| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The cr50 serial number is based on the devid, so the serial number can
be found using the sysinfo devid output. The serial number is the devid
without '0x's, capitalized, and the space is replaced with a '-'.
echo ${DEVID//0x/} | tr '[:lower:]' '[:upper:]' | tr ' ' '-'
No scripts or tests use serialno.
This command saves 208 bytes.
BUG=b:181999426
TEST=none
Change-Id: Ib6629ceb9cfa001d8c758077119717f29116cb15
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2799442
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add 'atboot' arg to rddkeepalive that can be used to store rddkeepalive
across cr50 resets.
The atboot flag gets cleared with rddkeepalive disable.
BUG=b:144724216
TEST=manual
# Verify 'rddkeepalive disable' is unchanged
rddkeepalive disable
Using actual Rdd state
rddkeepalive
Rdd: connected
# Verify 'rddkeepalive enable' is unchanged
rddkeepalive enable
Forcing Rdd detect keepalive
rddkeepalive
Rdd: keepalive
# Verify 'rddkeepalive disable' disables keepalive
rddkeepalive disable
Using actual Rdd state
rddkeepalive
Rdd: connected
ccd
...
Flags: 0x000000
# Verify 'rddkeepalive enable atboot' enables keepalive and sets
# the atboot flag.
rddkeepalive enable atboot
Forcing Rdd detect keepalive atboot.
rddkeepalive
Rdd: keepalive (atboot)
# check the ccd rddkeepalive atboot flag (0x80000)
ccd
...
Flags: 0x080000
reboot
...
rddkeepalive
Rdd: keepalive (atboot)
ccd
...
Flags: 0x080000
# Verify this new string doesn't break dut-control
dut-control cr50.ccd_keepalive_en
ccd_keepalive_en:on
# 'rddkeepalive enable' doesn't touch the atboot flag
rddkeepalive enable
Forcing Rdd detect keepalive
rddkeepalive
Rdd: keepalive (atboot)
# 'rddkeepalive disable' clears it.
rddkeepalive disable
Using actual Rdd state
rddkeepalive
Rdd: connected
Change-Id: I10227e335a5de6ed73290ff5be2e65892913de35
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2799441
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Print the Rdd state when the console is locked. Don't allow setting it.
BUG=none
TEST=manual
> ccd lock
CCD locked.
> rddkeepalive
Rdd: connected
> rddkeepalive enable
Parameter 1 invalid
Usage: rddkeepalive [BOOLEAN]
> ccd testlab open
> ccd
State: Opened
...
> rddkeepalive enable
Forcing Rdd detect keepalive
>
Change-Id: Ie309e42e7ef295bb0d7e7208d4bd6c17ce799e98
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2799440
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Increase TRNG_EMPTY_COUNT, so boards with slow TRNG have enough time to
generate a sample.
BUG=b:172542178,b:178116958
TEST=generate RSA keys 50 times on the hatch with slow TRNG. Verify the
average time is around 6 seconds.
Change-Id: I1b821286e1e4b5da8baa59caeda907ab3fe49f81
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2641744
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: Icbd143b072fdd5df3b67d7e5a09ee6c01a77f6b9
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2622889
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I0293c7ba92d05bf0d47a92bcc86c48ac61060f09
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615127
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: If1d3a3e11736bf6da85938a607038a93254e9cc0
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615126
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: Idf1c39aa4234c475018882d7bb69c3e33a9cf79f
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615125
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: If7b5829294a3d4d8a68042f1a8d449e8e6ef158e
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615124
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I244ca864dad04f2b4f02bb1be2b482921da2fc88
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615123
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I643605d4ab48c0199e3f48bbc7afefde2c987372
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615122
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: Ia34cccffdd6a82c25b479bb8d2e6370bbf00baf0
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615121
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I79a65f8475e2a764720a1f37a147c3723d34b046
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615120
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove coil terms from i2c comments
BUG=b:175244613
TEST=make buildall -j
Change-Id: If056c099304e1fa676991e22ddaa9cb91ccfdeb3
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613509
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I21745af0c160b74534f2525d1ea0738d6faec470
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613506
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: Iea0b26d4aec99509bc2db0ccc3ad8da701d63e79
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613505
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I5318e7845c7b87a21b1fa9f5e99629513b7fbb80
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613504
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're now using i2c controller instead of i2c master. Stop using i2cp
controller to refer to the peripheral in comments. Use i2cp driver.
