| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add nice strings for two new AP RO verification status codes.
Also make the unknown value match what is specified in ti50 (255)
BUG=none
TEST=make gsctool builds
Change-Id: I26399640dd2cc73d7f463f38e49e5234024c24fb
Signed-off-by: Jett Rink <jettrink@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4237256
Tested-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Jett Rink <jettrink@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Auto-Submit: Jett Rink <jettrink@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to incorrect flags for TPM2 objects U2F secrets were not fully
zeroized (however were overwritten with new owner). Doesn't affect G2F.
BUG=b:268382629
TEST=make CRYPTO_TEST=1 U2F_TEST=1
fips del
fips old
fips u2f # prints old keys
u2f_test # all tests passed
fips del
fips new
fips u2f # print new key size
u2f_test # all tests passed
fips del
fips u2f # prints 0 sizes for u2f secrets
Change-Id: I2549dd5fd20937170c9b8d87363d90b138fdc4dc
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4269450
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:269537147
TEST=none
Change-Id: Ic214e5f8b1424221d3b6d5aa8d08178cd722ab57
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4258271
Auto-Submit: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:260531154
BRANCH=none
TEST=none
Change-Id: I9e9cb4aadb7b59d7d1f64847d3e4852ca15f5b9e
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4160818
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Code-Coverage: Zoss <zoss-cl-coverage@prod.google.com>
Commit-Queue: Peter Marheine <pmarheine@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Evan Benn <evanbenn@chromium.org>
(cherry picked from commit 611a9ab148c8a56dbdbc4e2844a74fcbe63b0457)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4253167
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL allows FWMP update only in certain board states by adding
the appropriate checks to _plat__NvUpdateAllowed().
BUG=b:267674073
TEST=set specific PCR0 values using https://crrev.com/c/2494503,
verify that can update FWMP for normal/dev/recovery values,
cannot update for recovery+dev value.
Change-Id: Ie8999cf762cb36ddb0a155e1f241da3103c6af37
Signed-off-by: Andrey Pronin <apronin@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4241653
Tested-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL adds a trivial (always returns TRUE) callback to check
if platform allows TPM2 stack to update (modify or delete) a
specific nvmem index.
BUG=b:267674073
TEST=build
Change-Id: Iba51e15771de1350083a950041562070d813a1b5
Signed-off-by: Andrey Pronin <apronin@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4241651
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL adds get_tpm_pcr_value() for reading current PCR values.
BUG=b:267674073
TEST=build
Cq-Depend: chromium:4242409
Change-Id: I632cb13a3f44130f29b72cc4c22ea97a692ffad8
Signed-off-by: Andrey Pronin <apronin@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4241650
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adjust error codes to distinguish different places in key generation.
BUG=b:262324344
TEST=TCG tests
Change-Id: I33ef8b772821ad43cf8af1b33b6b49143eb24aef
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4199163
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mention that only certain reset types would trigger rescue attempts.
BUG=None
TEST=None
Change-Id: I6c8b7d331f5491cd8561e168e6a3e4531dcd15cf
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4194953
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This flag is set for logs that occur between a cold boot and AP
settings the base time. These logs will start with previous_timestamp+1
and have 1<<64 set to denote that the actual base time was unknown.
BUG=b:260779816
TEST=gsctool -a -L --dauntless with and without the unreliable timestamp
change in firmware
Change-Id: Iff87e7ca12c72b79a7b939967f266461a672ca66
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4143817
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:264704727
TEST=./firmware_builder.py --metrics /dev/null build
dry tun CQ
Change-Id: I51f8a9a7dcb5385aa3e76dffdcf80e356dd8cc86
Signed-off-by: Brian Granaghan <granaghan@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4143815
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 658729d9e338f6a970e46e69dc4c638d8ac7ccae.
Reason for revert: Breaks CQ builds. See http://b/264704727
Original change's description:
> gsctool: Add timestamp unreliable flag for dauntless.
>
> This flag is set for logs that occur between a cold boot and AP
> settings the base time. These logs will start with previous_timestamp+1
> and have 1<<64 set to denote that the actual base time was unknown.
