diff options
author | Vincent Palatin <vpalatin@chromium.org> | 2015-01-06 16:04:43 -0800 |
---|---|---|
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2015-01-08 00:38:17 +0000 |
commit | cca794d2fec61133f09b6e1cc6816392f11e15cb (patch) | |
tree | 06cff81c910ae796f2859b9d78f3b656ae1d846a | |
parent | dc1362ca82e72ac488bb25d308c97aaf733274fc (diff) | |
download | chrome-ec-cca794d2fec61133f09b6e1cc6816392f11e15cb.tar.gz |
pd: dingdong/hoho: Enable flash write-protection
These USB type-C accessories don't have a write-protect GPIO.
Add a configure flag (CONFIG_WP_ALWAYS) to force the flash
write-protection on the dongles.
Also set the read protection (by elevating RDP to level 1),
so trying to unprotect the flash will trigger a full erase.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=samus
BUG=chrome-os-partner:35088
TEST=boot Hoho,
check the flash OBR and WRPR registers:
"rw 0x4002201c" / "rw 0x40022020"
and the option bytes write-protect bits: "rw 0x1FFFF808"
dump the logical state with "flashinfo" command.
> rw 0x4002201c
read 0x40022020 = 0xffff0002
> rw 0x40022020
read 0x40022020 = 0xffff0000
> rw 0x1FFFF808
read 0x1ffff808 = 0xff00ff00
> flashinfo
Physical: 128 KB
Usable: 128 KB
Write: 2 B (ideal 2 B)
Erase: 2048 B (to 1-bits)
Protect: 4096 B
Flags: wp_gpio_asserted ro_at_boot ro_now
Protected now:
YYYYYYYY YYYYYYYY ........ ........
Change-Id: I45bbc0bce40ecc174b6b8a1ebacf4f53d2fd372d
Reviewed-on: https://chromium-review.googlesource.com/238893
Trybot-Ready: Vincent Palatin <vpalatin@chromium.org>
Commit-Queue: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Todd Broch <tbroch@chromium.org>
Tested-by: Todd Broch <tbroch@chromium.org>
-rw-r--r-- | board/dingdong/board.h | 9 | ||||
-rw-r--r-- | board/hoho/board.h | 9 | ||||
-rw-r--r-- | chip/stm32/flash-f.c | 8 | ||||
-rw-r--r-- | common/flash.c | 7 | ||||
-rw-r--r-- | include/config.h | 6 | ||||
-rwxr-xr-x | util/flash_ec | 5 |
6 files changed, 31 insertions, 13 deletions
diff --git a/board/dingdong/board.h b/board/dingdong/board.h index 4ac7294c73..6247ae5fcc 100644 --- a/board/dingdong/board.h +++ b/board/dingdong/board.h @@ -28,7 +28,7 @@ #define CONFIG_USB_POWER_DELIVERY #define CONFIG_USB_PD_ALT_MODE #define CONFIG_USB_PD_HW_DEV_ID_BOARD_MAJOR USB_PD_HW_DEV_ID_DINGDONG -#define CONFIG_USB_PD_HW_DEV_ID_BOARD_MINOR 1 +#define CONFIG_USB_PD_HW_DEV_ID_BOARD_MINOR 2 #define CONFIG_USB_PD_DUAL_ROLE #define CONFIG_USB_PD_CUSTOM_VDM #define CONFIG_USB_PD_FLASH @@ -44,11 +44,8 @@ #define CONFIG_USB_PID 0x5011 #define CONFIG_USB_BCD_DEV 0x0001 /* v 0.01 */ -/* - * Allow dangerous commands all the time, since we don't have a write protect - * switch. - */ -#define CONFIG_SYSTEM_UNLOCKED +/* No Write-protect GPIO, force the write-protection */ +#define CONFIG_WP_ALWAYS #ifndef __ASSEMBLER__ diff --git a/board/hoho/board.h b/board/hoho/board.h index 1b43a4fe5a..74e3951b53 