Cr50: Clear NVMEM before unlocking the console

The Cr50 console provides access to all sorts of dangerous
commands. To protect user secrets, we must erase the persistent
storage before unlocking the console.

Note that this will not powerwash the AP, leaving you with the
impression that you've just forgotten your password. You'll have
to manually powerwash (Ctrl+Alt+Shift+R) afterwards. That will be
addressed in a future CL.

BUG=chrome-os-partner:55728
BRANCH=none
TEST=make buildall, test on Gru

Lock the console if it's not already ("lock enable"), then unlock
it with "lock disable". Confirm that the NVMEM region is erased
following a successful unlock process.

Change-Id: Iebcd69c9f757f5ab5d496218f065197d3f1f746c
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/382666
Reviewed-by: Randall Spangler <rspangler@chromium.org>

1 files changed, 2 insertions, 3 deletions

diff --git a/common/nvmem.c b/common/nvmem.c
index b3470b9889..3696d00279 100644
--- a/common/nvmem.c
+++ b/common/nvmem.c
@@ -314,14 +314,13 @@ int nvmem_setup(uint8_t starting_version)
 	 * both corrupted
 	 */
 	for (part = 0; part < NVMEM_NUM_PARTITIONS; part++) {
-		/* Set active partition variable */
-		nvmem_act_partition = part;
 		/* Get the cache buffer */
 		if (nvmem_lock_cache() != EC_SUCCESS) {
 			CPRINTF("NvMem: Cache ram not available!\n");
 			return EC_ERROR_TIMEOUT;
 		}
-
+		/* Set active partition variable */
+		nvmem_act_partition = part;
 		/* Fill entire partition to 0xFFs */
 		memset(cache.base_ptr, 0xff, NVMEM_PARTITION_SIZE);
 		/* Get pointer to start of partition */