| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=none
Change-Id: I0f03f432ada1064ffba9595be78ca7ab4d25ecd1
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3155050
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
Owners-Override: Jora Jacobi <jora@google.com>
Tested-by: Jack Rosenthal <jrosenth@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The user needs to be able to unlock/open/lock CCD in addition to
setting the CCD password.
This patch adds command line options for these three CCD subcommands.
They all are communicated to the TPM using the same vendor command.
'open' and 'unlock' subcommands could require the user to enter the
password. This is indicated by the appropriate vendor command return
code.
If return code of 'open' or 'unlock' subcommand indicates the need for
physical presence, the utility starts polling the Cr50 prompting the
user to press the power button when the chip expects it.
Some input parameters sanity checks are added to make sure that the
user does not request mutually exclusive actions.
BRANCH=none
BUG=b:62537474
TEST=verified that CCD can be unlocked and opend with and without
password, with and without PP required.
Change-Id: Iea229a220e9f3d2f5d07cebdaebcb9b297939310
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/861209
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit a41c59598de1d335af76e6bc4b1178720154d48c)
Reviewed-on: https://chromium-review.googlesource.com/894353
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the upcoming addition of ability to manage CCD using gsctool, it
is necessary to send user password in several CC_CCD subcommands. This
patch modifies the password handler to allow the user to specify the
subcommand code to use.
VENDOR_RC_IN_PROGRESS is added to the list of acceptable return codes,
as this is what could be returned in response to 'ccd unlock' or 'ccd
open'.
BRANCH=none
BUG=b:62537474
TEST=verified that password still could be set and cleared from the
CLI and gsctool
Change-Id: Ic58f344a728897fb535cd9b7bedd47d28b30f5f8
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/861207
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit d9831e6015ccce99dc77e734368622abde1947fa)
Reviewed-on: https://chromium-review.googlesource.com/894352
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We want CCD commands lock, open, password, and unlock (at least to
start with) to be available over both CLI and through crosh (i.e.
coming over /dev/tpm0).
Let's allocate a TPM vendor command for handling all CCD subcommands,
and move to this new framework the 'ccd password' command, which
already is available over vendor command.
Conflicts:
include/ccd_config.h -- copied from the upstream patch
include/tpm_vendor_cmds.h -- copied from the upstream patch
BRANCH=cr50
BUG=b:62537474
TEST=verified that 'ccd password' still works both over Suzy-Q CLI and
using gsctool on the target.
Change-Id: I2d06230b762f47af7e580b188a587bc5678ca169
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/853280
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit 877e5909b403cd40b415757b2921594bb6d8a021)
Reviewed-on: https://chromium-review.googlesource.com/894351
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The gsctool utility sometimes is used in environments where path to
trunks_send is not set. As a result 'gsctool -t' invocations fail.
Let's make sure PATH includes /usr/sbin before trunsk_send is invoked.
BRANCH=none
BUG=none
TEST=verified that gsctool invocations in crosh started in a tab and
in a linux shell ran under user 'chronos' do not fail.
Change-Id: Ib8af365dc5707cfec19acda9aa0228d33eb4573f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/851266
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit 0b9a0688946c76451d0770be9b1fe4de148a4691)
Reviewed-on: https://chromium-review.googlesource.com/894350
Tested-by: Sam Hurst <shurst@google.com>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For partners and developers, it's usually better to have a single simple
instruction to invoke commands. Currently gsctool needs either -s (if
/dev/tpm is not locked) or -t (if trunksd is running) and partners have
to either try both commands (-s or -t) or read the error messages and
try to figure out which option to use.
For example, see the extra logic in CL:831787.
Instead of putting the check everywhere in scripting, it seems easier
and more convenient to have a simple switch - "--any (-a)" that
automatically selects between -s and -t.
BUG=b:70184153
TEST=gsctool -f -a; stop trunksd; gsctool -f -a
Change-Id: Ie1590b0b8fef882178465ceee64a7150eda6b0dd
Reviewed-on: https://chromium-review.googlesource.com/851612
Commit-Ready: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit 9de2d245cf0168131ddc8fda284e8ee169012fa3)
Reviewed-on: https://chromium-review.googlesource.com/894349
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The error processing logic is reversed, which results in missing error
values when errors actually happen.