>
> BUG=b:260779816
> TEST=gsctool -a -L --dauntless with and without the unreliable timestamp
> change in firmware
>
> Signed-off-by: Brian Granaghan <granaghan@google.com>
> Change-Id: Iac279a948c7f34ede711c3c334ec1410b34f040c
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4112943
> Reviewed-by: Edward Hill <ecgh@chromium.org>
> Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Bug: b:260779816
Change-Id: I9a497cc9e0f996182f7f18f93646b963d9cf5e31
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4144680
Tested-by: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Brian Granaghan <granaghan@google.com>
Owners-Override: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Edward Hill <ecgh@chromium.org>
Commit-Queue: Brian Granaghan <granaghan@google.com>
Auto-Submit: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Edward Hill <ecgh@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This flag is set for logs that occur between a cold boot and AP
settings the base time. These logs will start with previous_timestamp+1
and have 1<<64 set to denote that the actual base time was unknown.
BUG=b:260779816
TEST=gsctool -a -L --dauntless with and without the unreliable timestamp
change in firmware
Signed-off-by: Brian Granaghan <granaghan@google.com>
Change-Id: Iac279a948c7f34ede711c3c334ec1410b34f040c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4112943
Reviewed-by: Edward Hill <ecgh@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To help with AP RO verification testing, it would be convenient to
expose a `gsctool` command rather than point users at a cryptic
`trunks_send --raw` command. This patch adds a new `--reboot` flag
with an optional reset timeout parameter in milliseconds that sends the
TPMV reset immediate message to the GSC.
BUG=b:261857287
TEST=Ran the new command against the latest Ti50
```
$ gsctool -D --reboot
...
$ gsctool -D --reboot 1000
...
$ gsctool -D --reboot 1001
Error 1 sending immediate reset command
```
Signed-off-by: Matt Vertescher <mvertescher@google.com>
Change-Id: I5c101f37579e37b5ee7dc9241b6fbff07cff6947
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4114560
Reviewed-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:257997543
TEST=none
Change-Id: I117f12872c91135ab7902b9e63ce5af5f79e7f15
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4103620
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=none
Change-Id: I55e7afbd9e5121f5e274723b55251fa24cd1e80a
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4083154
Reviewed-by: Andrew Luo <aluo@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Labstation images don't have cros_build_lib, so flash_cr50 can't run on
them. Replace cros_build_lib, so flash_cr50 can run on labstations.
BUG=none
TEST=run on labstation
Change-Id: I6cab324952ef1b2f4a87b22ebd55f5a9cbaf7798
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4083152
Reviewed-by: Andrew Luo <aluo@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for using brescue to update gsc over uart. Ti50 images have
a different format, so the rw_hex support flash_cr50.py support doesn't
work. brescue already has support for ti50 images. Use that instead of
replicating the brescue logic.
BUG=b:260764993
TEST=./util/flash_cr50.py -r pch_disable -p 9999 -i
/opt/google/cr50/firmware/cr50.bin.prod -c brescue
Change-Id: Iec4ada15bb5a7913ab0e476a6ffe4f4334ed4d9f
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4083151
Reviewed-by: Andrew Luo <aluo@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some change in ChromeOS chroot caused different defaults, so cc-name
switched from `gcc` to `clang` in compiler autodetection for host
target, but never was set to `gcc` by board/chip/core.
Adding setting `cc-name:=gcc` for core/cortex-m/build.mk to use specific
toolchain.
BUG=b:260904818
TEST=make buildall -j
Change-Id: Ic0b8ffade9fa4d82bd265add8b7906be7d98f7c1
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4071387
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:257997543
TEST=none
Change-Id: I9b76a48f6b67ed2b5b6a95d24bfe2f742b799344
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4066235
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a board can't read ap flash reliably, then it won't be able to find
the fmap. Print a message, so it's easier to tell what's happening.
BUG=none
TEST=none
Change-Id: I6bdc1a4a927090e427b9c84b63b87aff4e8e4e1c
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4068960
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If usb_spi_sha256_update returns something other than EC_SUCCESS, fail
verification.
BUG=b:260878795
TEST=add a delay to make spi_hash timeout. Verify cr50 fails
verification.
