From 8bb1c3b852030dbecc58e6ec6c790ede621bc6e9 Mon Sep 17 00:00:00 2001 From: Aaron Durbin Date: Mon, 12 Dec 2016 14:15:12 -0600 Subject: crossystem: add phase_enforcement field Provide 'phase_enforcement' field that indicates if a system should have its full security features enabled while in the factory. The backend implementation currently is only for x86 using chromeos_acpi. On reef: $ grep ^ /sys/devices/platform/chromeos_acpi/GPIO.*/* /sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.0:4 /sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.1:1 /sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.2:10 /sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.3:INT3452:00 BUG=chrome-os-partner:59951 BRANCH=None TEST=Tested on reef with accompanying coreboot patches and flipping internal pulls to see the correct setting. Change-Id: Id5401d795cff8874a038f2456121549713a11237 Signed-off-by: Aaron Durbin Reviewed-on: https://chromium-review.googlesource.com/418899 Reviewed-by: Hung-Te Lin --- host/arch/x86/lib/crossystem_arch.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'host/arch/x86/lib/crossystem_arch.c') diff --git a/host/arch/x86/lib/crossystem_arch.c b/host/arch/x86/lib/crossystem_arch.c index e17852be..72263dce 100644 --- a/host/arch/x86/lib/crossystem_arch.c +++ b/host/arch/x86/lib/crossystem_arch.c @@ -67,6 +67,7 @@ #define GPIO_SIGNAL_TYPE_RECOVERY 1 #define GPIO_SIGNAL_TYPE_DEV 2 #define GPIO_SIGNAL_TYPE_WP 3 +#define GPIO_SIGNAL_TYPE_PHASE_ENFORCEMENT 4 /* Base name for ACPI files */ #define ACPI_BASE_PATH "/sys/devices/platform/chromeos_acpi" @@ -792,6 +793,8 @@ int VbGetArchPropertyInt(const char* name) value = 1 - value; /* Mario reports this backwards */ } else if (!strcasecmp(name,"recoverysw_ec_boot")) { value = ReadFileBit(ACPI_CHSW_PATH, CHSW_RECOVERY_EC_BOOT); + } else if (!strcasecmp(name,"phase_enforcement")) { + value = ReadGpio(GPIO_SIGNAL_TYPE_PHASE_ENFORCEMENT); } /* Fields for old systems which don't have VbSharedData */ -- cgit v1.2.1