diff options
author | Scott Collyer <scollyer@google.com> | 2021-02-16 03:24:40 -0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-03-09 01:24:47 +0000 |
commit | 404e012c6cfad0ff06bbd4810eaff26a2bcc5c7f (patch) | |
tree | 69d0c8c0e57fed77fa28ec54d28cfe2d5fd4328f /board | |
parent | 3063fe12c711a60e10000f99c61387d3e08558a5 (diff) | |
download | chrome-ec-404e012c6cfad0ff06bbd4810eaff26a2bcc5c7f.tar.gz |
honeybuns: Add RWSIG and RO/RW split
Honeybuns does not have an AP and therefore it needs to verify its own
RW signature in RO. This functionality is enabled with RWSIG config
option and task. This CL adds support to both enable RWSIG and make
the RO and RW images asymmetric.
Note that RO only needs to enable USB-EP support for fwupd support and
support RW signature verification. Therefore, RO is limited to support
these key features.
BUG=b:167462264
BRANCH=None
TEST=verifed on both quiche and gingerbread that will boot into RO and
following RW signature verification, jump to the RW image.
Signed-off-by: Scott Collyer <scollyer@google.com>
Change-Id: I1cdf0965e06881ebb48205a517d308641e6cdb49
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2699452
Tested-by: Scott Collyer <scollyer@chromium.org>
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
Commit-Queue: Scott Collyer <scollyer@chromium.org>
Diffstat (limited to 'board')
-rw-r--r-- | board/gingerbread/board.c | 23 | ||||
-rw-r--r-- | board/gingerbread/dev_key.pem | 39 | ||||
-rw-r--r-- | board/gingerbread/ec.tasklist | 3 | ||||
-rw-r--r-- | board/gingerbread/gpio.inc | 3 | ||||
-rw-r--r-- | board/quiche/board.c | 24 | ||||
-rw-r--r-- | board/quiche/dev_key.pem | 39 | ||||
-rw-r--r-- | board/quiche/ec.tasklist | 5 | ||||
-rw-r--r-- | board/quiche/gpio.inc | 2 |
8 files changed, 122 insertions, 16 deletions
diff --git a/board/gingerbread/board.c b/board/gingerbread/board.c index 2832f30528..4ae2f70e7f 100644 --- a/board/gingerbread/board.c +++ b/board/gingerbread/board.c @@ -23,6 +23,13 @@ #define CPRINTS(format, args...) cprints(CC_SYSTEM, format, ## args) #define CPRINTF(format, args...) cprintf(CC_SYSTEM, format, ## args) +#ifdef SECTION_IS_RW +#define CROS_EC_SECTION "RW" +#else +#define CROS_EC_SECTION "RO" +#endif + +#ifdef SECTION_IS_RW static void ppc_interrupt(enum gpio_signal signal) { switch (signal) { @@ -35,6 +42,8 @@ static void ppc_interrupt(enum gpio_signal signal) } } +#endif /* SECTION_IS_RW */ + #include "gpio_list.h" /* Must come after other header