Change-Id: I4ba750748eb131046828f642b9736ed62a781789
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4066233
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Boards with large RO regions may take more than a minute to go through
every AP RO verification factory flag. Increase the timeout to 10
minutes. No boards should take that long to run verification.
BUG=b:236844541,b:260878795
TEST=run firmware_GSCAPROV1Trigger on zork
Change-Id: I94110b33acee746bb319c4829e627d7b511306e6
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4066234
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is necessary to allow the user to set certain capabilities using
gsctool. Which exactly capabilities can be set and to which values is
determined by the policies enforced by the chip, gsctool should
provide a generic way of setting any existing capability to any legal
value.
The 'AllowUnverifiedRo' capability stands out, because it might
require the operator's physical presence confirmation, similar to the
'ccd open' case.
A new vendor subcommand is being added to pass desired capability and
value to Ti50, as three byte payload the version, the capability and
the value. Version and value are mapped by Ti50 into the appropriate
enums.
All available capability names can be seen in the output of 'gsctool
-D -I', the accepted values are 'Default', 'IfOpened', and 'Always'.
The new functionality is achieved by allowing the 'I' command line
option to accept an optional argument, a string in the form of
'<capability name>:<desired value>', where both parts of the string
can be abbreviated and will be accepted case insensitive unless the
abbreviation is ambiguous.
Since this option is supported only by Ti50, gsctool will enforce the
default Ti50 USB device ID when running this command over USB and in
case of errors will remind the user that the setting capabilities is
not supported on Cr50.
BUG=b:257253538
TEST=tried running the command on Ti50 implementing support of the new
vendor subcommand.
# Attempt to set when CCD is locked
$ gsctool -D -I | grep State
State: Locked
$ gsctool -I UartGscRxAPTx:always
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Got error 7(NotAllowed)
# Attempt to set to the current value when CCD is open
$ gsctool -D -I | grep State
State: Opened
$ gsctool -I UartGscRxAPTx:always
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
# attempt to use ambiguous capability name
$ gsctool -I UartGscRx:always
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Ambiguous capability name
# Attempt to use incorrect value abbreviation
$ gsctool -I UartGscRxAPTx:x
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Unsupported capability value
# Various attempts to set AllowUnverifiedRo. Transitions from
# default -> ifOpened -> Always require PP, transitions in the
# opposite direction do not.
$ gsctool -I allow:d
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
$ gsctool -I allow:if
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Another press will be required!
Press PP button now!
Press PP button now!
Press PP button now!
Press PP button now!
Press PP button now!
Press PP button now!
Press PP button now!
PP Done!
$ gsctool -I allow:a
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Another press will be required!
Press PP button now!
Press PP button now!
Press PP button now!
Press PP button now!
Press PP button now!
Press PP button now!
PP Done!
$ gsctool -I allow:d
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
$
- also validated that misformatted capability/value combinations are
rejected as expected:
$ gsctool -I xyz:
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Misformatted capability parameter: xyz:
$ gsctool -I :xyz
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Misformatted capability parameter: :xyz
$ gsctool -I xyz
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Misformatted capability parameter: xyz
$ gsctool -I x:yz
finding_device 18d1:504a
Found device.
found interface 3 endpoint 4, chunk_len 64
READY
-------
Unknown capability name
- tried setting capabilities when running on Brya, observed expected
error messages.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I803440501d0e3af3c2a645b52b42970b54695701
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4010705
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The watchdog ccd name changed from ccd to ccd_cr50. Modify flash_cr50 to
support both.
BUG=none
TEST=update hdctools and use flash_cr50
Change-Id: Ieafeac1275c582ec86a94a05cc7a31c216e3420b
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4024801
Reviewed-by: Ziting Shen <zitingshen@google.com>
Commit-Queue: Ziting Shen <zitingshen@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the ability to get and set the AP RO verification
write protect descriptors registers from `gsctool` by adding a new `-E`
command flag with an optional argument.
BUG=b:250972056
TEST=Running gsctool locally to set and get the write protect
descriptors to verify communication and handlers are working
properly:
$ gsctool -D -E
...
not provisioned
$ gsctool -D -E "0xff 0xf"
...
expected values: 1: ff & 0f
$ gsctool -D -E "ff 0f f"
...
