diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2018-09-27 19:26:30 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2018-10-04 00:37:07 -0700 |
| commit | 9ef91389ca20f0dc50c2ab0d6d231ec6feb2802b (patch) | |
| tree | 50d6a99cc44b2ad5b0846b8b99438f92b8191157 /common | |
| parent | 14a70cf973458d73fa71e14d46351769ddf131da (diff) | |
| download | chrome-ec-9ef91389ca20f0dc50c2ab0d6d231ec6feb2802b.tar.gz | |
rma: when processing 'RMA open' do not reboot the device
Once RMA open is processed and CCD state is updated, the AP still
might require to perform some operations, even if TPM is not available
any more.
With this patch enable_ccd_factory_mode() does not trigger device
reset, if invoked by the RMA open handler.
Another modification is that WP is disabled immediately when factory
mode is enabled, there is no need to reset the H1 for WP status to
change.
BRANCH=cr50, cr50-mp
BUG=b:115495431
TEST=verified that running 'gsctool -a -r <authcode>' sets to 'Y' all
CCD properties, disables write protection, but does not reboot
the device.
Change-Id: I834a9e4b5ebbe4aaaf1caafad9c82424087d01f7
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1250037
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Diffstat (limited to 'common')
| -rw-r--r-- | common/ccd_config.c | 1 | ||||
| -rw-r--r-- | common/factory_mode.c | 56 | ||||
| -rw-r--r-- | common/rma_auth.c | 2 |
3 files changed, 44 insertions, 15 deletions
diff --git a/common/ccd_config.c b/common/ccd_config.c index 28262562e7..98bcae48d2 100644 --- a/common/ccd_config.c +++ b/common/ccd_config.c @@ -454,6 +454,7 @@ int ccd_reset_config(unsigned int flags) /* Force WP disabled at boot */ raw_set_flag(CCD_FLAG_OVERRIDE_WP_AT_BOOT, 1); raw_set_flag(CCD_FLAG_OVERRIDE_WP_STATE_ENABLED, 0); + set_wp_follow_ccd_config(); } /* Restore test lab flag unless explicitly resetting it */ diff --git a/common/factory_mode.c b/common/factory_mode.c index b33a0619e5..c497a212fe 100644 --- a/common/factory_mode.c +++ b/common/factory_mode.c @@ -16,12 +16,18 @@ #define CPRINTS(format, args...) cprints(CC_CCD, format, ## args) static uint8_t ccd_hook_active; +static uint8_t reset_required_; static void ccd_config_changed(void) { if (!ccd_hook_active) return; + ccd_hook_active = 0; + + if (!reset_required_) + return; + CPRINTS("%s: saved, rebooting\n", __func__); cflush(); system_reset(SYSTEM_RESET_HARD); @@ -32,7 +38,11 @@ static void factory_enable_failed(void) { ccd_hook_active = 0; CPRINTS("factory enable failed"); - deassert_ec_rst(); + + if (reset_required_) { + reset_required_ = 0; + deassert_ec_rst(); + } } DECLARE_DEFERRED(factory_enable_failed); @@ -56,39 +66,57 @@ static void factory_enable_deferred(void) int rv; CPRINTS("%s: reset TPM\n", __func__); - - /* - * Let's make sure the rest of the system is out of the way while TPM - * is being wiped out. - */ - assert_ec_rst(); + if (reset_required_) + assert_ec_rst(); if (tpm_reset_request(1, 1) != EC_SUCCESS) { CPRINTS("%s: TPM reset failed\n", __func__); + /* + * Attempt to reset TPM failed, let's reboot the device just + * in case. + */ + if (!reset_required_) + assert_ec_rst(); deassert_ec_rst(); return; } + /* + * TPM was wiped out successfully, let's prevent further + * communications from the AP until next reboot. + */ + if (!reset_required_) + tpm_stop(); + + /* + * Need this to make sure that CCD state changes are saved in the + * NVMEM before reboot. + */ tpm_reinstate_nvmem_commits(); - CPRINTS("%s: TPM reset done, enabling factory mode\n", __func__); + CPRINTS("%s: TPM reset done, enabling factory mode", __func__); ccd_hook_active = 1; rv = ccd_reset_config(CCD_RESET_FACTORY); if (rv != EC_SUCCESS) factory_enable_failed(); - /* - * Make sure we never end up with the EC held in reset, no matter what - * prevents the proper factory reset flow from succeeding. - */ - hook_call_deferred(&factory_enable_failed_data, TPM_RESET_TIME); + if (reset_required_) { + /* + * Make sure we never end up with the EC held in reset, no + * matter what prevents the proper factory reset flow from + * succeeding. + */ + hook_call_deferred(&factory_enable_failed_data, TPM_RESET_TIME); + } } DECLARE_DEFERRED(factory_enable_deferred); -void enable_ccd_factory_mode(void) +void enable_ccd_factory_mode(int reset_required) { delay_sleep_by(DISABLE_SLEEP_TIME); + + reset_required_ = !!reset_required; hook_call_deferred(&factory_enable_deferred_data, TPM_PROCESSING_TIME); } diff --git a/common/rma_auth.c b/common/rma_auth.c index e3d5470aad..60089bef6a 100644 --- a/common/rma_auth.c +++ b/common/rma_auth.c @@ -346,7 +346,7 @@ static enum vendor_cmd_rc process_response(uint8_t *buf, if (rv == EC_SUCCESS) { CPRINTF("%s: success!\n", __func__); *response_size = 0; - enable_ccd_factory_mode(); + enable_ccd_factory_mode(0); return VENDOR_RC_SUCCESS; } |