diff options
author | Namyoon Woo <namyoon@google.com> | 2020-03-24 16:42:58 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-03-31 04:41:00 +0000 |
commit | e9f13a75eb3d05faa05e620a2e61dadebb20233f (patch) | |
tree | 72a9a9303fb73a7d2170aac5fe78da6a5768c43e /include | |
parent | d674693d9b3f3a9ff0e3a0d00ebc35b75c4b3f43 (diff) | |
download | chrome-ec-e9f13a75eb3d05faa05e620a2e61dadebb20233f.tar.gz |
Modify ec_comm command to corrupt NVMEM copy of kernel secdata
'ec_comm corrupt' used to corrupt a copy of EC-RW hash in ec_efs.c for
test purpose. This patch makes it corrupt the copy stored in the TPM
NVMEM cache first, and then read it into the cache in ec_efs.c.
'corrupt' option is available for regular image as well onl if CCD is
opened.
'reload' option is obsolete.
BUG=b:150650877
TEST=checked the behavior in the sequence below:
0. program regular image
cr50> ec_comm corrupt
CCD is not opened
Access Denied
Usage: ec_comm [corrupt]
1. open ccd.
2. Checked the original hash code.
cr50> ec_comm
...
ec_hash_sec_data : /* original hash code, Hm. */
3. Corrupt the hash code.
cr50> ec_comm corrupt
...
ec_hash_sec_data : /* corrupted hash code, Hc. */
4. Reboot EC.
ec> reboot ap-off
5. Check the boot mode is NO_BOOT mode.
chroot$ gsctool --getbootmode
...
Boot mode = 0x01: NO_BOOT
6. Turn on AP by tapping the power button.
Check AP rewrites the secdata, and Cr50 reloads it.
cr50> ec_comm
...
ec_hash_sec_data : /* original hash code, Hm. */
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: Id34239911da204e1eacd285fa601a9b5db03c4ee
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2119130
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Namyoon Woo <namyoon@chromium.org>
Tested-by: Namyoon Woo <namyoon@chromium.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/ec_comm.h | 2 | ||||
-rw-r--r-- | include/nvmem.h | 8 |
2 files changed, 9 insertions, 1 deletions
diff --git a/include/ec_comm.h b/include/ec_comm.h index c599868488..dd4d105d4a 100644 --- a/include/ec_comm.h +++ b/include/ec_comm.h @@ -42,7 +42,7 @@ void ec_efs_refresh(void); /* print EC-EFS status */ void ec_efs_print_status(void); /* corrupt ECRW hash */ -void ec_efs_corrupt_hash(void); +enum ec_error_list ec_efs_corrupt_hash(void); #ifdef BOARD_HOST /* return the current boot mode. For test purpose only. */ diff --git a/include/nvmem.h b/include/nvmem.h index f48c9cd9c4..00dc4b7879 100644 --- a/include/nvmem.h +++ b/include/nvmem.h @@ -212,6 +212,14 @@ void nvmem_clear_cache(void); void nvmem_wipe_cache(void); +/* + * Unlock nvmem mutex lock. + * + * @param init_act_partition: boolean to request to initialize active nvmem + * partition status or not. + */ +void nvmem_unlock_cache(int init_act_partition); + #ifdef __cplusplus } #endif |