diff options
| author | Yicheng Li <yichengli@chromium.org> | 2019-05-22 13:47:14 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2019-06-07 22:45:22 +0000 |
| commit | 8e7a7fb6cf9e7afcd1b80911c14ae76e8b9860fc (patch) | |
| tree | d7b36abb4f7c6f9e4244f8c022b6f0119e070073 /common/fpsensor/fpsensor_state.c | |
| parent | 9985215ea27b059e83870d4f7f93918ae058c2dd (diff) | |
| download | chrome-ec-8e7a7fb6cf9e7afcd1b80911c14ae76e8b9860fc.tar.gz | |
fpsensor: Add API to check FP sensor encryption status.
Add EC command for the host to query FP sensor encryption status.
Currently it's just FP TPM seed has been set or not.
Add unit test for this command. Also add ectool command for querying
encryption status.
BRANCH=nocturne
BUG=chromium:952275
TEST=ran unittests
TEST=tested enrollment, matching and multifinger on DUT nocturne.
TEST=tested querying sensor encryption status using ectool.
Change-Id: I07d1e471ead85a517105b38d1ddd793c3046ce8f
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1633272
Reviewed-by: Nicolas Norvez <norvez@chromium.org>
Diffstat (limited to 'common/fpsensor/fpsensor_state.c')
| -rw-r--r-- | common/fpsensor/fpsensor_state.c | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/common/fpsensor/fpsensor_state.c b/common/fpsensor/fpsensor_state.c index c9beeb1f82..f8016b49e9 100644 --- a/common/fpsensor/fpsensor_state.c +++ b/common/fpsensor/fpsensor_state.c @@ -36,13 +36,21 @@ uint32_t templ_dirty; uint32_t user_id[FP_CONTEXT_USERID_WORDS]; /* Part of the IKM used to derive encryption keys received from the TPM. */ uint8_t tpm_seed[FP_CONTEXT_TPM_BYTES]; -/* Flag indicating whether the seed has been initialised or not. */ -static int fp_tpm_seed_set; +/* Status of the FP encryption engine. */ +static uint32_t fp_encryption_status; uint32_t fp_events; uint32_t sensor_mode; +void fp_task_simulate(void) +{ + int timeout_us = -1; + + while (1) + task_wait_event(timeout_us); +} + void fp_clear_finger_context(int idx) { memset(fp_template[idx], 0, sizeof(fp_template[0])); @@ -81,12 +89,12 @@ static int fp_command_tpm_seed(struct host_cmd_handler_args *args) return EC_RES_INVALID_PARAM; } - if (fp_tpm_seed_set) { + if (fp_encryption_status & FP_ENC_STATUS_SEED_SET) { CPRINTS("Seed has already been set."); return EC_RES_ACCESS_DENIED; } memcpy(tpm_seed, params->seed, sizeof(tpm_seed)); - fp_tpm_seed_set = 1; + fp_encryption_status |= FP_ENC_STATUS_SEED_SET; return EC_RES_SUCCESS; } @@ -94,8 +102,21 @@ DECLARE_HOST_COMMAND(EC_CMD_FP_SEED, fp_command_tpm_seed, EC_VER_MASK(0)); int fp_tpm_seed_is_set(void) { - return fp_tpm_seed_set; + return fp_encryption_status & FP_ENC_STATUS_SEED_SET; +} + +static int fp_command_encryption_status(struct host_cmd_handler_args *args) +{ + struct ec_response_fp_encryption_status *r = args->response; + + r->valid_flags = FP_ENC_STATUS_SEED_SET; + r->status = fp_encryption_status; + args->response_size = sizeof(*r); + + return EC_RES_SUCCESS; } +DECLARE_HOST_COMMAND(EC_CMD_FP_ENC_STATUS, fp_command_encryption_status, + EC_VER_MASK(0)); static int validate_fp_mode(const uint32_t mode) { |