100644 --- a/board/hoho/board.h +++ b/board/hoho/board.h @@ -35,7 +35,7 @@ #define CONFIG_USB_POWER_DELIVERY #define CONFIG_USB_PD_ALT_MODE #define CONFIG_USB_PD_HW_DEV_ID_BOARD_MAJOR USB_PD_HW_DEV_ID_HOHO -#define CONFIG_USB_PD_HW_DEV_ID_BOARD_MINOR 1 +#define CONFIG_USB_PD_HW_DEV_ID_BOARD_MINOR 2 #define CONFIG_USB_PD_DUAL_ROLE #define CONFIG_USB_PD_CUSTOM_VDM #define CONFIG_USB_PD_FLASH @@ -56,11 +56,8 @@ #define CONFIG_USB_PID 0x5010 #define CONFIG_USB_BCD_DEV 0x0001 /* v 0.01 */ -/* - * Allow dangerous commands all the time, since we don't have a write protect - * switch. - */ -#define CONFIG_SYSTEM_UNLOCKED +/* No Write-protect GPIO, force the write-protection */ +#define CONFIG_WP_ALWAYS #ifndef __ASSEMBLER__ diff --git a/chip/stm32/flash-f.c b/chip/stm32/flash-f.c index e457aea8ce..6f334b94a2 100644 --- a/chip/stm32/flash-f.c +++ b/chip/stm32/flash-f.c @@ -362,6 +362,14 @@ int flash_physical_protect_at_boot(enum flash_wp_range range) if (original_val[i] != val[i]) write_optb(i * 2 + 8, val[i]); +#ifdef CONFIG_WP_ALWAYS + /* + * Set a permanent protection by increasing RDP to level 1, + * trying to unprotected the flash will trigger a full erase. + */ + write_optb(0, 0x11); +#endif + return EC_SUCCESS; } diff --git a/common/flash.c b/common/flash.c index b6001751d5..3b269deb46 100644 --- a/common/flash.c +++ b/common/flash.c @@ -65,6 +65,9 @@ static void flash_read_pstate(struct persist_state *pstate) if (pstate->version != PERSIST_STATE_VERSION) { memset(pstate, 0, sizeof(*pstate)); pstate->version = PERSIST_STATE_VERSION; +#ifdef CONFIG_WP_ALWAYS + pstate->flags |= PERSIST_FLAG_PROTECT_RO; +#endif } } @@ -202,7 +205,9 @@ uint32_t flash_get_protect(void) int i; /* Read write protect GPIO */ -#ifdef CONFIG_WP_ACTIVE_HIGH +#ifdef CONFIG_WP_ALWAYS + flags |= EC_FLASH_PROTECT_GPIO_ASSERTED; +#elif defined(CONFIG_WP_ACTIVE_HIGH) if (gpio_get_level(GPIO_WP)) flags |= EC_FLASH_PROTECT_GPIO_ASSERTED; #else diff --git a/include/config.h b/include/config.h index 852ebf7e19..e1ae4750d4 100644 --- a/include/config.h +++ b/include/config.h @@ -1302,6 +1302,12 @@ */ #undef CONFIG_WP_ACTIVE_HIGH +/* + * The write protect signal is always asserted, + * independantly of the GPIO existence or current value. + */ +#undef CONFIG_WP_ALWAYS + /*****************************************************************************/ /* * Include board and core configs, since those hold the CONFIG_ constants for a diff --git a/util/flash_ec b/util/flash_ec index 3278f1d8fd..0d840a9ae4 100755 --- a/util/flash_ec +++ b/util/flash_ec @@ -353,6 +353,11 @@ function flash_stm32_dfu() { fi SIZE=$(wc -c ${IMG} | cut -d' ' -f1) + # Remove read protection + sudo $DFU_UTIL -a 0 -s ${ADDR}:${SIZE}:force:unprotect -D "${IMG}" + # Wait for mass-erase and reboot after unprotection + sleep 1 + # Actual image flashing sudo $DFU_UTIL -a 0 -s ${ADDR}:${SIZE} -D "${IMG}" } |