diff options
author | Keith Short <keithshort@chromium.org> | 2021-03-08 16:26:41 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-03-09 21:27:38 +0000 |
commit | 0e5fa530e2f1eba6e16188be65ac39974a151a17 (patch) | |
tree | 1a5d694dc7527072837d713782763345d805dbd0 /include | |
parent | 4d5b07d43ba15f5f704722649def0c18ea967871 (diff) | |
download | chrome-ec-0e5fa530e2f1eba6e16188be65ac39974a151a17.tar.gz |
vboot_hash: Add watchdog reloads
When neither CONFIG_SHA256_HW_ACCELERATE nor CONFIG_SHA256_UNROLLED
are enabled, calculating the hash can trip the watchdog.
Add watchdog reloads at a rate of 1/2 the watchdog period when both
these options are disabled.
BUG=b:182208446
BRANCH=none
TEST=zmake testall
TEST=Boot zephyr-ec on Volteer, powerdown AP and observe watchdog
timeouts are fixed
Signed-off-by: Keith Short <keithshort@chromium.org>
Signed-off-by: Jack Rosenthal <jrosenth@chromium.org>
Change-Id: I6170b457c91f3247adf9ad47cd7e93b128a1d13b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2744356
Reviewed-by: Yuval Peress <peress@chromium.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/config.h | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/include/config.h b/include/config.h index 7f61f5cf94..a72534aa88 100644 --- a/include/config.h +++ b/include/config.h @@ -4894,6 +4894,15 @@ /* Support computing hash of code for verified boot */ #undef CONFIG_VBOOT_HASH +/* + * Reload the watchdog at 1/2 the watchdog period during hash + * calculation. When CONFIG_SHA256_HW_ACCELERATE and + * CONFIG_SHA256_UNROLLED are disabled, the hash calculation may trip + * the watchdog. This option becomes enabled by default when both + * those options are disabled. + */ +#undef CONFIG_VBOOT_HASH_RELOAD_WATCHDOG + /* Support for secure temporary storage for verified boot */ #undef CONFIG_VSTORE @@ -6177,4 +6186,20 @@ "when CONFIG_SYSTEM_UNLOCK is also enabled." #endif /* CONFIG_BYPASS_CBI_EEPROM_WP_CHECK && !CONFIG_SYSTEM_UNLOCK */ +/* + * Enable CONFIG_VBOOT_HASH_RELOAD_WATCHDOG by default when these + * conditions are met: + * - Watchdog enabled + * - No hardware acceleration for SHA256 calculation + * - Loops for SHA256 calculation are not unrolled + * + * See the CONFIG_VBOOT_HASH_RELOAD_WATCHDOG entry in this file for an + * explanation as to why this is necessary. + */ +#if defined(CONFIG_WATCHDOG) && !defined(CONFIG_SHA256_HW_ACCELERATE) && \ + !defined(CONFIG_SHA256_UNROLLED) && \ + !defined(CONFIG_VBOOT_HASH_RELOAD_WATCHDOG) +#define CONFIG_VBOOT_HASH_RELOAD_WATCHDOG +#endif + #endif /* __CROS_EC_CONFIG_H */ |