diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2017-12-16 17:08:14 -0800 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2017-12-17 06:49:16 +0000 |
| commit | 444da5b7267654b8c43f073838a59397317dbbb3 (patch) | |
| tree | 93202384be36a405c50af04a633cc1973e37ffce | |
| parent | 5f2ac35e5a851590b8f5f6eec01bc7908de85dc2 (diff) | |
| download | chrome-ec-444da5b7267654b8c43f073838a59397317dbbb3.tar.gz | |
cr50: preserve RMA mode in NVMEM
Eve Cr50 branch is lacking CCD implementation, so a separate means of
preventing WP state while in RMA mode is needed.
Let's add an NVMEM variable to serve as a flag indicating that WP
should not be enabled. The variable is set when RMA mode is entered
and cleared when RMA mode is exited.
BRANCH=none
BUG=none
TEST=verified that WP is not active even after removing and
re-attaching the battery while the device is in RMA mode.
Change-Id: I979b40de5cc545dca0dabae0f0bd03b185299ca4
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/830523
Reviewed-by: Randall Spangler <rspangler@chromium.org>
| -rw-r--r-- | board/cr50/board.h | 1 | ||||
| -rw-r--r-- | board/cr50/wp.c | 27 | ||||
| -rw-r--r-- | common/rma_auth.c | 23 |
3 files changed, 51 insertions, 0 deletions
diff --git a/board/cr50/board.h b/board/cr50/board.h index 0bf2aa1468..67306c4eea 100644 --- a/board/cr50/board.h +++ b/board/cr50/board.h @@ -177,6 +177,7 @@ enum nvmem_vars { NVMEM_VAR_CONSOLE_LOCKED = 0, NVMEM_VAR_TEST_VAR, NVMEM_VAR_U2F_SALT, + NVMEM_VAR_RMA_MODE_ACTIVE, NVMEM_VARS_COUNT }; diff --git a/board/cr50/wp.c b/board/cr50/wp.c index e55573bd62..b2c43f678d 100644 --- a/board/cr50/wp.c +++ b/board/cr50/wp.c @@ -24,6 +24,18 @@ void set_wp_state(int asserted) { + if (asserted) { + uint8_t key; + + key = NVMEM_VAR_RMA_MODE_ACTIVE; + + if (getvar(&key, sizeof(key))) { + CPRINTS("%s: RMA mode active, not enabling WP", + __func__); + asserted = 0; + } + } + /* Enable writing to the long life register */ GWRITE_FIELD(PMU, LONG_LIFE_SCRATCH_WR_EN, REG1, 1); @@ -417,12 +429,27 @@ static enum vendor_cmd_rc ccd_disable_rma(enum vendor_cmd_cc code, size_t input_size, size_t *response_size) { + uint8_t key; + int rv; + CPRINTF("setting WP to follow battery presence\n"); force_write_protect(0, 1); CPRINTF("locking console\n"); lock_the_console(); + CPRINTS("Removing RMA mode flag"); + key = NVMEM_VAR_RMA_MODE_ACTIVE; + rv = setvar(&key, sizeof(key), NULL, 0); + if (rv == EC_SUCCESS) + rv = writevars(); + if (rv != EC_SUCCESS) { + CPRINTS("%s: failed to remove RMA mode flag!", __func__); + *((uint8_t *)buf) = rv; + *response_size = 1; + return VENDOR_RC_WRITE_FLASH_FAIL; + } + *response_size = 0; return VENDOR_RC_SUCCESS; } diff --git a/common/rma_auth.c b/common/rma_auth.c index 5c25b6e455..6f721a05c5 100644 --- a/common/rma_auth.c +++ b/common/rma_auth.c @@ -13,6 +13,7 @@ #include "curve25519.h" #include "extension.h" #include "hooks.h" +#include "nvmem_vars.h" #include "rma_auth.h" #include "shared_mem.h" #include "system.h" @@ -244,6 +245,28 @@ static enum vendor_cmd_rc get_challenge(uint8_t *buf, size_t *buf_size) static void enter_rma_mode(void) { + uint8_t key; + + /* + * The presence of this NVMEM variable is an indication that RMA mode + * is active and hence flash write protect should not be enalbed on + * power up. + * + * Failure to create this variable will prevent activating RMA mode. + * Not much we can do about the failure at this point as far as + * informing the AP is concerned, because this function runs after the + * vendor command was processed. + * + * Worse comes to worst the operator will have to repeat RMA enabling + * process. + */ + key = NVMEM_VAR_RMA_MODE_ACTIVE; + setvar(&key, sizeof(key), &key, sizeof(key)); + if (writevars() != EC_SUCCESS) { + CPRINTF("%s: Failed to save RMA mode state\n", __func__); + return; + } + CPRINTF("unlocking console\n"); unlock_the_console(); |