diff options
author | Mary Ruthven <mruthven@chromium.org> | 2021-10-18 18:27:36 -0500 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-10-21 20:22:43 +0000 |
commit | 5a705e76a4e7a3568159bd4459c562f9d6508f5b (patch) | |
tree | e20e0691c7767b97d062391ef0fec461c94bfe80 /common/tpm_registers.c | |
parent | 4eb67c6f94af3beba1adc1bd02ca49e71eef1195 (diff) | |
download | chrome-ec-5a705e76a4e7a3568159bd4459c562f9d6508f5b.tar.gz |
ap_ro_integrity_check: add a ccd capability for the ap ro check vc
Use a ccd capability to restrict the VENDOR_CC_AP_RO_VALIDATE vendor
command from the AP. The AP should not be able to trigger the AP RO
check in normal mode. Restrict the command, so it's only available when
cr50 is in factory mode or the ccd capability is available.
This doesn't restrict VENDOR_CC_AP_RO_VALIDATE when it's called from the
ALT_IF interface. The button combo uses the ALT_IF interface, so it
always needs to be available.
If the command is from usb, it's still rejected in extension.c
BUG=b:141191727
TEST=manual
trigger from usb verify extension.c rejects the command
[3364.881973 extension_route_command: ignore 58: usb]
trigger with the button combo. Verify it's allowed even when
the ccd capability is not enabled.
Lock ccd. Verify the command from the AP is rejected
Error 7 trigger ap ro validate
Open ccd. Verify the command from the AP works
Change-Id: I3f644698deed38779e5fee82156e5077290c7d4f
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3237200
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Diffstat (limited to 'common/tpm_registers.c')
0 files changed, 0 insertions, 0 deletions