diff options
author | Vadim Bendebury <vbendeb@chromium.org> | 2018-05-10 21:41:33 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2018-05-16 12:41:38 -0700 |
commit | 607865dca4965720feec5cb0d3a9148e4ab69b29 (patch) | |
tree | 104d44d8b4cd189acc71141ee5e54a5471c7bcbf /chip/g | |
parent | d9354c9cd980ce2d57b8b4ccdad921054579ae99 (diff) | |
download | chrome-ec-607865dca4965720feec5cb0d3a9148e4ab69b29.tar.gz |
cr50: in dev mode allow unverified certificates
When running signed with dev keys and the fallback certificate is not
available, proceed installing unverified root certificate. This at
least allows to keep basic TPM functions like storing objects in NVMEM
to keep going. Added a new return value to indicate this condition.
BRANCH=cr50, cr50-mp
BUG=none
TEST=verified that it is possible to switch chromebook between prod
and dev modes when running with a dev signed Cr50.
Change-Id: I5b16d0bcbcfb25368f65075e1d2d485a69cb729f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1054990
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Diffstat (limited to 'chip/g')
-rw-r--r-- | chip/g/signed_header.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/chip/g/signed_header.h b/chip/g/signed_header.h index 5f274f3a0b..26a85aebf3 100644 --- a/chip/g/signed_header.h +++ b/chip/g/signed_header.h @@ -67,4 +67,15 @@ BUILD_ASSERT(sizeof(struct SignedHeader) == 1024); BUILD_ASSERT(offsetof(struct SignedHeader, info_chk_) == 1020); #define TOP_IMAGE_SIZE_BIT (1 << \ (sizeof(((struct SignedHeader *)0)->image_size) * 8 - 1)) + +/* + * It is a mere convention, but all prod keys are required to have key IDs + * such, that bit D2 is set, and all dev keys are required to have key IDs + * such, that bit D2 is not set. + * + * This convention is enforced at the key generation time. + */ +#define G_SIGNED_FOR_PROD(h) ((h)->keyid & (1 << 2)) + + #endif /* __CROS_EC_SIGNED_HEADER_H */ |