BRANCH=none
BUG=none
TEST=verified that errors values are now reported properly.
Change-Id: I282920d35e978a704e8c2728a8aa71a5f1da9a00
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/802994
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 3bb08ed694d9c41538988668d8a6ef7874601116)
Reviewed-on: https://chromium-review.googlesource.com/894348
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The --rma_auth command line option is being extended to treat the
auth_code of value of 'disable' as a user request to cancel CCD RMA
mode on the device.
Conflict:
manually copied the appropriate version of include/tpm_vendor_cmds.h
BRANCH=none
BUG=b:68213540
TEST=verified that passing '-f disable' to gsctool causes CCD state on
the Cr50 changed to 'Locked'
Change-Id: I8764e0207977a6290d3d10dc4678f98631be0360
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/784354
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit 84b20f922533b5b1d282fcfc323400b0eec0db27)
Reviewed-on: https://chromium-review.googlesource.com/894347
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The gsctool utility is inconsistent in using stdio channels when
reporting errors. All error messages should go into stderr.
Also, to avoid confusion, this patch makes options -s and -t mutually
exclusive.
BRANCH=none
BUG=b:68213540
TEST=verified that passing both -t and -s command line options causes
an error.
Change-Id: Ieb50cf08314aa37594964ef4bbfa4a850741da2f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/784353
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit 88011d8ea5a059138ee62632564207d4711b3f21)
Reviewed-on: https://chromium-review.googlesource.com/894346
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes use of a recently introduced vendor command for
password control.
The new option '-P,password' is introduced to allow the device user to
set/clear the CCD password. Command line echo is suppressed when
password is being entered, so it is required to enter it twice.
To stay consistent with the 'ccd' Cr50 console command conventions the
word 'clear' should be used as the password when one wants to clear
the CCD password. All policies for setting/clearing the password are
the same as when setting it from the Cr50 console.
Conflict:
manually copied the appropriate version of include/tpm_vendor_cmds.h
BRANCH=cr50
BUG=b:62537474
TEST=set and clear password when accessing over /dev/tpm0. Verified
that attempts to set/clear password over USB fail.
Change-Id: I7721d9ce12da8b7c89fc80eaa69cb8dd001abdb8
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/741172
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit a0f43d59d0b58390b22b7e9b58e2b7a799db4070)
Reviewed-on: https://chromium-review.googlesource.com/894345
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It would be much easier to use the --rma command line option if it
allowed to pass the authentication code in a separate invocation.
This patch changes the behavior of the --rma command line option and
improves the help message to match actual features of gsctool.
When passed without an extra parameter it requests the Cr50 to
generate the RMA authentication challenge, prints the challenge on the
console as before, and then exits instead of waiting for the user to
enter the authentication code.
When the extra parameter is given, it is considered the authentication
code received from the server, the code is passed to the Cr50 and the
response is reported to the user.
BRANCH=none
BUG=b:37952913
TEST=verified the expected behavior:
localhost tmp # ./gsctool -r -t
Challenge:
CCYAQ 5ZUDP 9Q8NY S7TQR 7PVUR ETX7P T5YQK NGV9S
7TY8Z QY7H5 5DEH3 5EEWY UBJPA WN7YX SE35G TPS76
localhost tmp # ./gsctool -t -r EYE3E
Processing response...
rma unlock failed, code 1
localhost tmp # echo $?
3
localhost tmp # ./gsctool -t -r EYE3EWQG
Processing response...RMA unlock succeeded.
localhost tmp # echo $?
0
localhost tmp #
Change-Id: I2c61ff3a3ef1718eb4f192321bebd8caba388aeb
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/722115
(cherry picked from commit 9f68af75f6a99134cd03067379d0c1f6a571fe4f)
Reviewed-on: https://chromium-review.googlesource.com/894344
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is just a tweak marking pointers to the vendor command payloads
as const, as the command payloads are not supposed to be modified by
the communication layers.
BRANCH=none
BUG=none
TEST=make buildall -j; make -c ./extra/usb_updater
Change-Id: I68f15e8c77dc892173ff0241072128d960712a80
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/722114
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit e63e0515e46b8799b33a8a034dafef26e3246cc9)
Reviewed-on: https://chromium-review.googlesource.com/894343
Tested-by: Sam Hurst <shurst@google.com>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 37922196b6d0c17ba2ef5be1ecd90c8adf89fb18.
