Add VB_INIT_FLAG_SW_WP_ENABLED to VbInit() input flags.

We need to know not only whether the HW WP pin is asserted, but whether the
flash chip has configured its software protection registers to actually
protect anything. This flag can be used to indicate that.

BUG=chrome-os-partner:13265
BRANCH=link
TEST=none

This just adds the flag. Nothing actually sets the flag yet, so there's
nothing to test.

Change-Id: Icba9945fb56eb3a4681486c630cbbdc9232485ef
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/31642
Reviewed-by: Randall Spangler <rspangler@chromium.org>

6 files changed, 24 insertions, 3 deletions

diff --git a/firmware/include/vboot_api.h b/firmware/include/vboot_api.h
index b5f3fb34..3d9b6921 100644
--- a/firmware/include/vboot_api.h
+++ b/firmware/include/vboot_api.h
@@ -181,6 +181,9 @@ typedef struct VbCommonParams {
 #define VB_INIT_FLAG_EC_SOFTWARE_SYNC    0x00000200
 /* EC on this platform is slow to update. */
 #define VB_INIT_FLAG_EC_SLOW_UPDATE      0x00000400
+/* Software write protect was enabled at boot time. This is separate from the
+ * HW write protect. Both must be set for flash write protection to work. */
+#define VB_INIT_FLAG_SW_WP_ENABLED       0x00000800
 
 /* Output flags for VbInitParams.out_flags.  Used to indicate
  * potential boot paths and configuration to the calling firmware
diff --git a/firmware/include/vboot_struct.h b/firmware/include/vboot_struct.h
index f8451a3f..4f48d9fc 100644
--- a/firmware/include/vboot_struct.h
+++ b/firmware/include/vboot_struct.h
@@ -237,6 +237,8 @@ typedef struct VbKernelPreambleHeader {
 #define VBSD_EC_SOFTWARE_SYNC           0x00000800
 /* VbInit() was told that the EC firmware is slow to update */
 #define VBSD_EC_SLOW_UPDATE             0x00001000
+/* Firmware software write protect was enabled at boot time */
+#define VBSD_BOOT_FIRMWARE_SW_WP_ENABLED 0x00002000
 
 /* Supported flags by header version.  It's ok to add new flags while keeping
  * struct version 2 as long as flag-NOT-present is the correct value for
diff --git a/firmware/lib/vboot_api_init.c b/firmware/lib/vboot_api_init.c
index 8d1540ba..0a1ee434 100644
--- a/firmware/lib/vboot_api_init.c
+++ b/firmware/lib/vboot_api_init.c
@@ -56,6 +56,8 @@ VbError_t VbInit(VbCommonParams* cparams, VbInitParams* iparams) {
     shared->flags |= VBSD_BOOT_REC_SWITCH_ON;
   if (iparams->flags & VB_INIT_FLAG_WP_ENABLED)
     shared->flags |= VBSD_BOOT_FIRMWARE_WP_ENABLED;
+  if (iparams->flags & VB_INIT_FLAG_SW_WP_ENABLED)
+    shared->flags |= VBSD_BOOT_FIRMWARE_SW_WP_ENABLED;
   if (iparams->flags & VB_INIT_FLAG_S3_RESUME)
     shared->flags |= VBSD_BOOT_S3_RESUME;
   if (iparams->flags & VB_INIT_FLAG_RO_NORMAL_SUPPORT)
diff --git a/host/lib/crossystem.c b/host/lib/crossystem.c
index b5655433..a19384da 100644
--- a/host/lib/crossystem.c
+++ b/host/lib/crossystem.c
@@ -38,7 +38,8 @@ typedef enum VdatIntField {
   VDAT_INT_DEVSW_BOOT,               /* Dev switch position at boot */
   VDAT_INT_DEVSW_VIRTUAL,            /* Dev switch is virtual */
   VDAT_INT_RECSW_BOOT,               /* Recovery switch position at boot */
-  VDAT_INT_WPSW_BOOT,                /* WP switch position at boot */
+  VDAT_INT_HW_WPSW_BOOT,             /* Hardware WP switch position at boot */
+  VDAT_INT_SW_WPSW_BOOT,             /* Flash chip's WP setting at boot */
 