BUG=b:175244613
TEST=make buildall -j
Change-Id: I6d5c03cc4ad8663ecf735a9853ef83d52680621d
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2611763
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We can't change the register names at this point. We can only change the
gpios. This changes the gpio names.
BUG=b:175244613
TEST=make buildall -j
Change-Id: I0dadd84bbb3d19011e86428b79d0cb08321c35e3
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2611762
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename i2cs functionas and variables to i2cp. Change some basic
comments.
I will rework the i2cp comments to stop using controller when referring
to the i2cp, because it's kind of confusing now that master has been
renamed to controller.
BUG=b:175244613
TEST=make buildall -j
Change-Id: I9574e77ab42427ca90d5b8a6421793f52e519f67
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2611761
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: Ifb547770fd829e27437079bee809d07fff90a77a
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2611760
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I74900cd9113c12e5e08a0770e30f3abf69816302
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2611757
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: Icd2d47a031c5132cb9bca618c5c5ed8cd9e80c07
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2611756
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I693fa068dc9bbf4babb1a63e35d4536f5eba1e88
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613460
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I3b5d64b1344c9b72ab8c93c68713cce58601b007
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613458
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I4bce647f39655249ddbaa16af917fdd8bf0ebd63
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613457
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I8c276d800c6c69fd12bca0b75dc1f8f60a30c096
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613456
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on the input image, we determine if this is a CR50 image or a
Dauntless image. The magic lets us determine which type of image it is.
For D2 images, we scan for the RW header instead of using hard coded
offsets as this will allow us to change where the RW is located (if RO
contracts or expands).
BUG=b:172465629
TEST=sent image to D2 from gsctool via CCD
TEST=flash new H1 image to volteer using to slot B
Signed-off-by: Jett Rink <jettrink@chromium.org>
Change-Id: I7554c978a9ba83b423fbaf43c62f9f0d6711d071
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2585926
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Status of completion of power-up tests was in long life register
which survives reboots and even firmware upgrades, which is not
an intended behavior. Moving status to PWRDN register makes it
reset on graceful reboots and firmware upgrades, but avoid
running tests on wake from deep sleep. This switch also enables
use of multiple bits to indicate status of tests, which makes it
more fault tolerant.
BUG=b:138577491
TEST=make BOARD=cr50, then deassert DIOM3 to trigger deep sleep
FIPS power-on tests shouldn't run on wake.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I098940e45afd5b5b9447b2780ff69372a922c03f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2330976
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The recent modification of chip/g/build.mk introduced a bug where an
awk script error is reported if the board name does not contain an
underscore.
It went unnoticed because it does not prevent make from reporting
success and most boards do not care about the results of running of
this awk script.
This patch fixes the problem.
BUG=none
TEST=ran make for cr50 and hslt_d2c, observed proper modification of
the manifest, verified that no script errors are reported any
more.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I0981411ec7bc17e4473d4b33125f76b75983d974
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2317059
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Personalization infrastructure expects the image header tag filed to
be set to the board name in ASCII.
This patch modifies the chip g makefile to paste the board name into
the manifest, the signer copies the value into the image header.
BUG=b:161498484
TEST=verified that the manifest is updated as expected:
$ diff util/signer/ec_RW-manifest-dev.json /tmp/h1.signer.F2Pu6d
33c33
< "tag": "00000000000000000000000000000000000000000000000000000000",
---
> "tag": "68736c74206432630000000000000000000000000000000000000000",
and observed the personalizer test harness to retrieve the expected
board name from the running image.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I9ecf009e21c2ab77b03c9de1ebb176197923e6e1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2310850
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't touch the SYS_RST_L or EC_RST_L signals when flashing the AP if
flashrom is run with custom_rst=True.
BUG=b:154885210
TEST=manual on bob
ecrst on
flashrom -p raiden_debug_spi:target=EC -r ec.bin
ecrst on
flashrom -p raiden_debug_spi:target=AP,custom_rst=True -r ap.bin
check ecrst is still on
flashrom -p raiden_debug_spi:target=AP -r ap.bin
Change-Id: Ia1ab8c853c25ced994e053c9e19a18d0d0f1cb45
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2301239
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This test's main goal is to be used against future changes in the
dcrypto engine. All it does is comparing signature received from the
ecdsa sign function to the golden results.