Reason for revert: Revert the previous revert to correct the patch sequence.
Original change's description:
> Revert "g: rename usb_updater into gsctool"
>
> This reverts commit 87d50d265d98f3e1f483e2e62b83639e752dd7fb.
>
> Reason for revert: The sequence of the patches are not correct. Revert to correct the sequence.
>
> Original change's description:
> > g: rename usb_updater into gsctool
> >
> > The usb_updater utility has long been not just an updater, and has
> > long been using other interfaces in addition to USB. gsctool is a much
> > more suitable name.
> >
> > CQ-DEPEND=CL:709776
> > BRANCH=cr50,eve
> > BUG=b:67007500,chromium:810784
> > TEST=verified that make -C ./extra/usb_updater generates
> > ./extra/usb_updater/gsctool:
> >
> > $ ./extra/usb_updater/gsctool --help
> >
> > Usage: gsctool [options] <binary image>
> >
> > This updates the Cr50 RW firmware over USB.
> > The required argument is the full RO+RW image.
> >
> > Options:
> > [...]
> > $
> >
> > TEST=emerge-eve works in factory branch after revert.
> >
> > Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
> > Reviewed-on: https://chromium-review.googlesource.com/709738
> > Reviewed-by: Mary Ruthven <mruthven@chromium.org>
> > (cherry picked from commit a08f61506cc71b690858e51da905c7dcb2d7ef10)
> > Conflicts: Accept all changes in util/signer/create_released_image.sh
> > Change-Id: I3ab70c28acf3664ddefaa923a87ba1fd5c3c437b
> > Signed-off-by: Gwendal Grignou <gwendal@chromium.org>
> > Reviewed-on: https://chromium-review.googlesource.com/894342
>
> Bug: b:67007500, chromium:810784
> Change-Id: Ie978398ef7ea5ffe41d1971203541c17e732e3b6
> Reviewed-on: https://chromium-review.googlesource.com/919562
> Reviewed-by: YH Lin <yueherngl@chromium.org>
> Commit-Queue: Sam Hurst <shurst@google.com>
> Tested-by: Sam Hurst <shurst@google.com>
Bug: b:67007500, chromium:810784
Change-Id: I68ea78f8247857bbb041bf20343deea306de3272
Reviewed-on: https://chromium-review.googlesource.com/919563
Reviewed-by: YH Lin <yueherngl@chromium.org>
Tested-by: Sam Hurst <shurst@google.com>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch uses the VENDOR_CC_RMA_CHALLENGE_RESPONSE vendor command to
request the Cr50 generate the RMA authentication challenge and to have
the Cr50 verify the authentication code received from the server.
The new command line option is -r/--rma_auth. Presently it works only
when Cr50 is accessed over the TPM interface (as opposed to USB), i.e.
command line options -s or -t are also present, and the utility is
running on the Chrome OS device.
Conflict:
manually copied the appropriate version of include/tpm_vendor_cmds.h
CQ-DEPEND=CL:690992
BRANCH=none
BUG=b:37952913
TEST=on a Bob device ran the command with correct and incorrect
authentication codes, observed expected behavior (reported
success or error):
localhost ~ # /var/tmp/usb_updater -t -r
Challenge:
B9FPX D93GM JTJE7 ZNR74 E2GZF 94E8B TXBFX UJ4WZ
3ZQ98 XZ42D D4MVT RA2WG UDMKP A8FMH GXJQG BAKAS
Now enter response: 7996N3NW
RMA unlock succeeded.
localhost ~ # /var/tmp/usb_updater -t -r
error 4 <<=== this is the time throttle error
localhost ~ # /var/tmp/usb_updater -t -r
Challenge:
B9BLC F7B3D 7WY8V DKGQF 6CFP8 UCZRU UCZRW YKUG7
ZGNVC F4ZEH X75LE BANWE UDMKP A8FMH GXJQG BAKAS
Now enter response: 7996N3NW <<==== this is an incorrect code
rma unlock failed, code 6
localhost ~ #
Change-Id: Ifbf1a349e3d2655cea6c33f928d9cf58a6408531
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/690443
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit 81682e06bc94d1b9e702b9794349bd34594896b3)
Reviewed-on: https://chromium-review.googlesource.com/894141
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With upcoming RMA authentication extensions the size of the vendor
command responses is going to increase. Let's allow 500 bytes per
response (the expected maximum is 80 bytes plus TPM header).
