diff options
author | Randall Spangler <rspangler@chromium.org> | 2017-07-11 16:30:27 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-07-20 15:00:40 -0700 |
commit | 4809c70bbea8743cc7c1d382d7510ed937dce914 (patch) | |
tree | d4e36de78e911f9a6bbbef6ad6abf31c8717b0f9 /board/cr50/board.c | |
parent | 2ef78186c980120560123b149d7092a51edbeb98 (diff) | |
download | chrome-ec-4809c70bbea8743cc7c1d382d7510ed937dce914.tar.gz |
cr50: Add case closed debugging V1 configuration
This adds the CCD configuration module, and the console commands to
control it. It is not wired up to any of the CCD capabilities; that's
coming in the next CL.
Briefly:
* CCD configuration is persistently stored in nvmem_vars. Use ccdinfo to
print it.
* CCD can be Locked, Unlocked (some capabilities), or Opened
(all capabilities), using the ccdlock / ccdunlock / ccdopen commands.
* CCD config can be restricted by setting a password via ccdpass.
* Individual config capabilities can be set via ccdset. Some of those will
be used to gate access to things like write protect and UARTs. Others
affect the requirements for ccdunlock / ccdopen (for example, is physical
presenc required).
* The entire config can be reset via ccdreset. If only unlocked, config
that is restricted to Opened is not reset.
* If CR50_DEV=1, ccdoops will force-reset and open the config.
See go/cr50-ccd-wp for more information.
BUG=b:62537474
BRANCH=none
TEST=manual with CR50_DEV=1 build
gpioget # make sure GPIO_BATT_PRES_L=0
ccdlock # lock, because CR50_DEV=1 builds start unlocked
ccdinfo # locked, flags=0, all capabilities default
ccdpass # access denied (we're locked)
ccdreset # access denied
ccdset flashap always # access denied
ccdunlock
ccdinfo # unlocked
ccdpass foo
ccdinfo # flags=2 (password set when unlocked)
ccdset flashap always # access denied
ccdset uartectx unlesslocked
ccdinfo # yes, uartectx permission changed
ccdlock
ccdunlock # fails without password
ccdunlock bar # wrong password
ccdunlock foo # busy
(wait 3 sec)
ccdunlock foo
ccdreset
ccdinfo # no password, flags 0, capabilities all default
ccdopen # requires physical presence; tap power or use 'pp'
ccdset uartectx unlesslocked
ccdset batterybypasspp ifopened
ccdpass baz
ccdinfo # password set, flag 0, ccdset changes worked
ccdunlock
ccdreset
ccdinfo # uartectx back to ifopened, password still set
ccdopen baz # still requires physical presence
ccdset opennolongpp always
ccdlock
ccdopen baz # no pp required
ccdset unlocknoshortpp unlesslocked
ccdlock
ccdopen baz # short pp sequence required (3 taps)
ccdlock
ccdunlock baz # short pp sequence required
ccdopen baz # pp not required
ccdset unlocknoshortpp always
ccdlock
testlab open # access denied
testlab enable # access denied
ccdunlock baz
testlab open # access denied
testlab enable # access denied
ccdopen baz
testlab enable # requires short pp
ccdinfo # flags 1
ccdreset
ccdinfo # no password, flags=1, caps all default
ccdlock
testlab open
ccdinfo # opened
testlab disable # requires short pp; let it time out
ccdinfo # still opened, flags=1
ccdlock
ccdoops # backdoor in CR50_DEV images to force-reset CCD
ccdinfo # opened, flags=0, all defaults (yes, oops wipes out testlab)
ccdreset rma
ccdinfo # flags = 0x400000, everything but Cr50FullConsole always
ccdreset # back to flags=0, all default
Change-Id: I24e8d8f361874671e6e94f27492ae00db919bea9
Reviewed-on: https://chromium-review.googlesource.com/569439
Commit-Ready: Randall Spangler <rspangler@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Diffstat (limited to 'board/cr50/board.c')
-rw-r--r-- | board/cr50/board.c | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/board/cr50/board.c b/board/cr50/board.c index 5e989ac875..f3e3f59dcf 100644 --- a/board/cr50/board.c +++ b/board/cr50/board.c @@ -3,6 +3,7 @@ * found in the LICENSE file. */ #include "board_id.h" +#include "case_closed_debug.h" #include "clock.h" #include "common.h" #include "console.h" @@ -633,6 +634,8 @@ static void board_init(void) nvmem_init(); /* Initialize the persistent storage. */ initvars(); + /* Load case-closed debugging config */ + ccd_config_init(); system_update_rollback_mask_with_both_imgs(); @@ -640,7 +643,7 @@ static void board_init(void) GREG32(PMU, PWRDN_SCRATCH16) = 0xCAFECAFE; /* - * Call the function twice to make it hardde to glitch execution into + * Call the function twice to make it harder to glitch execution into * passing the check when not supposed to. */ check_board_id_mismatch(); @@ -802,6 +805,16 @@ int is_sys_rst_asserted(void) && (gpio_get_level(GPIO_SYS_RST_L_OUT) == 0); } +/** + * Reboot the AP + */ +void board_reboot_ap(void) +{ + assert_sys_rst(); + msleep(20); + deassert_sys_rst(); +} + void assert_ec_rst(void) { GWRITE(RBOX, ASSERT_EC_RST, 1); @@ -1395,6 +1408,26 @@ void i2cs_set_pinmux(void) GWRITE_FIELD(PINMUX, EXITEN0, DIOA1, 1); /* enable powerdown exit */ } +/** + * Return non-zero if this is the first boot of a board in the factory. + * + * This is used to determine whether the default CCD configuration will be RMA + * (things are unlocked for factory) or normal (things locked down because not + * in factory). + * + * Suggested checks: + * - If the board ID exists, this is not the first boot + * - If the TPM is not blank, this is not the first boot + */ +int board_is_first_factory_boot(void) +{ + /* + * TODO(rspangler): Add checks for factory boot. For now, always + * return 0 so we're safely locked by default. + */ + return 0; +} + /* Determine key type based on the key ID. */ static const char *key_type(uint32_t key_id) { |