Signed-off-by: mschilder@google.com
BUG=b:137659935
TEST=something of a test itself and is run by calling the command
through the console connection via host.
The test sequence is following:
- call the dcrypto_ecdsa_sign function on the known input.
- call the dcrypto_ecdsa_verisign on the same input (this function is
added in the following CLs in the chain).
- compare both results to the golden value.
Test passes if both results match to the golden value.
To run the test compile the CR50:
make -j BOARD=cr50 CRYPTO_TEST=1
in the console run:
dcrypto_ecdsa
Change-Id: I07437f6a69ba79bdcce8c92976a374733b17d339
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2269337
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Despite all make tricks, sometimes switching between make invocations
with CR50_DEV defined and not defined, the code which updates the
IFNO1 RW rollback space runs even when CR50_DEV was defined at compile
time and the image header rollback space is set to all zeros.
This causes complete clearing of the INFO1 RW rollback space, which in
turn prevents from running images built without CR50_DEV=1.
Let's add a check to see if the currently running image has the entire
rollback space in the header erased, and not proceed with the INFO1
space update in this case.
BUG=b:160013710
TEST=verified that images built both with CR50_DEV defined and not
defined run properly.
- removed '#ifndef CR50_DEV' block around lines 610..719 and built
and ran the image, observed the "Skipped updating INFO1 RW" map
message.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I63a54ba2a82cd250d1e4018768b7a55c406b69c0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2271016
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Time it takes for TRNG to come-up with 32-bit of randomness
varies, and once TRNG started to use 1-bit alphabet, it's average
increased. We handle this timeout by resetting TRNG and
writing record in the flash log. With current setting of EMPTY_COUNT
set to 400 it's almost never happens under normal use, and is harmless,
but adds unnecessary records in the log under heavy use like TRNG
health tests. Adjusting EMPTY_COUNT to higher value reduce probability
of TRNG reset when value is just delayed, but TRNG is not stalled yet.
BUG=b:138578157
TEST=tpmtest -t0
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ic0152da05934a70dd16b3e4178361bfcefbdda26
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2252481
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: William Wesson <wesson@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to NIST SP 800-90B only vetted conditioning mechanism should
be used for post-processing raw entropy. See SP 800-90B, 3.1.5.1 Using
Vetted Conditioning Components. Use of non-vetted algorithms is governed
in 3.1.5.2, but assumes conservative coefficient 0.85 for entropy estimate,
which increase number of requests to TRNG to get desirable entropy.
More details on entropy estimate tests are in associated bug.
Entropy measurements using NIST assessment tool didn't report noticeable
change in entropy estimate. However, more changes are needed to use
DRBG instead of raw TRNG for all purposes.
TRNG changes reviewed also at https://crrev.com/c/1926384
BUG=b:138577834
TEST=test/tpm_test/nist_entropy.sh
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I5a578b90b8b7a77fae6a218eec48e87e7644ab44
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2240519
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added check for output len as defined by NIST for HMAC_DRBG and
define error codes instead of constants.
Propagate status for hmac_drbg_generate_p256
BUG=b:138578157
TEST=make buildall ; make BOARD=cr50 ; tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I16a1eac51ca11a6419a86922cfe59c13d9c703a0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243762
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For long HMAC keys we should also compare length with SHA256 block size
rather than size of opad. It updates previous patch.
https://crrev.com/c/1850535 introduced change in LITE_HMAC_CTX structure
which change size of opad field. HMAC computation was using sizeof(opad)
instead of SHA256_BLOCK_SIZE and that caused incorrect values.
BUG=b:158094716
TEST=make BOARD=cr50 CRYPTO_TEST=1 ; test/tpm_test/tpmtest.py
Change-Id: I9c7d63ad3f1751b09b6968379082e875b3558bef
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2231962
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://crrev.com/c/1850535 introduced change in LITE_HMAC_CTX structure
which change size of opad field. HMAC computation was using sizeof(opad)
instead of SHA256_BLOCK_SIZE and that caused incorrect values.