BRANCH=cr50
BUG=b:37952913
TEST=verified that gsctool (aka usb_updater) still allows to retrieve
Cr59 information and update Cr50 image.
Change-Id: Ic61b6b89ffe20e534029bd12fea4140882a9afc8
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/690442
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 97c2ae1138fb6370d4b45d1ba9251c95e26a685e)
Reviewed-on: https://chromium-review.googlesource.com/894140
Tested-by: Sam Hurst <shurst@google.com>
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is necessary to be able to access Cr50 using usb_updater without
stopping trunksd services. This patch adds another option for
usb_updater to communicate with Cr50, using the trunks_send command.
A new command line option '-t' is added to allow to choose the new
interface.
When communicating over trunks_send the same processing is used as
when communicating over /dev/tpm0, just instead of talking to the
hardware device, popen() function is used to run trunks_send --raw
command and to gain access to its console output.
BRANCH=none
BUG=none
TEST=ran various commands using the new '-t' option:
# ./usb_updater -t /opt/google/cr50/firmware/cr50.bin.prod
read 524288(0x80000) bytes from /opt/google/cr50/firmware/cr50.bin.prod
start
target running protocol version 6
keyids: RO 0xaa66150f, RW 0xb93d6539
offsets: backup RO at 0x40000, backup RW at 0x4000
sending 0x32288 bytes to 0x4000
-------
update complete
reboot requested
image updated
[reboot...]
# ./usb_updater -t -f
start
target running protocol version 6
keyids: RO 0xaa66150f, RW 0xb93d6539
offsets: backup RO at 0x40000, backup RW at 0x4000
Current versions:
RO 0.0.10
RW 0.0.23
Change-Id: I9c7481c30c2f6908e0d1ac4f204654d2fd1b3b2e
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/634629
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit 8c9f9ad861a48903aef5bd923741e12aa802c65c)
(cherry picked from commit b32a504eeb9b7096e00a4ec0aed6aef89b0961d9)
Reviewed-on: https://chromium-review.googlesource.com/894139
Tested-by: Sam Hurst <shurst@google.com>
Commit-Queue: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 87d50d265d98f3e1f483e2e62b83639e752dd7fb.
Reason for revert: The sequence of the patches are not correct. Revert to correct the sequence.
Original change's description:
> g: rename usb_updater into gsctool
>
> The usb_updater utility has long been not just an updater, and has
> long been using other interfaces in addition to USB. gsctool is a much
> more suitable name.
>
> CQ-DEPEND=CL:709776
> BRANCH=cr50,eve
> BUG=b:67007500,chromium:810784
> TEST=verified that make -C ./extra/usb_updater generates
> ./extra/usb_updater/gsctool:
>
> $ ./extra/usb_updater/gsctool --help
>
> Usage: gsctool [options] <binary image>
>
> This updates the Cr50 RW firmware over USB.
> The required argument is the full RO+RW image.
>
> Options:
> [...]
> $
>
> TEST=emerge-eve works in factory branch after revert.
>
> Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
> Reviewed-on: https://chromium-review.googlesource.com/709738
> Reviewed-by: Mary Ruthven <mruthven@chromium.org>
> (cherry picked from commit a08f61506cc71b690858e51da905c7dcb2d7ef10)
> Conflicts: Accept all changes in util/signer/create_released_image.sh
> Change-Id: I3ab70c28acf3664ddefaa923a87ba1fd5c3c437b
> Signed-off-by: Gwendal Grignou <gwendal@chromium.org>
> Reviewed-on: https://chromium-review.googlesource.com/894342
Bug: b:67007500, chromium:810784
Change-Id: Ie978398ef7ea5ffe41d1971203541c17e732e3b6
Reviewed-on: https://chromium-review.googlesource.com/919562
Reviewed-by: YH Lin <yueherngl@chromium.org>
Commit-Queue: Sam Hurst <shurst@google.com>
Tested-by: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The usb_updater utility has long been not just an updater, and has
long been using other interfaces in addition to USB. gsctool is a much
more suitable name.
