diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2016-09-23 18:09:45 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-09-24 16:22:18 -0700 |
| commit | 2446e3bfc089c7e65e41c90809ea70e9d051be91 (patch) | |
| tree | e7e41e2b5f4949056ec5ce6eb6fe1690980d12b0 /include | |
| parent | 2e0c2177b53cfb67b3102ee51942e8ba7aea65e3 (diff) | |
| download | chrome-ec-2446e3bfc089c7e65e41c90809ea70e9d051be91.tar.gz | |
Cr50: Clear NVMEM before unlocking the console
The Cr50 console provides access to all sorts of dangerous
commands. To protect user secrets, we must erase the persistent
storage before unlocking the console.
Note that this will not powerwash the AP, leaving you with the
impression that you've just forgotten your password. You'll have
to manually powerwash (Ctrl+Alt+Shift+R) afterwards. That will be
addressed in a future CL.
BUG=chrome-os-partner:55728
BRANCH=none
TEST=make buildall, test on Gru
Lock the console if it's not already ("lock enable"), then unlock
it with "lock disable". Confirm that the NVMEM region is erased
following a successful unlock process.
Change-Id: Iebcd69c9f757f5ab5d496218f065197d3f1f746c
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/382666
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/nvmem.h | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/include/nvmem.h b/include/nvmem.h index 781ea219f0..354e763c8d 100644 --- a/include/nvmem.h +++ b/include/nvmem.h @@ -51,9 +51,10 @@ * CONFIG_FLASH_NVMEM_BASE_(A|B) -> address of start of each partition * * The board.h file must define a macro or enum named NVMEM_NUM_USERS. - * The board.c file must include 1 function and an array of user buffer lengths + * The board.c file must implement: * nvmem_user_sizes[] -> array of user buffer lengths * nvmem_compute_sha() -> function used to compute 4 byte sha (or equivalent) + * nvmem_wipe() -> function to erase and reformat the users' storage * * Note that total length of user buffers must satisfy the following: * sum(user sizes) <= (NVMEM_PARTITION_SIZE) - sizeof(struct nvmem_tag) @@ -176,4 +177,11 @@ int nvmem_setup(uint8_t version); void nvmem_compute_sha(uint8_t *p_buf, int num_bytes, uint8_t *p_sha, int sha_len); +/* + * Erase and reformat the entire nvmem storage space. This returns only if it + * was successful. If it fails, we can't be certain of the state of the system, + * so it should do a hard reboot to be safe. + */ +void nvmem_wipe_or_reboot(void); + #endif /* __CROS_EC_NVMEM_UTILS_H */ |