   VDAT_INT_FW_VERSION_TPM,           /* Current firmware version in TPM */
   VDAT_INT_KERNEL_VERSION_TPM,       /* Current kernel version in TPM */
@@ -364,9 +365,12 @@ int GetVdatInt(VdatIntField field) {
       case VDAT_INT_RECSW_BOOT:
         value = (sh->flags & VBSD_BOOT_REC_SWITCH_ON ? 1 : 0);
         break;
-      case VDAT_INT_WPSW_BOOT:
+      case VDAT_INT_HW_WPSW_BOOT:
         value = (sh->flags & VBSD_BOOT_FIRMWARE_WP_ENABLED ? 1 : 0);
         break;
+      case VDAT_INT_SW_WPSW_BOOT:
+        value = (sh->flags & VBSD_BOOT_FIRMWARE_SW_WP_ENABLED ? 1 : 0);
+        break;
       case VDAT_INT_RECOVERY_REASON:
         value = sh->recovery_reason;
         break;
@@ -432,7 +436,9 @@ int VbGetSystemPropertyInt(const char* name) {
   } else if (!strcasecmp(name, "recoverysw_boot")) {
     value = GetVdatInt(VDAT_INT_RECSW_BOOT);
   } else if (!strcasecmp(name, "wpsw_boot")) {
-    value = GetVdatInt(VDAT_INT_WPSW_BOOT);
+    value = GetVdatInt(VDAT_INT_HW_WPSW_BOOT);
+  } else if (!strcasecmp(name, "sw_wpsw_boot")) {
+    value = GetVdatInt(VDAT_INT_SW_WPSW_BOOT);
   } else if (!strcasecmp(name,"vdat_flags")) {
     value = GetVdatInt(VDAT_INT_FLAGS);
   } else if (!strcasecmp(name,"tpm_fwver")) {
diff --git a/tests/vboot_api_init_tests.c b/tests/vboot_api_init_tests.c
index 3816e075..c10e7d08 100644
--- a/tests/vboot_api_init_tests.c
+++ b/tests/vboot_api_init_tests.c
@@ -144,6 +144,12 @@ static void VbInitTest(void) {
   TEST_EQ(shared->flags, VBSD_BOOT_FIRMWARE_WP_ENABLED, "  shared flags WP");
 
   ResetMocks();
+  iparams.flags = VB_INIT_FLAG_SW_WP_ENABLED;
+  TestVbInit(0, 0, "Flags test SW WP");
+  TEST_EQ(shared->flags, VBSD_BOOT_FIRMWARE_SW_WP_ENABLED,
+          "  shared flags SW WP");
+
+  ResetMocks();
   iparams.flags = VB_INIT_FLAG_RO_NORMAL_SUPPORT;
   TestVbInit(0, 0, "  flags test RO normal");
   TEST_EQ(shared->flags, VBSD_BOOT_RO_NORMAL_SUPPORT,
diff --git a/utility/crossystem_main.c b/utility/crossystem_main.c
index 1b926655..7528f019 100644
--- a/utility/crossystem_main.c
+++ b/utility/crossystem_main.c
@@ -70,6 +70,8 @@ const Param sys_param_list[] = {
   {"ro_fwid", IS_STRING, "Read-only firmware ID"},
   {"savedmem_base", 0, "RAM debug data area physical address", "0x%08x"},
   {"savedmem_size", 0, "RAM debug data area size in bytes"},
+  {"sw_wpsw_boot", 0,
+   "Firmware write protect software setting enabled at boot"},
   {"tpm_fwver", 0, "Firmware version stored in TPM", "0x%08x"},
   {"tpm_kernver", 0, "Kernel version stored in TPM", "0x%08x"},
   {"tried_fwb", 0, "Tried firmware B before A this boot"},