CQ-DEPEND=CL:709776
BRANCH=cr50,eve
BUG=b:67007500,chromium:810784
TEST=verified that make -C ./extra/usb_updater generates
./extra/usb_updater/gsctool:
$ ./extra/usb_updater/gsctool --help
Usage: gsctool [options] <binary image>
This updates the Cr50 RW firmware over USB.
The required argument is the full RO+RW image.
Options:
[...]
$
TEST=emerge-eve works in factory branch after revert.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/709738
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit a08f61506cc71b690858e51da905c7dcb2d7ef10)
Conflicts: Accept all changes in util/signer/create_released_image.sh
Change-Id: I3ab70c28acf3664ddefaa923a87ba1fd5c3c437b
Signed-off-by: Gwendal Grignou <gwendal@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/894342
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
board.h and config-chip.h should only be called from config.h, otherwise
some #define may not be set properly.
BUG=chromium:746471
BRANCH=none
TEST=Found a bug while compiling OTP changes (c/580289/)
(https://luci-milo.appspot.com/buildbot/chromiumos.tryserver/
no_vmtest_pre_cq/81548)
The size of the serial number string is set in config.h when
CONFIG_USB_SERIALNO is needed.
Compile with ec-utils with cr50_onboard USE flag set.
Change-Id: I5a2306bd0dc1dea29265226f2986829b768cfb61
Signed-off-by: Gwendal Grignou <gwendal@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/581887
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
(cherry picked from commit 734ebcbbb4e1e6f816225c59acef08ebd1094a2c)
Reviewed-on: https://chromium-review.googlesource.com/894138
Reviewed-by: Gwendal Grignou <gwendal@google.com>
Commit-Queue: Sam Hurst <shurst@google.com>
Tested-by: Sam Hurst <shurst@google.com>
Trybot-Ready: Sam Hurst <shurst@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When usb_udpater reads board ID information from a binary blob, in
case the ID field can be represented as a 4 character ASCII string the
updater transposes the characters, resulting in a reversed string
printed.
Fix the transposition to verify that the result is printed properly.
BRANCH=none
BUG=b:63597142
TEST=ran the following commands:
$ make BOARD=cr50
$ CR50_BOARD_ID='TEST:ff00:ff00' H1_DEVIDS='0x0169c181 0x04656742' \
./util/signer/bs
$ ./extra/usb_updater/usb_updater -b build/cr50/ec.bin
read 524288(0x80000) bytes from build/cr50/ec.bin
RO_A:4919.0.0 RW_A:0.0.21[TEST:0000ff00:0000ff00] RO_B:-1.-1.-1 ...
Change-Id: I852cf9505d6b8b9e7133ca1008be1b22081a9d88
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/567681
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit a9c26a97ef3910e4a12434519be6b29763475f8b)
Reviewed-on: https://chromium-review.googlesource.com/599170
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Trybot-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds code to interpret the contents of the Cr50 image's RW
headers board ID fields.
Board ID fields are added to the RW and RW_B version strings, as a
three field colon separated value.
The actual board ID is likely to be a 4 symbol ASCII string, if it
is, the 4 ASCII characters are displayed. If it is not - the 8
character hex value is printed. The rest of the fields are displayed
as 8 characters hex values.
BRANCH=none
BUG=b:62294740
TEST=tried the new option on various Cr50 images:
$ ./extra/usb_updater/usb_updater -b build/cr50/ec.bin
read 524288(0x80000) bytes from build/cr50/ec.bin
RO_A:4919.0.0 RW_A:0.0.21[00000000:00000000:00000000] ...
$ ./extra/usb_updater/usb_updater -b cr50.bin.dev
read 524288(0x80000) bytes from cr50.bin.dev
RO_A:0.0.10 RW_A:0.0.21[XXXR:00000004:00000001]...
Change-Id: I5a92a600d24e4a7d6d615f256b5979414e883d77
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/562919
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit f50e0086e61aed2b722bd37c188e7e2204735f32)
Reviewed-on: https://chromium-review.googlesource.com/599169
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Commit-Queue: Hung-Te Lin <hungte@chromium.org>
Tested-by: Hung-Te Lin <hungte@chromium.org>
Trybot-Ready: Hung-Te Lin <hungte@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reject updates for the first 60 seconds after a hard reboot. This should
prevent people from using the reboot at the end of an update to get
around the update rate limiting. Reboots don't happen during normal cr50
operation, so this should not prevent updates. It will just prevent
updating cr50 many times in a row.
