diff options
| -rw-r--r-- | board/cr50/wp.c | 17 | ||||
| -rw-r--r-- | common/tpm_registers.c | 19 | ||||
| -rw-r--r-- | include/tpm_registers.h | 4 |
3 files changed, 19 insertions, 21 deletions
diff --git a/board/cr50/wp.c b/board/cr50/wp.c index 0edb681fcd..e4fc54c630 100644 --- a/board/cr50/wp.c +++ b/board/cr50/wp.c @@ -189,6 +189,14 @@ int board_wipe_tpm(void) { int rc; + /* + * Blindly zapping the TPM space while the AP is awake and poking at + * it will bork the TPM task and the AP itself, so force the whole + * system off by holding the EC in reset. + */ + CPRINTS("%s: force EC off", __func__); + assert_ec_rst(); + /* Wipe the TPM's memory and reset the TPM task. */ rc = tpm_reset_request(1, 1); if (rc != EC_SUCCESS) { @@ -204,9 +212,10 @@ int board_wipe_tpm(void) SYSTEM_RESET_HARD); /* - * That should never return, but if it did, pass through the - * error we got. + * That should never return, but if it did, release EC reset + * and pass through the error we got. */ + deassert_ec_rst(); return rc; } @@ -215,6 +224,10 @@ int board_wipe_tpm(void) /* Tell the TPM task to re-enable NvMem commits. */ tpm_reinstate_nvmem_commits(); + /* Let the rest of the system boot. */ + CPRINTS("%s: release EC reset", __func__); + deassert_ec_rst(); + return EC_SUCCESS; } diff --git a/common/tpm_registers.c b/common/tpm_registers.c index d97e5bc4f1..46d2b7fdf1 100644 --- a/common/tpm_registers.c +++ b/common/tpm_registers.c @@ -815,20 +815,11 @@ static void tpm_reset_now(int wipe_first) /* This is more related to TPM task activity than TPM transactions */ cprints(CC_TASK, "%s(%d)", __func__, wipe_first); - if (wipe_first) { - /* - * Blindly zapping the TPM space while the AP is awake and - * poking at it will bork the TPM task and the AP itself, so - * force the whole system off by holding the EC in reset. - */ - cprints(CC_TASK, "%s: force EC off", __func__); - assert_ec_rst(); - + if (wipe_first) /* Now wipe the TPM's nvmem */ wipe_result = nvmem_erase_user_data(NVMEM_TPM); - } else { + else wipe_result = EC_SUCCESS; - } /* * Clear the TPM library's zero-init data. Note that the linker script @@ -866,12 +857,6 @@ static void tpm_reset_now(int wipe_first) waiting_for_reset = TASK_ID_INVALID; } - if (wipe_first) { - /* Allow AP & EC to boot again */ - cprints(CC_TASK, "%s: allow EC to boot", __func__); - deassert_ec_rst(); - } - cprints(CC_TASK, "%s: done", __func__); /* diff --git a/include/tpm_registers.h b/include/tpm_registers.h index 38cb68ef9e..cf7fbe5758 100644 --- a/include/tpm_registers.h +++ b/include/tpm_registers.h @@ -37,8 +37,8 @@ void tpm_register_interface(interface_restart_func interface_restart); * returns EC_SUCCESS after the reset has completed, or an error code on * failure. * - * If wipe_nvmem_first is true, the EC and AP will be forced off and TPM memory - * will be erased before the TPM task is reset. + * If wipe_nvmem_first is true, the caller is expected to keep the rest of the + * system in reset until TPM wipeout is completed. */ int tpm_reset_request(int wait_until_done, int wipe_nvmem_first); |