diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2018-12-04 13:37:06 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2018-12-06 22:06:26 -0800 |
| commit | 4dd1ecfe74fb4ec81652a9376fc2c5603400ec29 (patch) | |
| tree | 0899b34ea8da3e1361cf10c36b3150d1adfe4dba | |
| parent | a45e42da1a5c16a94d4d02531802f87061b8891c (diff) | |
| download | chrome-ec-4dd1ecfe74fb4ec81652a9376fc2c5603400ec29.tar.gz | |
cr50: clear TPM NVMEM cache when entering Alt OS
Each time TPM is disabled for booting Alt OS, NVMEM cache needs to be
wiped out, only a few NV indices need to be preserved.
We also are making sure that wipeout is possible only if key ladder is
disabled.
CQ-DEPEND=CL:1362161
BRANCH=cr50, cr50-mp
BUG=b:119221935
TEST=on a dual boot machine observed that when booting ALT OS on
reboots, key ladder is disabled, but RW AP firmware rollback
indices at address 0x1007 are still read properly. Alt OS resume
happens pretty quickly.
Change-Id: I5326937d0a36b67ac848629faeee42aadcb9e64d
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1362203
Reviewed-by: Andrey Pronin <apronin@chromium.org>
| -rw-r--r-- | board/cr50/build.mk | 1 | ||||
| -rw-r--r-- | board/cr50/tpm2/nvmem_ops.c | 18 | ||||
| -rw-r--r-- | board/cr50/tpm2/tpm_mode.c | 1 | ||||
| -rw-r--r-- | common/nvmem.c | 13 | ||||
| -rw-r--r-- | include/nvmem.h | 2 | ||||
| -rw-r--r-- | test/nvmem.c | 4 |
6 files changed, 34 insertions, 5 deletions
diff --git a/board/cr50/build.mk b/board/cr50/build.mk index 73049cab90..b65bdda1c6 100644 --- a/board/cr50/build.mk +++ b/board/cr50/build.mk @@ -49,6 +49,7 @@ board-y += tpm2/hash.o board-y += tpm2/hash_data.o board-y += tpm2/hkdf.o board-y += tpm2/manufacture.o +board-y += tpm2/nvmem_ops.o board-y += tpm2/platform.o board-y += tpm2/rsa.o board-y += tpm2/stubs.o diff --git a/board/cr50/tpm2/nvmem_ops.c b/board/cr50/tpm2/nvmem_ops.c new file mode 100644 index 0000000000..0f2e977967 --- /dev/null +++ b/board/cr50/tpm2/nvmem_ops.c @@ -0,0 +1,18 @@ +/* Copyright 2018 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +#include "Global.h" +#include "NV_fp.h" + +void nvmem_wipe_cache(void) +{ + /* + * Inclusive list of NV indices not to be wiped out when invalidating + * the cache. + */ + const uint16_t whitelist_range[] = { 0x1007, 0x100b }; + + NvSelectivelyInvalidateCache(whitelist_range); +} diff --git a/board/cr50/tpm2/tpm_mode.c b/board/cr50/tpm2/tpm_mode.c index 1ff48cc06a..404000d60a 100644 --- a/board/cr50/tpm2/tpm_mode.c +++ b/board/cr50/tpm2/tpm_mode.c @@ -20,6 +20,7 @@ static void disable_tpm(void) { + nvmem_enable_commits(); tpm_stop(); DCRYPTO_ladder_revoke(); nvmem_clear_cache(); diff --git a/common/nvmem.c b/common/nvmem.c index 1c911ccddf..de6fba47b5 100644 --- a/common/nvmem.c +++ b/common/nvmem.c @@ -611,10 +611,13 @@ int nvmem_commit(void) void nvmem_clear_cache(void) { + /* This will work only if key ladder is disabled. */ + if (DCRYPTO_ladder_is_enabled()) + return; + nvmem_lock_cache(); - /* - * TODO(b/119221935): Clear areas that should be protected within - * nvmem_cache. - */ - nvmem_release_cache(); + + nvmem_wipe_cache(); + + nvmem_save(); } diff --git a/include/nvmem.h b/include/nvmem.h index c705bc4b1c..87eb0fa7c5 100644 --- a/include/nvmem.h +++ b/include/nvmem.h @@ -214,4 +214,6 @@ void nvmem_clear_cache(void); } #endif +void nvmem_wipe_cache(void); + #endif /* __CROS_EC_NVMEM_UTILS_H */ diff --git a/test/nvmem.c b/test/nvmem.c index 8ce978d750..99b2d554e9 100644 --- a/test/nvmem.c +++ b/test/nvmem.c @@ -696,6 +696,10 @@ static void run_test_setup(void) test_reset(); } +void nvmem_wipe_cache(void) +{ +} + int DCRYPTO_ladder_is_enabled(void) { return 1; |