diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2017-11-21 17:45:08 -0800 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2017-12-07 01:00:39 +0000 |
| commit | c41791abf3d3ea614e57f67e5b481bd3f4574e7b (patch) | |
| tree | c54ccc3d0c103675dac3a5af0a844d83bad8d331 /common | |
| parent | 1865197138bce76e6b30238aff5c299bfc5130a5 (diff) | |
| download | chrome-ec-c41791abf3d3ea614e57f67e5b481bd3f4574e7b.tar.gz | |
cr50: ccd: add vendor command to disable RMA mode
The new vendor command takes the CCD state machine through necessary
transitions leaving it in the CCD locked state.
It succeeds only if user password is not set and CCD capabilities are
right, which is guaranteed to be the case after an RMA unlock.
BRANCH=cr50
BUG=b:68213540
TEST=tested using the modified gsctool utility.
Change-Id: Ic2cce34e74b1ff476841cfa1a99f50d6a947c315
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/784352
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit baff7ae621d88929c0ab808eee54c081e44b2710)
Reviewed-on: https://chromium-review.googlesource.com/813080
Diffstat (limited to 'common')
| -rw-r--r-- | common/ccd_config.c | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/common/ccd_config.c b/common/ccd_config.c index 5adbe36282..4eba2096a3 100644 --- a/common/ccd_config.c +++ b/common/ccd_config.c @@ -1153,3 +1153,72 @@ static enum vendor_cmd_rc ccd_password(enum vendor_cmd_cc code, return VENDOR_RC_SUCCESS; } DECLARE_VENDOR_COMMAND(VENDOR_CC_CCD_PASSWORD, ccd_password); + + +static enum vendor_cmd_rc ccd_disable_rma(enum vendor_cmd_cc code, + void *buf, + size_t input_size, + size_t *response_size) +{ + int rv; + int error_line; + + do { + if (raw_has_password()) { + error_line = __LINE__; + break; + } + + /* Check if physical presence is required to unlock. */ + if (!ccd_is_cap_enabled(CCD_CAP_REMOVE_BATTERY_BYPASSES_PP) || + board_battery_is_present()) { + const uint8_t required_capabilities[] = { + CCD_CAP_OPEN_WITHOUT_TPM_WIPE, + CCD_CAP_UNLOCK_WITHOUT_AP_REBOOT, + CCD_CAP_OPEN_WITHOUT_LONG_PP, + CCD_CAP_UNLOCK_WITHOUT_SHORT_PP + }; + unsigned int i; + + for (i = 0; + i < ARRAY_SIZE(required_capabilities); + i++) { + if (!ccd_is_cap_enabled + (required_capabilities[i])) + break; + } + + if (i < ARRAY_SIZE(required_capabilities)) { + CPRINTF("Capability %d is not present\n", + required_capabilities[i]); + error_line = __LINE__; + break; + } + } + + ccd_set_state(CCD_STATE_OPENED); + + rv = command_ccd_reset(0, NULL); + if (rv != EC_SUCCESS) { + error_line = __LINE__; + break; + } + + + rv = command_ccd_lock(); + if (rv != EC_SUCCESS) { + error_line = __LINE__; + break; + } + + *response_size = 0; + return VENDOR_RC_SUCCESS; + } while (0); + + CPRINTF("%s: error in line %d\n", __func__, error_line); + + ((uint8_t *)buf)[0] = (uint8_t)rv; + *response_size = 1; + return VENDOR_RC_INTERNAL_ERROR; +} +DECLARE_VENDOR_COMMAND(VENDOR_CC_DISABLE_RMA, ccd_disable_rma); |