Invalid the write protect descriptors hex string length
$ gsctool -D -E "ff f 0x00 ff"
...
$ gsctool -D -E
...
expected values: 1: ff & 0f, 2: 00 & ff
$ gsctool -D -E "0xff 0xf 0x00 0xff 0xf0 f0"
...
$ gsctool -D -E
...
expected values: 1: ff & 0f, 2: 00 & ff, 3: f0 & f0
Signed-off-by: Matt Vertescher <mvertescher@google.com>
Change-Id: I0d7cc6a98d6cf442592a1b9b81ef1c86193dd068
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3983416
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Jett Rink <jettrink@chromium.org>
Reviewed-by: Jett Rink <jettrink@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The getopt_long() library function returns '?' (decimal 63) in case
there is a command line parameter with required value, but there is no
value in the command line.
gsctool is printing "could not find long opt table index for 63" in
this case, which is misleading. This patch changes error message to
make sense.
BUG=none
TEST=before this change running './gsctool -D -R' results in
"could not find long opt table index for 63"
after this change error message is
"Command line error, parameter argument missing"
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I5b1a8fda62a7edd673ea1181efb73108677b77d1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4010704
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:257997543
TEST=none
Change-Id: Ic853b1142a1d1255d26ef0795475020cdd3138ec
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4009998
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The size of auth_time_secret_hash should be SHA256_DIGEST_SIZE, not
U2F_AUTH_TIME_SECRET_SIZE, though they are the same now. This will make
the userland check more consistent with the actual constants used in the
header.
Also, the CORP_SALT_SIZE is defined incorrectly and never used, fix it
to the correct value and use it in the struct field size.
BUG=None
TEST=make buildall -j
Change-Id: I22dcf2cfd46819475ca916e0b0c3dcd5b3369b19
Signed-off-by: Howard Yang <hcyang@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4007998
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the console is locked, return EC_ERROR_ACCESS_DENIED instead of
EC_ERROR_PARAM1, so the behavior is consistent with other commands.
BUG=b:251207798
TEST=run rddkeepalive enable when the console is locked.
Change-Id: I65e210052afc197899873f3e1079c7dc5b791c58
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4009999
Reviewed-by: Jett Rink <jettrink@chromium.org>
Commit-Queue: Jett Rink <jettrink@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the ability to get and set the AP RO verification
SPI read/write addressing mode configuration setting from `gsctool` by
adding a new `-C` command flag with an optional argument.
BUG=b:250972056
TEST=Running gsctool locally to set and get the SPI addressing mode to
verify communication and handlers are working properly:
$ gsctool -D -C 3byte
...
$ gsctool -D -C
...
3byte
$ gsctool -D -C 4byte
...
$ gsctool -D -C
...
4byte
Change-Id: I2ad4af65615310cf1477adfda7df1bfdf0e0a914
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3966474
Tested-by: Matt Vertescher <mvertescher@google.com>
Reviewed-by: Alyssa Haroldsen <kupiakos@google.com>
Auto-Submit: Matt Vertescher <mvertescher@google.com>
Commit-Queue: Matt Vertescher <mvertescher@google.com>
Reviewed-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
AP RO verification fails pretty quickly if the v1 check data or gbb data
is corrupted. Prevent releasing EC_RST_L for 60 seconds after AP RO
verification fails. This way the user won't accidentally clear the AP RO
status while triggering AP RO verification.
BUG=b:236844541
TEST=save invalid gbbd data. Verify cr50 rejects releasing EC_RST_L for
one minute.
[14.246295 RO Validation triggered]
[14.248630 do_ap_ro_check: found v1 data]
[14.250152 enable_spi_pinmux: AP]
[14.253627 spi_hash_pp_done: AP]
[14.254688 do_ap_ro_check: bad gbbd]
[14.256019 spi_hash_disable]
[14.257102 AP RO FAILED! evt(13)]
[14.733604 AP off]
[15.782028 ap_ro_clear_ec_rst_override: too soon]
[15.782978 Recovery Requested]
[16.953887 ap_ro_clear_ec_rst_override: too soon]
[16.954856 Recovery Requested]
[76.268520 power button pressed]
[76.524902 ap_ro_clear_ec_rst_override: done]
[76.525802 Recovery Requested]
[76.593330 Refresh press registered]
[76.757183 AP UART on]
[76.897575 Power button released, RO Check Detection stopped]
[77.147407 deferred_tpm_rst_isr]
Change-Id: Ifcdf37df228fe21e6ff0810393e49d6adb2b076a
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3949624
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Key combo0 needs to be enabled on all boards, so it can be used to
release the device from reset after AP RO verification fails.