BUG=b:158094716
TEST=make BOARD=cr50 CRYPTO_TEST=1 ; test/tpm_test/tpmtest.py
or rfc6979 and hmac_drbg in Cr50 console.
Change-Id: I58c166381b9f95f02f9f0c26a04a88e552d8057f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2229280
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:158019009
TEST=make -j BOARD=cr50 CR50_DEV=1
Change-Id: If9554fcf499fb08b301d6f58764e9a4983b6884b
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2227075
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SQA images won't be built anymore. This change removes the SQA support.
It deletes all SQA ifdefs and replaces CR50_RELAXED with CR50_DEV.
BUG=b:158011401
TEST=manual
build regular image and check eraselfashinfo and rollback aren't
included.
build image with CR50_SQA=1 and check it's no different than the
regular image.
build DBG image and make sure it still starts open, it has the
eraseflashinfo and rollback commands, and it can flash old cr50
images.
Change-Id: I5e94c88b1903cfcf0eee0081fc871e55fc8586c7
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2227149
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch assigns the bit offset 0 in TPM_BOARD_CFG register to
indicate the status of INT_AP_L extension. The bit 1 means INT_AP_L
pulse extension is activated, and 0 means it is not.
BUG=b:148691139
TEST=tested on atlas and on careena.
1. Checked the default TPM_BOARD_CFG (PWRDN_SCRATCH21) value was zero
and the INT_AP_L assertion duration was 4~10 microseconds.
> md 0x400000f4 1 // memory dump on GC_PMU_PWRDN_SCRATCH21
400000F4: 0x00000000
2. Attempted to change the board configuration (with a hacked UART
command.). The register value was unchanged.
> brdcfg 0x01
TPM_BOARD_CFG = 0x00000000
> md 0x400000f4 1
400000F4: 0x00000000
3. Forced to write the board configuration with a hacked UART command.
The register value was changed.
> brdcfg 0x01 force
TPM_BOARD_CFG = 0x80000001
> md 0x400000f4 1
400000F4: 0x80000001
4. Checked the INT_AP_L assertion duration extended to 110
microseconds or longer.
5. After cr50 deep sleep, checked the pulse duration was still
extended.
- turned AP off.
- disconnected Suzy-Qable.
- waited three seconds
- connected Suzy-Qable, and checked the reset cause was 'hibernate
rbox'.
> md 0x400000f4 1
400000F4: 0x8000001
6. With 100 usec long INT_AP pulse, checked trunks_cliend
regression_test, stress_test and ext_command_test runs good.
Checked dmesg and found no TPM errors through all tests.
(ap) $ trunks_client --regression_test
(ap) $ trunks_client --stress_test
(ap) $ trunks_client --ext_command_test
7.checked no character loss during uart_stress_tester.
(chroot) $ uart_stress_tester.py -c -t 600 /dev/ttyUSB2 /dev/ttyUSB1
8. the shortest duration of INT_AP_L assertion and deassertion
observed in logic analyzer were 110 usec and 152 usec.
9. measured the depthcharge exit timestamp and cr50 flash time with
or without INT_AP pulse extended to 100 usec, on atlas and helios:
-----------------+-------------------+------------------
| atlas | helios
-----------------+-------------------+------------------
boot (sec) | 1.398 -> 1.402 | 1.004 -> 1.011
cr50 flash (sec) | 10.800 -> 14.609 | 16.024 -> 16.466
-----------------+-------------------+------------------
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: I2b9f9defb63cf05f9d91b741ccb4b49c4c6bc8e2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2202839
Tested-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the TPM vendor-defined register, TPM_BOARD_CFG,
which indicates the board configuration status. This register is
attributed as one-time-programmable and the value is maintained
across deep sleeps. Cr50 allows a write on this register right after
a cr50 reset until it receives a TPM2_PCR_Extend command.
BUG=b:148691139
TEST=none
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: I89ae5a53c15990ef78812aec5da81a59f04d7d98
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2202838
Tested-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a feature to extend each level of GPIO_INT_AP_L at
least for 100 microseconds. The assertion (low GPIO_INT_AP_L)
duration might be shorter only if AP asserts a SPS CS before
INT_AP_L deassertion, because it means means AP recognized
GPIO_INT_AP_L assertion already.
This patch increases the flash usage by 280 bytes.
