ap_ro_verification: do not fail if verification is not supportedstabilize-14312.B-cr50_stab

The decision of when to refuse to boot the device needs to be refined.
We should never allow booting a device which ever passed a V2
verification. To reliably keep track of successful V2 validations in
the past let's allocate a word in the INFO space which is write only,
once written to 0 it will never change, value of 0 will be the
indication of previous V2 verification success.

The below table describes when booting should be allowed or blocked.

  Cache     GSCVD            Verification |
  version   present   Info      result    |   Block boot
 --------- --------- ------ --------------|------------------
  none        no       0          n/a     |      yes
  none        no       1          n/a     |      no
  none        yes     n/a        fail     |      yes
  none        yes     n/a        pass     | no, update cache, info
   v1         n/a     n/a        pass     |      no
   v1         n/a     n/a        fail     |    check v2
   v2         n/a     n/a        fail     |      yes
   v2         yes     n/a        pass     |      no

This patch implements the above table, fixing the case where Cr50 was
refusing to boot if neither local cache nor AP flash structures were
present.

BUG=b:203212461, b:141191727
TEST=tried running AP RO verification on a device without local cache
     and RO_GSCVD not in AP flash. The device booted successfully.

     Verified that both V1 and V2 validation works as expected, and
     fallback from V1 to V2 happens if V1 fails and RO_GSCVD is found
     in AP flash.

Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I1f64123a3631932d142662a76deaf6ef6fee47fa
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3229981
Reviewed-by: Andrey Pronin <apronin@chromium.org>

0 files changed, 0 insertions, 0 deletions