BUG=b:236844541
TEST=pwrb + refresh releases ec rst after AP RO verification failed on
hatch
Change-Id: If5d434a32aba09fd4af85cd668d34997d5851216
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4009402
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It shouldn't be possible to have an unsupported ap_ro_check type and
the data shouldn't get corrupted. Fail verification, so the user can
tell that something is wrong. If the space is empty or the board id is
blocked, still treat verification as unsupported and allow the device to
boot.
Move the AP RO failed processing into a function, so cr50 can fail
immediately.
BUG=none
TEST=manual
use a DBG image to write ap_ro_check data with the wrong type.
Verify verification fails immediately
[65.918056 RO Validation triggered]
[65.920169 ap_ro_check_unsupported: unable to read ap ro space]
[65.922733 do_ap_ro_check: bad v1 data]
[65.924049 enable_spi_pinmux: AP]
[65.927314 spi_hash_pp_done: AP]
[65.928829 spi_hash_disable]
[65.929904 AP RO FAILED!]
Erase V1 data. Check verification is skipped because it's
unsupported.
[3.724384 RO Validation triggered]
[3.726524 ap_ro_check_unsupported: RO verification not programmed]
[3.728363 do_ap_ro_check: unsupported]
[3.906272 AP UART on]
[4.296054 deferred_tpm_rst_isr]
[4.297027 AP on]
[4.297588 tpm_reset_request(0, 0)]
[4.298374 tpm_reset_now(0)]
[4.299095 Committing NVMEM changes.]
Write V1 data normally. Check verification runs normally.
[35.977050 RO Validation triggered]
[35.978744 do_ap_ro_check: found v1 data]
[35.979732 enable_spi_pinmux: AP]
[35.982574 spi_hash_pp_done: AP]
[35.983276 get_saved_gbbd: not programmed]
[36.145401 validate_gbb_flags: ok]
[36.146457 Using 0 for GBB flags.]
[36.147239 usb_spi_sha256_update: c00000:500c]
[36.190986 usb_spi_sha256_update: c05010:3faff0]
[43.365467 matched gbb 0]
[43.367374 do_ap_ro_check: saved gbbd]
[43.368988 spi_hash_disable]
[43.370231 AP RO PASS!]
Change-Id: I9be2a900dc69009b40c32e12dec250e54977a08a
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4004357
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
AP RO V2 is disabled in cr50. Comment out the GSCVD type since it's
unused. Keep it in the code, so it won't get used in the future.
BUG=none
TEST=make buildall -j
Change-Id: Ib850356d7d076555f5630e88785a32542686e208
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4004765
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Save the GBBD in AP RO flash after verification passes. It takes a while
to cycle through all of the factory flags. If Cr50 successfully matches
the saved AP RO hash with injected factory flags, save the flags to save
for future runs.
The gbb descriptor data is saved 512 bytes after the start of the AP RO
check data. The max v1 size is currently 296 bytes, so there's extra
room if we need to increase the AP RO check data size. The entire AP RO
data space is 2048, so there's a lot of extra space after the gbb
descriptor if we need to add more stuff.
BUG=b:236844541
TEST=manual
# erase hash
> ap_ro_info erase
# set the GBB flags to 0x239
/usr/share/vboot/bin/set_gbb_flags.sh 0x239
# add test key to RO_VPD
vpd -i RO_VPD -s "apro_test=original"
# save hash
ap_ro_hash.py WP_RO
# trigger verification. Make sure it fails because the flags
# are 0x239
[200.425891 RO Validation triggered]
...
[200.481670 AP RO FAILED!]