BUG=b:148691139
TEST=None
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: Ie74b236bc5352e9fc21fe600c12946e50955160a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2114430
Tested-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code opening the RO windows to make it possible to update or
enable the RO images, leaves the window open, allowing subsequent
writes into the RO space. It has been acceptable until now, because RO
updates are usually followed up by reboots.
With introduction of the AP RO hash, there is a need to close the
window (specifically, disable write access) when not in use. This
patch adds a function for that and uses the new function everywhere
where flash_open_ro_window() is called.
BUG=b:153764696
TEST=verified successful Cr50 RO and AP RO hash updates.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ia595e5c7ce0beb1a67ef3513117984d18655a60c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2204973
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds plumbing necessary to invoke the AP RO verification function
in response to the operator entering the 'magic sequence' of holding
the power button pressed and pressing/releasing the refresh button
three times within five seconds.
The code used during the 'Open box RMA' verification process is used,
with the physical presence confirmation phase bypassed.
This patch also makes sure that attempts to use CCD to program AP or
EC flash while AP RO verification is in progress would fail.
BUG=b:153764696, b:154966209
TEST=with the next patch applied, generated AP integrity verification
data using the ap_ro_hash.py script and then ran the verification
procedure, observing the 'hash match' message on the Cr50
console.
Also verified that the Open Box RMA procedure still succeeds.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ic101fb892554ebb05f9ebe6d1546bfb439f74043
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2171399
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds code which accepts the vendor command communicating
the list of the AP firmware sections to verify and the expected
cumulative sha256 sum value of the sections.
The vendor command payload is checked for sanity: each range offset is
not expected to exceed 32M bytes (the largest possible SPI flash size)
and each size is not expected to exceed 4M bytes.
If any inconsistencies are found in the payload, or the flash
integrity space is already programmed, an error is returned to the AP.
It the command validity check succeeds, the payload of the vendor
command is prepended by a header including the number of the flash
regions to check and a 4 byte checksum of the stored information.
This combined information is stored in the dedicated H1 flash space,
specifically the RO_B region, at offset of 0x3000, 2K bytes page below
the region used for the flash log.
The valid RO range in upgrade_fw.c:set_valid_sections() is modified to
prevent erasing of the AP RO hash value during Cr50 RO updates.
The new file also introduces a function used to verify the AP flash
when requested. The returned value indicates one of three conditions:
- valid verification information not found
- AP flash integrity verification failed
- AP flash integrity verification succeeded
A new console command allows to examine the contents of the space
where the list of ranges and the sum are stored. CR50_DEV builds also
allow to erase the page.
BUG=b:153764696
TEST=with the rest of the patches applied verified successful
execution of the AP RO verification sequence.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I1894ef897a86e9d60b9f5bcff3a680f632239e1b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2171398
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes it possible to check if the INFO1 Board ID space is
programmed or not.
BUG=b:153764696
TEST='make buildall -j'
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ic771956a08e276c2e1a426729a8ecdae3f86a04f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2204974
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code which allows to read a section of AP or EC flash and
calculate the section's SHA256 sum does not allow calculating the sum
over multiple non-adjacent flash areas.
This patch changes the implementation to allow calculations over more
than one region. Initialization, calculation and reporting of the
result become three separate API entries.
The loop counting the number of the read flash chunks, is being
simplified, a watchdog kick added to the brief loop interruptions, as
it turns out that sleeping alone is not enough to prevent watchdog
expiration when calculating hash over large SPI flash ranges.
Also simplified prototypes for usb_spi_board_enable() and
usb_spi_board_disable().
BUG=b:153764696
TEST=created an RO descriptor for the Atlas DUT and verified that
'gsctool -O' succeeds.
Cq-Depend: chrome-internal:2939596
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Iec7b8634c7c80ebc7600c5b708879eb322bc7fec
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2163569
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a minor API clean up, it is not entirely clear why const void
pointers were not used originally, but using this type for input data
(and void pointer for output) makes interfacing with the library much
easier.
Also modified cases where the first parameter of DCRYPTO_SHA1_hash()
was typecasted unnecessarily.
BUG=none
TEST=make buildall succeeds, Cr50 image supports booting a Chrome OS
device just fine.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ic8a670aa7b26598ea323182845c184b7f1d715a1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2163568
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|