diff options
author | Vadim Bendebury <vbendeb@chromium.org> | 2020-05-27 10:26:27 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-06-05 04:29:38 +0000 |
commit | dd15f8676d55ef1c78f78016ce6c6175d3806174 (patch) | |
tree | c7e39fca212acee742f8dd668953d4c6446ad471 /include/system.h | |
parent | 398315c41f2111135f2510e88d55ad3dbe83b5d6 (diff) | |
download | chrome-ec-dd15f8676d55ef1c78f78016ce6c6175d3806174.tar.gz |
ap_ro: add handling of the corrupted hash
This patch closes the AP RO verification loop on the Cr50 side.
If the check is triggered, the valid AP hash is found, and the RO
contents is found to not match the hash, the Cr50 will
- assert the EC reset;
- set a flag to prevent the code from deasserting EC reset;
- start a periodic hook to reassert EC reset in case the user hits
power+refresh.
This will prevent the Chrome OS device from booting.
A new CLI command is being added to display the verification state. In
developer images the new command would allow to clear the failure
state, when running prod images the only way out of the failure state
would be the powercycle.
BUG=b:153764696
TEST=verified that erasing or programming AP RO hash when board ID is
set is impossible.
Verified proper shutdown in case AP RO has is present and the AP
RO space is corrupted and recovery using the new cli command when
running a dev image.
Verified that 'ecrst off' properly reports the override.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I1029114126a9a79f80385af7bc8d5467738e04ca
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2218676
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Diffstat (limited to 'include/system.h')
-rw-r--r-- | include/system.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/system.h b/include/system.h index 1df48cf28e..4862ad2dc0 100644 --- a/include/system.h +++ b/include/system.h @@ -425,7 +425,8 @@ enum { SLEEP_MASK_USB_PD = BIT(5), /* USB PD device connected */ SLEEP_MASK_SPI = BIT(6), /* SPI communications ongoing */ SLEEP_MASK_I2C_SLAVE = BIT(7), /* I2C slave communication ongoing */ - SLEEP_MASK_FAN = BIT(8), /* Fan control loop ongoing */ + SLEEP_MASK_AP_RO_VERIFICATION + = BIT(8), /* AP RO verification failure. */ SLEEP_MASK_USB_DEVICE = BIT(9), /* Generic USB device in use */ SLEEP_MASK_PWM = BIT(10), /* PWM output is enabled */ SLEEP_MASK_PHYSICAL_PRESENCE = BIT(11), /* Physical presence |