# set the GBB flags to 0
/usr/share/vboot/bin/set_gbb_flags.sh 0
# change test RO_VPD key. make sure verification fails.
vpd -i RO_VPD -s "apro_test=wrong"
[3.822818 RO Validation triggered]
...
[61.407680 spi_hash_disable]
[61.407955 AP RO FAILED!]
[61.418949 AP off]
# restore test RO_VPD key.
vpd -i RO_VPD -s "apro_test=original"
# trigger verification. Make sure it passes and saves the gbbd.
[3.822818 RO Validation triggered]
[3.825035 enable_spi_pinmux: AP]
...
[25.695068 spi_hash_disable]
[25.696224 AP RO PASS!]
# check saved gbbd shows 0x239
> ap
result : 6
gbb : saved (0x239)
supported : yes
...
# Trigger verification. Verify Cr50 just uses 0x239
[356.968860 RO Validation triggered]
[356.969795 enable_spi_pinmux: AP]
...
[364.289047 AP RO PASS!]
# change test RO_VPD key make sure verification fails.
vpd -i RO_VPD -s "apro_test=wrong"
[213.868492 RO Validation triggered]
...
[221.192661 AP RO FAILED!]
# erase the AP RO data. Verify gbbd gets cleared
> ap_ro_info erase
result : 6
[400.206562 ap_ro_check_unsupported: RO verification not programmed]
supported : no
> ap
result : 6
[403.772743 ap_ro_check_unsupported: RO verification not programmed]
supported : no
>
Change-Id: Iad8cfd4a448c2e5798a94aa8b4e3a735281eb849
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3915000
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement AP RO Verification V2 status that ti50 will send via the same
TPM Vendor command: VENDOR_CC_GET_AP_RO_STATUS
See ti50 impl in chrome-internal:5070449
BUG=b:256892104
TEST=manually verified all V2 return values from ti50
Change-Id: I95c071046054075c045d8e698946dc81e55c64dd
Signed-off-by: Jett Rink <jettrink@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3999806
Tested-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Jett Rink <jettrink@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A followup CL is going to add gbb data after the ap ro check payload.
Define ap_ro_check_payload with the maximum number of AP RO ranges, so
there is enough space between the AP RO check v1 data and the gbb
descriptor.
BUG=b:236844541
TEST=cr50 can validate existing AP RO data and save new data. Check one
range and 32 ranges.
Change-Id: I1faff319644b5c6aa531e500d3d60b4ce9c170ee
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3949615
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We'll need to reuse this code. Move it to its own function.
BUG=b:236844541
TEST=erase the hash, write it, and trigger verification. Make sure
ap_ro_info looks ok after reboot.
Change-Id: If49fff3ad7e56d8685e08b480301e439fa715241
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3914999
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The AP RO flags may have been non-zero when the factory generated the
hash. The stored hash will not match finalized firmware since it was
generated with non-zero gbb flags and the gbb flags are set to 0 during
finalization.
Cr50 can try to match the saved hash by using factory flags to calculate
the AP RO hash. As long as the GBB flags are actually set to 0 it should
be ok to try calculating the hash with a limited set of possible factory
flags. Try to match the saved hash using GBB flags 0 to calculate the
hash. If that doesn't match, cycle through the rest of the possible
factory flags to see if any of them generate the saved hash. If none of
the factory flags work, fail verification.
This change adds 8 possible factory flag values: 0, 0x39, 0x239, 0x1039,
0x50b9, 0x40b9, 0x52b9, and 0x42b9
BUG=b:236844541,b:230071229
TEST=manual
# add 0x42b9 possible_factory_flags
# Set GBB flags to 0x42b9
/usr/share/vboot/bin/set_gbb_flags.sh 0x42b9
# save the hash with GBB 0x42b9
ap_ro_hash.py FMAP GBB
# Verify AP RO verification fails because flags are 0x42b9
[349.029624 enable_spi_pinmux: AP]
[349.030178 tpm_rst_asserted]
[349.032382 spi_hash_pp_done: AP]
[349.137962 validate_gbb: invalid flags 42b9]
# reboot cr50 to release ec reset
> reboot
# Set GBB flags to 0
/usr/share/vboot/bin/set_gbb_flags.sh 0
# Verify ap ro verification passes.
Change-Id: I17d191abada342263ea246911ce47ac24dbb940c
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3840653
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A future cl will call usb_spi_sha256_update in more places. Move the
range print statement into usb_spi_sha256_update, so we don't need to
print the range in multiple places later.
