diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2017-11-21 17:45:08 -0800 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2017-12-16 01:13:20 +0000 |
| commit | 9eccf1aa2d4367741e7174fdf3a0fceaddcdacc1 (patch) | |
| tree | 2013d2dc8ce2f5ad452f2f519175a97022a8f5cb | |
| parent | 4ea7bba5b7bd7b87432728f7df976418352fff78 (diff) | |
| download | chrome-ec-9eccf1aa2d4367741e7174fdf3a0fceaddcdacc1.tar.gz | |
cr50: ccd: add vendor command to disable RMA mode
The new vendor command takes the CCD state machine through necessary
transitions leaving it in the CCD locked state.
It succeeds only if user password is not set and CCD capabilities are
right, which is guaranteed to be the case after an RMA unlock.
Conflicts:
board/cr50/wp.c
common/ccd_config.c
include/tpm_vendor_cmds.h
BRANCH=cr50
BUG=b:68213540
TEST=tested using the modified gsctool utility.
Change-Id: Ic2cce34e74b1ff476841cfa1a99f50d6a947c315
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/784352
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit baff7ae621d88929c0ab808eee54c081e44b2710)
Reviewed-on: https://chromium-review.googlesource.com/828687
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
| -rw-r--r-- | board/cr50/wp.c | 16 | ||||
| -rw-r--r-- | include/tpm_vendor_cmds.h | 1 |
2 files changed, 17 insertions, 0 deletions
diff --git a/board/cr50/wp.c b/board/cr50/wp.c index 3d86c94bf6..e55573bd62 100644 --- a/board/cr50/wp.c +++ b/board/cr50/wp.c @@ -412,6 +412,22 @@ static enum vendor_cmd_rc vc_lock(enum vendor_cmd_cc code, DECLARE_VENDOR_COMMAND(VENDOR_CC_GET_LOCK, vc_lock); DECLARE_VENDOR_COMMAND(VENDOR_CC_SET_LOCK, vc_lock); +static enum vendor_cmd_rc ccd_disable_rma(enum vendor_cmd_cc code, + void *buf, + size_t input_size, + size_t *response_size) +{ + CPRINTF("setting WP to follow battery presence\n"); + force_write_protect(0, 1); + + CPRINTF("locking console\n"); + lock_the_console(); + + *response_size = 0; + return VENDOR_RC_SUCCESS; +} +DECLARE_VENDOR_COMMAND(VENDOR_CC_DISABLE_RMA, ccd_disable_rma); + /****************************************************************************/ static const char warning[] = "\n\t!!! WARNING !!!\n\n" "\tThe AP will be impolitely shut down and the TPM persistent memory\n" diff --git a/include/tpm_vendor_cmds.h b/include/tpm_vendor_cmds.h index b190718d49..898251964e 100644 --- a/include/tpm_vendor_cmds.h +++ b/include/tpm_vendor_cmds.h @@ -43,6 +43,7 @@ enum vendor_cmd_cc { VENDOR_CC_U2F_APDU = 27, VENDOR_CC_POP_LOG_ENTRY = 28, VENDOR_CC_RMA_CHALLENGE_RESPONSE = 30, + VENDOR_CC_DISABLE_RMA = 32, LAST_VENDOR_COMMAND = 65535, }; |