EFS: Implement EFS2 and NO_BOOT mode

EFS v1 allowed Chromeboxes to verify RW without AP. EFS v2 will bring
the benefts to Chromebooks, which are:

- Reduce RO dependency and presence. Allow more code to be updated
  in the fields.
- Remove jumptag and workarounds needed for late sysjump.

Major imporvements over v1 are:

- No A/B slot required.
- No signature in RW or public key in RO.
- Rollback-attack protection.

For battery-equipped devices, additional benefts are:

- Immediate boot on drained battery.
- Support recovery mode regardless of battery condition.
- Faster charge in S5/G3.

EC-Cr50 communication is based on the shared UART (go/ec-cr50-comm).
EFS2 is documented in go/ec-efs2.

BUG=chromium:1020578,chromium:1045217
TEST=Boot Helios in NORMAL/RECOVERY/NO_BOOT mode.
TEST=Verify EC is updated by software sync in Depthcharge.

Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Ie07e6f6ce46c0955a6a0adf595633e65c4ffe724
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1901868

1 files changed, 2 insertions, 0 deletions

diff --git a/tests/vboot_api_kernel4_tests.c b/tests/vboot_api_kernel4_tests.c
index a7c088c0..38d70552 100644
--- a/tests/vboot_api_kernel4_tests.c
+++ b/tests/vboot_api_kernel4_tests.c
@@ -73,6 +73,8 @@ static void reset_common_data(void)
 
 	memset(mock_presence, 0, sizeof(mock_presence));
 	mock_presence_count = 0;
+
+	sd->status |= VB2_SD_STATUS_SECDATA_KERNEL_INIT;
 }
 
 static void test_slk(vb2_error_t retval, int recovery_reason, const char *desc)