files. */ /* @@ -70,7 +79,7 @@ const struct power_seq board_power_seq[] = { const size_t board_power_seq_count = ARRAY_SIZE(board_power_seq); - +#ifdef SECTION_IS_RW const struct tcpc_config_t tcpc_config[CONFIG_USB_PD_PORT_MAX_COUNT] = { { .bus_type = EC_BUS_TYPE_EMBEDDED, @@ -104,11 +113,6 @@ void board_tcpc_init(void) } DECLARE_HOOK(HOOK_INIT, board_tcpc_init, HOOK_PRIO_INIT_I2C + 1); -static void board_init(void) -{ - /* TODO */ -} -DECLARE_HOOK(HOOK_INIT, board_init, HOOK_PRIO_DEFAULT); int ppc_get_alert_status(int port) { @@ -122,3 +126,10 @@ void board_overcurrent_event(int port, int is_overcurrented) { /* TODO: b/ - check correct operation for honeybuns */ } +#endif /* SECTION_IS_RW */ + +static void board_init(void) +{ + /* TODO */ +} +DECLARE_HOOK(HOOK_INIT, board_init, HOOK_PRIO_DEFAULT); diff --git a/board/gingerbread/dev_key.pem b/board/gingerbread/dev_key.pem new file mode 100644 index 0000000000..7b1df5d805 --- /dev/null +++ b/board/gingerbread/dev_key.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEA2hyGIDxIS/jWNh3Nhg7V4/5Ce8KT4CIb1XaLd0mR2gWCkYdZ +iRWSjAjMsMCLSLM0gUDnFU5xJgbUdg1GeafXdPlRQojG2ztZ/z+JBNgQvsWtdJhR +m9dMm1cbq3rajU5NoVu1hiLIWpayYo91w1qMnf3LRFAgrVDvEUt8elCpTB60uZiS +QL3PSCJhZiGyK2QGix+vNKxri+GnM+SxXggi3IrLMI2gqpCTiTZl4t8Ecnsn4QMC +OvgRzDj2TnYJhhAdFeg7SuQ9TKCXAyw0LAR9AcuQ8tbf3ox04umLdbAj518ScXZB +ef2xrnXIBkXcA5UXZ2J6+YP7tvm6XCEnwdhEq5gi65Mjc1i8vihzABXbXrKhFdKt +ACLdQ8V6eM2nTK4NwNIeHdF0KRBvln5APxapNfjQh9Fz67ytvxt7TaBQWOheWB1V +8NL7AzfcEPUH5blCjdWNfLcUXNqZa6+Jxk5Zug5dPazo1y1R5XoLFKpZ76c33fPr +ngV8jwkTNaXVU84jAgEDAoIBgQCRaFlq0trdUI7OvokECePtVCxSgbfqwWfjpFz6 +MQvmrlcLr5EGDmGysIh11bIwd3hWK0S43vYZWeL5Xi77xTpN+4uBsISSJ5FU1QYD +OrXUg8j4ZYu9OjMSOhJyUecI3t5rknkEFzA8ZHbsX6PXkbMT/oeC4BXI4J9g3P2m +4HDdac3REGGAfoowFuuZa8wc7VmyFR94cvJdQRoimHY+sBc9sdzLCRXHCw0GJEPs +lK2hp2/rV1bR+raIJfmJpAZZYBIn4W8yHD2LX6/ofgnTIxw9jAL1eheBviKwpYw8 +QOr46FlX3SZs8cupHbCf+DiPbcwZce3viPPMXSF+XW4wmiXgQeJnAh7sStcu4WjF +TWxppqto6mr/5D5uI+NWjm13puJVL6OsPkJrhEZ1gSW6u3pPxAotkj4sppIg2qUJ +pmxohz4D8gChOyedxtg1DRBqMY9VDnfRN5DMuPiF9t77KkOuHfZI3tUwWIeZeRKV +tJEldJjnTBZfqZirjznlIBq1oasCgcEA/9RLDoX70KACdkki4o8MOrqHvmU3fgtZ +MWIxrbjFoR9JhjFIZm41Ak8/sMhbs0dOskS4FmNaeKgkhsalZR997HvZXDxAsB7X +tWkYcqKI1XaB48rIB5g5rxFmnxh/vVrchlUh80YQS/jvetD+fmjzXHeyrC2OCAgR +2cfrl0ZwbXDbvoWoUcAl9C8YuUWUYurJsyqnwNLg6uiGB5anjBITNVGOXYD8hdcv +2RoOOSnuGwTHRtytphO1WJiUqn9yOV5jAoHBANpByXEz5SrxDLAmAozAxmq/BMQ6 +hR3j56iPB22V/dDjQud5P3Akyy55/2WJK3kpFo7y3fvTM4vF45fOXRPRje65dfTT +tGDJokJtPWV/L+rCHhSoRHi0Re9+Ptffg1vY3bq1hqguADvRFmtriSiUfmHbDpdI +iKC6wLQLmCfgPU6spZOsrK06GaJefwgb2uOEIdsVMgIQ2j7cnpsmk8F84P+P3XLd +rIjRVqYqYPrxkhxzizwlHGhzYjUZp7N2Own9QQKBwQCqjYdfA/01wAGkMMHsX118 +fFp+7iT+sjt2QXZz0IPAv4ZZdjBESXisNNUghZJ3hN8hgyVkQjxQcBhZ2cOYv6lI +UpDoKCsgFI/ORhBMbFs4+avtMdqvutEfYO8Uuv/TkehZjhaiLrWH+0pR4Kmpm0zo +T8xyyQlasAvmhUe6LvWeSz0prnA2gBlNdLsmLmLsnIZ3ccUrN0CcmwQFDxpdYWIj +i7Q+Vf2uj3U7ZrQmG/QSAy+Ekx5ut847EGMcVPbQ6ZcCgcEAkYEw9iKYx0tdysQB +sysu8dSt2CcDaUKacF9aSQ6pNezXRPt/oBiHdFFU7ltyUMYPCfc+p+IiXS6XuomT +Youz9Huj+I0i6zEW1vN+Q6of8da+uHAtpc2D9P7Uj+pXkpCT0c5ZxXQAJ+C5nPJb +cGL+6+dfD4WwaycrIrJlb+rTichuYnMdyNFmbD7/Wr08l61r52N2rAs8KehpvMRi +gP3rVQqToekdsIuPGXGV/KEMEveyKBi9mveWzhEad6QnW/4rAoHBAM1TgJVVYCKl +tmUf8XcC8+bNQ+dlqPdBQa3cAPFlQdRZUzDIYU+ZHa66GWUWb2uuD2hFCDDEpC1l +Ke34tNROiruDfj9lfD6UmJv8vw/wPG3m52Qb5iWdA+B1512MK8p7KZg9YQJot/Yj +B2rNxv1O+IjWPxxtUEVsFpx/XGoEemc85iS+icjNXvtOwyEGdNliRFiQtVkh2mtX +7uKbkUAL2HKzxfnJ/LbWZwDlW45x/qDQtncp93sTcM3k8FVE+MtLbw== +-----END RSA PRIVATE KEY----- diff --git a/board/gingerbread/ec.tasklist b/board/gingerbread/ec.tasklist index 9b3c3aa0a3..1f79cd8fbd 100644 --- a/board/gingerbread/ec.tasklist +++ b/board/gingerbread/ec.tasklist @@ -8,6 +8,7 @@ */ #define CONFIG_TASK_LIST \ + TASK_ALWAYS_RO(RWSIG, rwsig_task, NULL, 1280) \ TASK_ALWAYS(HOOKS, hook_task, NULL, LARGER_TASK_STACK_SIZE) \ TASK_ALWAYS(CONSOLE, console_task, NULL, VENTI_TASK_STACK_SIZE) \ - TASK_ALWAYS(UCPD, ucpd_task, 0, LARGER_TASK_STACK_SIZE) + TASK_ALWAYS_RW(UCPD, ucpd_task, 0, LARGER_TASK_STACK_SIZE) diff --git a/board/gingerbread/gpio.inc b/board/gingerbread/gpio.inc index 77a3e52ced..9c590d7615 100644 --- a/board/gingerbread/gpio.inc +++ b/board/gingerbread/gpio.inc @@ -7,8 +7,9 @@ /* Declare symbolic names for all the GPIOs that we care about. * Note: Those with interrupt handlers must be declared first. */ - +#ifdef SECTION_IS_RW GPIO_INT(HOST_USBC_PPC_INT_ODL, PIN(B, 0), GPIO_INT_FALLING, ppc_interrupt) +#endif /* Power sequencing interrupts */ GPIO(PWR_BTN, PIN(A, 0), GPIO_INPUT) diff --git a/board/quiche/board.c b/board/quiche/board.c index afcd9b1443..f569611c55 100644 --- a/board/quiche/board.c +++ b/board/quiche/board.c @@ -23,6 +23,13 @@ #define CPRINTS(format, args...) cprints(CC_SYSTEM, format, ## args) #define CPRINTF(format, args...) cprintf(CC_SYSTEM, format, ## args) +#ifdef SECTION_IS_RW +#define CROS_EC_SECTION "RW" +#else +#define CROS_EC_SECTION "RO" +#endif + +#ifdef SECTION_IS_RW static void