BUG=b:236844541
TEST=make -j BOARD=cr50
Change-Id: I9475d14ea0d65be1ad68f606252d50d9af964253
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3840652
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change verifies the GBB flags are 0. Before running verification
find the GBB flags using FMAP. Read the flags and verify they're 0. If
they are continue with verification. If verification passes, set the
status to AP_RO_PASS instead of AP_RO_PASS_UNVERIFIED_GBB.
BUG=b:236844541
TEST=manual
# Set GBB flags to 0x42b9
/usr/share/vboot/bin/set_gbb_flags.sh 0x42b9
# save the hash with GBB 0x42b9
ap_ro_hash.py WP_RO
# Verify AP RO verification fails because flags are 0x42b9
[72.692916 RO Validation triggered]
[72.694034 enable_spi_pinmux: AP]
[72.696472 spi_hash_pp_done: AP]
[72.747348 validate_gbbd: invalid flags 42b9]
[72.748043 spi_hash_disable]
[72.748325 AP RO FAILED!]
# reboot cr50 to release ec reset
> reboot
# Set GBB flags to 0
/usr/share/vboot/bin/set_gbb_flags.sh 0
# Verify ap ro verification passes.
[11.887981 RO Validation triggered]
[11.890193 enable_spi_pinmux: AP]
[11.893215 spi_hash_pp_done: AP]
[11.944625 validate_gbbd: ok]
[11.945545 validate_ranges_sha: 0:400000]
[12.001037 AC: -F]
[19.201118 spi_hash_disable]
[19.202487 AP RO PASS!]
[19.212337 AP off]
[19.264606 CCD state: UARTEC+TX]
# Verify verification fails if the FMAP isn't in the hash.
# Set the hash
ap_ro_hash.py COREBOOT GBB
# Trigger verification. It should fail because the fmap isn't in
# the hash.
[87.274055 RO Validation triggered]
[87.275653 enable_spi_pinmux: AP]
[87.278614 spi_hash_pp_done: AP]
[87.329715 init_gbbd: FMAP(3c0000:47c) not in hash.]
[87.367118 combo0 efs rst]
[87.367698 Recovery Requested]
[87.388858 AC: -F]
[87.544731 init_gbbd: FMAP(13c0000:47c) not in hash.]
[87.707511 spi_hash_disable]
[87.708415 AP RO FAILED!]
Change-Id: I3f53272a9c1aa1e82df16461dd4ac6577e4060c8
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3840651
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to match the copy in ToT EC repo.
BUG=b:227228605
TEST=script works with python3
Signed-off-by: Edward Hill <ecgh@chromium.org>
Change-Id: Idd4ff156f980d1edaaf4f98d468e3cffbe7ae771
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3989665
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:244476137
TEST=none
Change-Id: I07b6cf0e65b578aa28a61185ff1e0a7b12a63380
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3935022
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The script has been reworked to support multiple versions of GSC and
has been moved into the Ti50 tree.
BUG=None
TEST=None
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I4ff086b73796bad09a7b572aa68566470582c28b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3936350
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:243160187
TEST=none
Change-Id: Ib3fa73f9344f4342777a4f100bd28ee874f422dc
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3922444
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove most of the v2 support. Keep finding the FMAP and put it behind
FIND_FMAP, so we can use it to find the gbb.
BUG=none
TEST=manual
# erase AP RO hash. Make sure AP RO verification is skipped and
# the device boots.
[128.981224 RO Validation triggered]
[128.982357 ap_ro_check_unsupported: RO verification not ...]
[129.109138 AC: R-]
# Set the hash. Make sure validation runs.
[56.397819 RO Validation triggered]
[56.399009 enable_spi_pinmux: AP]
[56.401519 spi_hash_pp_done: AP]
...
