diff options
| author | Keith Short <keithshort@chromium.org> | 2019-01-04 11:19:51 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2019-01-17 20:20:48 -0800 |
| commit | 948c320a35f3f5a1942bd33a93a3f4233ef19008 (patch) | |
| tree | 05f52eb7eab7219db9a4711f18a02ee934da0332 | |
| parent | 81f1c81cf9521425b0d57cd94774d80ec4db0ef0 (diff) | |
| download | chrome-ec-948c320a35f3f5a1942bd33a93a3f4233ef19008.tar.gz | |
cr50: Support closed source customer diagnostic mode
Drives OEM specific GPIOS to enable diagnostic mode on a closed source
EC.
BUG=b:122312536
BRANCH=cr50
TEST=make buildall. Verified GPIO states with scope at boot and after
sending TPM disable command from the AP. Diagnostic mode is cleared on
reboot.
Change-Id: Id7c9d7e5cc63e5e6f56451ceaca04eeddb254f7d
Signed-off-by: Keith Short <keithshort@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1394692
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
| -rw-r--r-- | board/cr50/closed_source_set1.c | 17 | ||||
| -rw-r--r-- | board/cr50/closed_source_set1.h | 6 | ||||
| -rw-r--r-- | board/cr50/tpm2/tpm_mode.c | 5 |
3 files changed, 25 insertions, 3 deletions
diff --git a/board/cr50/closed_source_set1.c b/board/cr50/closed_source_set1.c index 8c0a7f2829..058573fb46 100644 --- a/board/cr50/closed_source_set1.c +++ b/board/cr50/closed_source_set1.c @@ -54,15 +54,12 @@ void closed_source_set1_configure_gpios(void) * here. */ - /* Enable falling edge interrupt on I2C_SDA_SCL/EXIT_FACTORY_MODE */ - /* * TODO (keithshort): closed source EC documentation defines * EXIT_FACTORY_MODE as an output from the EC that is driven low * to indicate that factory mode must be terminated. However, the * EC firmware has not yet (and may never) add this capability. */ -// gpio_set_flags(GPIO_EXIT_FACTORY_MODE, GPIO_INPUT | GPIO_INT_F_FALLING); closed_source_set1_update_factory_mode(); } @@ -120,6 +117,20 @@ void closed_source_set1_update_factory_mode(void) closed_source_set1_update_ec_trust_level(EC_TL_COREBOOT); } +void close_source_set1_disable_tpm(void) +{ + /* + * Once the TPM mode is disabled from the AP, set the EC trust level + * to permit running diagnostics. Diagnostic mode may be entered from + * any of the EC trust level states, so no additional checks are needed. + * + * This state is only cleared by a reboot of the Cr50 and then the + * trust level reverts back to either EC_TL_FACTORY_MODE or + * EC_TL_COREBOOT. + */ + closed_source_set1_update_ec_trust_level(EC_TL_DIAGNOSTIC_MODE); +} + #ifdef CR50_DEV /* Debug command to manually set the EC trust level */ diff --git a/board/cr50/closed_source_set1.h b/board/cr50/closed_source_set1.h index 44f7e39be0..0970726f45 100644 --- a/board/cr50/closed_source_set1.h +++ b/board/cr50/closed_source_set1.h @@ -21,5 +21,11 @@ void closed_source_set1_configure_gpios(void); */ void closed_source_set1_update_factory_mode(void); +/** + * In response to a TPM_MODE disable, drive the GPIOs specific to + * BOARD_CLOSED_SOURCE_SET1 to match the diagnostic state setting. + */ +void close_source_set1_disable_tpm(void); + #endif /* ! __EC_BOARD_CR50_CLOSED_SOURCE_SET1_H */ diff --git a/board/cr50/tpm2/tpm_mode.c b/board/cr50/tpm2/tpm_mode.c index 404000d60a..9978f7f724 100644 --- a/board/cr50/tpm2/tpm_mode.c +++ b/board/cr50/tpm2/tpm_mode.c @@ -6,6 +6,8 @@ #include "config.h" #include "Global.h" +#include "board.h" +#include "closed_source_set1.h" #include "console.h" #include "dcrypto.h" #include "extension.h" @@ -24,6 +26,9 @@ static void disable_tpm(void) tpm_stop(); DCRYPTO_ladder_revoke(); nvmem_clear_cache(); + + if (board_uses_closed_source_set1()) + close_source_set1_disable_tpm(); } DECLARE_DEFERRED(disable_tpm); |