diff options
author | Vadim Bendebury <vbendeb@chromium.org> | 2019-06-12 10:54:31 -0700 |
---|---|---|
committer | Vadim Bendebury <vbendeb@chromium.org> | 2019-09-21 19:11:24 -0700 |
commit | 5fc4c5f756365984310a0366a0e47b0e2c37c7b8 (patch) | |
tree | a9b1c887adc8bccef8dbc4cb9d3818580ea5d4c0 | |
parent | d2aa31110c2a73883be465e4b591404f41711189 (diff) | |
download | chrome-ec-5fc4c5f756365984310a0366a0e47b0e2c37c7b8.tar.gz |
g: use GLOBALSEC_REGION5 for flash log access control
Flash log space access needs to be explicitly enabled. The previously
chosen for this purpose global security region 7 is also used by the
TPM endorsement procedure, and this may cause race condition resulting
in flash log space not accessible.
Let's use previously unused region 5 instead. This is how the regions
are configured after this patch on a system where RO_A and RW_B are
active (bit 0 enables region in general, bit 1 enables reads, bit 2
enables writes):
Reg Base Size Enable bits
0 00040000 000027ff 3 # RO_A
1 00084000 00037fff 3 # RW_B
2 00044000 000387ff 7 # RW_A
3 0007c800 000037ff 7 # NVMEM
4 000bc800 000037ff 7 # NVMEM
5 00083800 000007ff 3 # Flash log
6 00028400 0000000f 3 # Info 1 board ID
7 00028000 000007ff 3 # Info 1 endorsement seed
BRANCH=cr50. cr50-mp
BUG=b:132287488
TEST=verified that there is no flash log lockups when the device boots
with an unendorsed TPM.
Change-Id: I4fc65989b3930d91ed8e076310ecb58bac5f085e
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1656158
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit 77161023d45559feb338d9d556a86c35c79d07f4)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1658725
(cherry picked from commit 5a4aba9f703d17957588c63b70b5ff306906b1e6)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1705732
(cherry picked from commit 4b05eb6c443d8ccbdaef9269ebf942ff5269158d)
-rw-r--r-- | chip/g/flash.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/chip/g/flash.c b/chip/g/flash.c index 8012a34430..83b46413f4 100644 --- a/chip/g/flash.c +++ b/chip/g/flash.c @@ -59,7 +59,7 @@ static struct mutex flash_mtx; #ifdef CONFIG_FLASH_LOG static void flash_log_space_control(int enable) { - GWRITE_FIELD(GLOBALSEC, FLASH_REGION7_CTRL, WR_EN, !!enable); + GWRITE_FIELD(GLOBALSEC, FLASH_REGION5_CTRL, WR_EN, !!enable); } #endif @@ -98,10 +98,10 @@ int flash_pre_init(void) * Allow access to flash elog space and register the access control * function. */ - GREG32(GLOBALSEC, FLASH_REGION7_BASE_ADDR) = CONFIG_FLASH_LOG_BASE; - GREG32(GLOBALSEC, FLASH_REGION7_SIZE) = CONFIG_FLASH_LOG_SPACE - 1; - GWRITE_FIELD(GLOBALSEC, FLASH_REGION7_CTRL, EN, 1); - GWRITE_FIELD(GLOBALSEC, FLASH_REGION7_CTRL, RD_EN, 1); + GREG32(GLOBALSEC, FLASH_REGION5_BASE_ADDR) = CONFIG_FLASH_LOG_BASE; + GREG32(GLOBALSEC, FLASH_REGION5_SIZE) = CONFIG_FLASH_LOG_SPACE - 1; + GWRITE_FIELD(GLOBALSEC, FLASH_REGION5_CTRL, EN, 1); + GWRITE_FIELD(GLOBALSEC, FLASH_REGION5_CTRL, RD_EN, 1); flash_log_register_flash_control_callback(flash_log_space_control); #endif return EC_SUCCESS; |