Change-Id: Id52180c352a57e0e1e3cdc18bc3ee0fcce4c222c
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3869309
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:1031705
TEST=stack_analyzer_unittest.py
TEST=`make BOARD=kukui SECTION=RO analyzestack` runs successfully
Signed-off-by: kerker <kerker@chromium.org>
Change-Id: I4027c9c21bdf5fb456430231f1e9bfefed3e8fdb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2419737
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
(cherry picked from commit 4747bf170d58917025889fedc93e5a0ac7db7fb1)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3893047
Auto-Submit: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The gsctool utility expects the 64 capabilities values to be
represented as two u32 quantities in big endian format, where each two
bits represent current and default states for various capabilities.
Ti50 represents the same values as single u64 little endian values.
This patch modifies the cpabilities values to match expectations in
case ccd_info structure is of version 1.
BUG=b:244750201
TEST=capalbilities display on the Ti50 console and in gsctool output
are the same in both cases when CCD is opened and locked:
localhost # ./gsctool -a -I
State: Opened
Password: None
Flags: 000000
Capabilities, current and default:
UartGscRxAPTx Y Always
UartGscTxAPRx Y Always
UartGscRxECTx Y Always
UartGscTxECRx Y IfOpened
UartGscRxFpmcuTx Y Always
UartGscTxFpmcuRx Y IfOpened
FlashAP Y IfOpened
FlashEC Y IfOpened
OverrideWP Y IfOpened
RebootECAP Y IfOpened
GscFullConsole Y IfOpened
UnlockNoReboot Y Always
UnlockNoShortPP Y Always
OpenNoTPMWipe Y IfOpened
OpenNoLongPP Y IfOpened
RemoveBatteryBypassPP Y Always
I2C Y IfOpened
FlashRead Y Always
OpenNoDevMode Y Always
OpenFromUSB Y Always
OverrideBatt Y IfOpened
BootUnverifiedRo Y Default
CCD caps bitmap: 0x3fffff
Capabilities are default.
localhost # ./gsctool -a -I
State: Locked
Password: None
Flags: 000000
Capabilities, current and default:
UartGscRxAPTx Y Always
UartGscTxAPRx Y Always
UartGscRxECTx Y Always
UartGscTxECRx - IfOpened
UartGscRxFpmcuTx Y Always
UartGscTxFpmcuRx - IfOpened
FlashAP - IfOpened
FlashEC - IfOpened
OverrideWP - IfOpened
RebootECAP - IfOpened
GscFullConsole - IfOpened
UnlockNoReboot Y Always
UnlockNoShortPP Y Always
OpenNoTPMWipe - IfOpened
OpenNoLongPP - IfOpened
RemoveBatteryBypassPP Y Always
I2C - IfOpened
FlashRead Y Always
OpenNoDevMode Y Always
OpenFromUSB Y Always
OverrideBatt - IfOpened
BootUnverifiedRo - Default
CCD caps bitmap: 0xe9817
Capabilities are default.
Signed-off-by: Vadim Bendebury <vbendeb@google.com>
Change-Id: I41e0ea22265cdb5aaaff33be4ba79030e402ee1b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3895514
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Jett Rink <jettrink@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tpm_send_pkt() uses a static buffer sized to MAX_BUF_SIZE. When updating
via the TPM interface transfer_section() calls tpm_send_pkt() with a
data size bounded by SIGNED_TRANSFER_SIZE. tpm_send_pkt() copies the
data into its static buffer, with a 20 byte offset to leave space for
the header.
MAX_BUF_SIZE is 500 and SIGNED_TRANSFER_SIZE is 1024, so this overflows
by 544 bytes. The build options for gsctool have recently changed to
adopt the fortified version of memcpy, which now detects this buffer
overflow.
Split MAX_BUF_SIZE into MAX_RX_BUF_SIZE and MAX_TX_BUF_SIZE, increasing
MAX_TX_BUF_SIZE to fit update packets.
BUG=b:246212506
TEST=gsctool -a /opt/google/ti50/firmware/ti50.bin.prepvt succeeds
make buildall -j
Change-Id: I5180d8ec72a03feaeba9226c9c2f2faad29ae38a
Signed-off-by: Sam McNally <sammc@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3893949
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|