b:275420721
TEST=builds and tests pass
Change-Id: I709309f9aadd2ec238d69ba40b4947619b0463c7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4405312
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Chris Palmer <palmer@chromium.org>
Commit-Queue: Chris Palmer <palmer@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Due to large share of devices with slow TRNG increase timeout cycles
from 0x7ff to 0xfff.
2. Increase total reset attempts from 16 to 32.
2. Log number of resets.
BUG=b:211648605
TEST=make CRYPTO_TEST=1
Change-Id: Ib0f9472d6f84c39cd7576f374ab482e522a39809
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4380143
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Increase timeout from 700ms to 1000ms as we saw some timeouts of
unknown origin.
2. INT_STATE wasn't collected for timeouts, change when we get it.
3. Add address of function to log so we can identify source of failure.
BUG=b:273935442
TEST=make CRYPTO_TEST=1; tpm_test
Change-Id: Ifbb1ea5d52662a71d944baa9a7a189224529d85e
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4380209
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
| |
BUG=b:274512057
TEST=none
Change-Id: Ia619b34d6ca5fec997f62b4d96d14b2d9bc5b020
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4409342
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also renames the file to have the correct spelling.
go/ti50-fw-releases should be updated to match once this lands.
BUG=b:273367615
TEST=None
Change-Id: Ic330e83ef54494cf5b2e35ed23fcdd6e6497c0cc
Signed-off-by: Alyssa Haroldsen <kupiakos@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4404429
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Jett Rink <jettrink@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The pairing secret (Pk) used for biometrics PinWeaver protocol needs to
be cleared during TPM clear.
BUG=b:262040869
TEST=(with depended CL) pinweaver_client biometrics_selftest
Cq-Depend: chromium:4337481
Change-Id: Ie07869f75aea64a7950d04693722b74c11a913ca
Signed-off-by: Howard Yang <hcyang@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4344442
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit f4b79570b7b423cce8431ebdd2deae102db7a91b.
Reason for revert: This breaks the CQ b/277089899
Original change's description:
> gsctool: Add command to get or set factory config.
>
> Add '--factory_config' command to get the factory config if not optarg
> is provided and set it if one is provided.
>
> BUG=b:275356839
> TEST=localhost ~ # gsctool -a --factory_config
> EEDDCCBBAA998877
> Failed because already set:
> localhost ~ # gsctool -a --factory_config 001122334455667788
> Factory config failed. (7)
>
> Successful set:
> localhost ~ # gsctool -a --factory_config
> 0
> localhost ~ # gsctool -a --factory_config 001122334455667788
> localhost ~ # gsctool -a --factory_config
> 1122334455667788
>
> Change-Id: I69c3c6a9c5540d39d2a9fc02fc3702174229a77d
> Signed-off-by: Brian Granaghan <granaghan@google.com>
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4400915
> Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Bug: b:275356839
Change-Id: I9217cffe68808c2191d796f16864a9289b928f21
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4400343
Reviewed-by: Aaron Massey <aaronmassey@google.com>
Tested-by: Aaron Massey <aaronmassey@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add '--factory_config' command to get the factory config if not optarg
is provided and set it if one is provided.
BUG=b:275356839
TEST=localhost ~ # gsctool -a --factory_config
EEDDCCBBAA998877
Failed because already set:
localhost ~ # gsctool -a --factory_config 001122334455667788
Factory config failed. (7)
Successful set:
localhost ~ # gsctool -a --factory_config
0
localhost ~ # gsctool -a --factory_config 001122334455667788
localhost ~ # gsctool -a --factory_config
1122334455667788
Change-Id: I69c3c6a9c5540d39d2a9fc02fc3702174229a77d
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4400915
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add '-l' command to fetch GSC console logs and print them to stdsout.
BUG=b:268396021
TEST=localhost ~ # gsctool -aDl
Valid CCD config found
CCD_MODE: deasserted
AP RO verification result: setting unprovisioned
PLT_RST_L DEASSERTED
WARNING: with `AllowUnverifiedRo` disabled EC will be kept in reset in
future Ti50 versions
Unverified AP RO allowed
ERROR: failed to retrieve key ladder state, setting to dev
libtpm initialized
Deferring NV write.
Deferring NV write.
Servo: debouncing -> disconnected
Starting erase
Change-Id: I59db7ebba0517d89900f31451b0d919712d2c564
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4266190
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