ppc_interrupt(enum gpio_signal signal) { switch (signal) { @@ -34,6 +41,7 @@ static void ppc_interrupt(enum gpio_signal signal) break; } } +#endif /* SECTION_IS_RW */ #include "gpio_list.h" /* Must come after other header files. */ @@ -69,6 +77,7 @@ const struct power_seq board_power_seq[] = { const size_t board_power_seq_count = ARRAY_SIZE(board_power_seq); +#ifdef SECTION_IS_RW /* TCPCs */ const struct tcpc_config_t tcpc_config[CONFIG_USB_PD_PORT_MAX_COUNT] = { { @@ -116,12 +125,6 @@ static void board_select_drp_mode(void) } DECLARE_DEFERRED(board_select_drp_mode); -static void board_init(void) -{ - hook_call_deferred(&board_select_drp_mode_data, 50 * MSEC); -} -DECLARE_HOOK(HOOK_INIT, board_init, HOOK_PRIO_DEFAULT); - int ppc_get_alert_status(int port) { if (port == USB_PD_PORT_HOST) @@ -134,3 +137,12 @@ void board_overcurrent_event(int port, int is_overcurrented) { /* TODO(b/174825406): check correct operation for honeybuns */ } +#endif /* SECTION_IS_RW */ + +static void board_init(void) +{ +#ifdef SECTION_IS_RW + hook_call_deferred(&board_select_drp_mode_data, 50 * MSEC); +#endif +} +DECLARE_HOOK(HOOK_INIT, board_init, HOOK_PRIO_DEFAULT); diff --git a/board/quiche/dev_key.pem b/board/quiche/dev_key.pem new file mode 100644 index 0000000000..4897ceb44e --- /dev/null +++ b/board/quiche/dev_key.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG4wIBAAKCAYEAyiT9PsD2wW3mhfuxMtihnLDKC+PY9l6j+j405G5Wd3BBtLLl +2uEoSD8cFQfnVTeFH7wggVf+SMAP3Y2aTnXIfdTX3N0skAdq/kYNUlQAK0xsa3Z7 +bRZ8puvzu+XNqsSS/tvsdYbNE5WC5sXtt7Wkm3mKn7PAti7oQrKbW1beFD0FgdAq +JoweIdpkuOwDYtFBcF92LWWGziDcEXlc2v5Xj3qvixMLnhy+Ny1Byr2ApVaYZ56H +JfjHKxbirNj4IrgmhdzfBIKxDf4mGibG0K1aC1io+SixtRV1cS6JRB0D+GS4QIcq +y9bCMkBeVQLHhSo1UYZqbB7Qef0blQ2sxsXklo8Q5EIQOd6yiXiTelApOWDn3zTi +uTkUo+99SPDLw/S3sR3uESxt+OYO2Yt6BWe2JSYBhHWB0Xc0PGItq7DUpm2cEWke +vS91I/lBfqhOxQOvnEx5NM97/RBQMa3jJ5Jv/72X5oU6OcGmaliBJy3Tv0CSiI06 +qgRgWxMym/XA0ui/AgEDAoIBgQCGw1N/K08rnpmup8t3OxZoddwH7TtO6cKm1CNC +9Dmk9YEjIe6R63AwKhK4r++OJQNqfWsA5VQwgAqTs7w0ToWpOI/ok3MKr5yphAjh +jVVyMvLyTvzzZFMZ8qJ9Q95x2GH/PUhOWd4NDldEg/PPzm28+7G/zSskH0WBzGeS +Oeli01kBNXFvCBQWkZh7SAJB4NZK6k7I7lnewJK2UOiR/uUKUcpct10UEyl6Hivc +flXDjxBFFFoZUITHZJcd5frB0Bh+EiqJ3CnkSIjD4sTnZs/TP8CKhmYriabfBHdH +j6ffcr5y8VhqDJK/ISSmWQO1c/rSziJLhx/ZrWvWp1FAbRg+kdh+RmV8hYIdEOq8 +PYOiERihd+eHVhtzsc74+cRGxPbaFJ2rpuJt+xk1Zp7IfGyyPWDmvXFKZgX+vo2s +vJL6q9pPR57uUHL0xsxDrMH3HFxkl1ta5PsiBGXs+zG0EUzNKGtoRTCi176xUWyo +NG+eWiL9ddeZVBzWeKfJGfwQ53sCgcEA+JE2E5kjvVCasSqERfDfIkSeOKoqWdZ2 +sAvTHibq6+vMBkRubNA0glHcUrMEBblDg3ds2z1A9YvwjwEUq9UFpVH3qfX9vaTX +lLYFRZjcA3PkCJvFAt5eIlVXp+vgaEo6OcodLjDiqkYKzbMC13k5uM1wsEEwo2vI +38vhHQlH1PHVTd8pt2Y7mOpDgxOOJLrvwuew7Lj9QSBRZ0EJxqv+1QA4EQ1cPr1H +hGqggtL0ChLRV7KBHiLz9ggS5vHTEkFNAoHBANAwaSIfTnpAvkMoGy+iQyw0afC0 +7hnwhHKcAzqenT1Mzo3Yt7/zsZE8ywjKPe9C+ZHZyh+W373tCUQRnjpNOpNiVHzi +ekFxl8kpLhpbB8LTXuRlQmtZjVQPbyuORPGDCzA05GGBN6mnXju+iQEz2WD8f3oY +Jz5yYl54eAuMsFl5/0yehqBQjRvky5YRna2eNUKBvz+/BgjpZeb0DtLMffcAvrkQ +FQbAwNvzvagMOEemjLSp9iXjQSNWJAdc86dMOwKBwQCltiQNEMJ+Nbx2HFguoJTB +gxQlxsbmjvnKsoy+xJydR91ZgvRIis2sNpLhzK1ZJi0CT53nfitOXUsKALhyjgPD +i/pxTqkpGI+4eVjZEJKs9+1bEoNXPulsOOUanUBFhtF73BN0IJccLrHed1c6UNEl +3ksgK3XCR9s/3UC+Bi/jS+OJP3Ek7tJl8YJXYl7DJ0qB78tIe1OAwDZE1gaEcqnj +VXq2COgp04UC8cBXN01cDIuPzFYUF01OsAyZ9oy21jMCgcEAisrwwWo0UYB+13AS +H8GCHXhGoHieu/Wtob1XfGm+KN3fCTslKqJ2YNMyBdwpSiymYTvcFQ8/0/NbgrZp +fDN8YkGNqJb8K6EP23DJZudageI/Qu4sR5EI4rT0x7Qt9ldcys3tllYlG8TpfSmw +q3fmQKhU/BAaKaGW6aWlXQh1kPv/iGmvFYsIvUMyZAu+c77OLFZ/f9SusJuZRKK0 +jIhT+gB/Jgq4rysrPU0pGrLQL8RdzcakGUIrbOQYBOiib4gnAoHAVrvbmZGxyeeA +oDE2QlXXmd1higPaQe3u+7vmh6itVpJ71n9wmu9xei7IiTOtGDYjHLXa8Qg0y37/ +FVCUiFxhOz05hpnB1ts70tuIWUJbWttMnhZPTpKa1dzZFB6qrlk2o/ONaSfNzpOZ +FgKxBURFVzNMTlIh7QOZGoOeRg5BkFG5z21g8egYQ/1cY61BhaxJTz93HGKb0jYn +QnC0WfVF9amWNGwocKATkwjoSVC7rQRsB2FMbY/WCqgE92lXsU9W +-----END RSA PRIVATE KEY----- diff --git a/board/quiche/ec.tasklist b/board/quiche/ec.tasklist index 0e18704a4c..f884f8df16 100644 --- a/board/quiche/ec.tasklist +++ b/board/quiche/ec.tasklist @@ -8,7 +8,8 @@ */ #define CONFIG_TASK_LIST \ + TASK_ALWAYS_RO(RWSIG, rwsig_task, NULL, 1280) \ TASK_ALWAYS(HOOKS, hook_task, NULL, LARGER_TASK_STACK_SIZE) \ TASK_ALWAYS(CONSOLE, console_task, NULL, VENTI_TASK_STACK_SIZE) \ - TASK_ALWAYS(PD_C0, pd_task, NULL, VENTI_TASK_STACK_SIZE) \ - TASK_ALWAYS(UCPD, ucpd_task, 0, LARGER_TASK_STACK_SIZE) + TASK_ALWAYS_RW(PD_C0, pd_task, NULL, VENTI_TASK_STACK_SIZE) \ + TASK_ALWAYS_RW(UCPD, ucpd_task, 0, LARGER_TASK_STACK_SIZE) diff --git a/board/quiche/gpio.inc b/board/quiche/gpio.inc index 1b90bf9e1e..eb32f55bb0 100644 --- a/board/quiche/gpio.inc +++ b/board/quiche/gpio.inc @@ -8,7 +8,9 @@ /* Declare symbolic names for all the GPIOs that we care about. * Note: Those with interrupt handlers must be declared first. */ +#ifdef SECTION_IS_RW GPIO_INT(HOST_USBC_PPC_INT_ODL, PIN(D, 9), GPIO_INT_FALLING | GPIO_PULL_UP, ppc_interrupt) +#endif /* Power sequencing signals */ GPIO(PWR_BTN, PIN(A, 0), GPIO_INPUT) |