This change does not limit updates after deep sleep or POR.
BUG=b:62097097
BRANCH=cr50
TEST=Try to update cr50 two times. Verify that on the second time the
update is rejected. Put cr50 into deep sleep, wake it up and verify it
can be updated immediately. Get cr50 to do a POR and verify it can be
updated immediately.
Change-Id: I828ef210e1c5bcf59d4753b8178ee4e1369d5d36
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/520727
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until HOOK_INIT has completed, do not allow any tasks other than HOOKS
or IDLE to be scheduled. Programmers often make the assumption that
a HOOK_INIT function is guaranteed to be run before task code that depends
on it, so let's make it so.
BUG=chromium:649398
BRANCH=None
TEST=Manual on kevin, compare boot without patch:
...
[0.004 power state 0 = G3, in 0x0008] <-- from chipset task
RTC: 0x00000000 (0.00 s)
[0.004 power state 4 = G3->S5, in 0x0008]
RTC: 0x00000000 (0.00 s)
[0.005 clear MKBP fifo]
[0.006 clear MKBP fifo]
[0.006 KB init state: ... <-- from keyscan task
[0.012 SW 0x05]
[0.155 hash start 0x00020000 0x00019a38]
[0.158 HOOK_INIT DONE!]
... to boot with patch:
...
RTC: 0x58cc614c (1489789260.00 s)
[0.004 clear MKBP fifo]
[0.005 clear MKBP fifo]
[0.010 SW 0x05]
[0.155 hash start 0x00020000 0x000198e0]
[0.157 HOOK_INIT DONE!]
...
Also, verify kevin boots to OS and is generally functional through
sysjump and basic tasks, and verify elm (stm32f0 / cortex-m0) boots.
Change-Id: If56fab05ce9b9650feb93c5cfc2d084aa281e622
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/456628
Commit-Ready: Shawn N <shawnn@chromium.org>
Tested-by: Shawn N <shawnn@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cortex-M4 supports a floating point square root function that takes 14
cycles to execute, which is a speed improvement over the existing binary
search, and saves flash space.
BUG=chromium:687624
BRANCH=None
TEST=On kevin, verify that both sqrtf methods (binary search vs HW
instruction) have identical results for fractional input (eg.
sqrt(15.999999) = 3), except when floating point representation of
square root rounds up to an integer. Verify identical results for all
integers [-100, 16793602). Note that 16793602 is the first integer for
which the floating point representation of sqrt rounds up to an integer.
Also verify basic motion sense functions on kevin.
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Change-Id: I8521c9a28c958b340ca83c37342253e424df0c91
Reviewed-on: https://chromium-review.googlesource.com/537734
Commit-Ready: Shawn N <shawnn@chromium.org>
Tested-by: Shawn N <shawnn@chromium.org>
Reviewed-by: Shawn N <shawnn@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds host only return codes to cts.rc and derive names
from there.
BUG=chromium:664309
BRANCH=none
TEST=cts.py -m task, interrupt, gpio
test name TH DUT
debug_test SUCCESS SUCCESS
success_test SUCCESS SUCCESS
fail_dut_test SUCCESS FAILURE
fail_th_test FAILURE SUCCESS
fail_both_test FAILURE FAILURE
bad_sync_and_success_test BAD_SYNC BAD_SYNC
bad_sync_both_test BAD_SYNC BAD_SYNC
bad_sync_failure_test FAILURE BAD_SYNC
hang_test SUCCESS NO_RESULT
post_corruption_success NO_RESULT NO_RESULT
Change-Id: I169b2466646d6236571a8a4c5d3e208d928b9dd2
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/410282
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If Cr50 happens to start on a chip where Board ID programmed in INFO1
does not match the contents of the RW header, it means that for some
reason the other RW is not operational and the current image is the
only viable one.
In this case the Cr50 starts but operates in limited mode (only
commands for updating the image and reporting state are handled). In
this case the reason for recovery could be seen on the Recovery
screen, and the update could be done once Chrome OS boots in recovery
mode.
BRANCH=none
BUG=b:35586335
TEST=verified the following:
- if an image with wrong board ID is started, it tries to fall back
(sets the counter to a value above threshold and reboots)
- if the fallback fails, the image keeps running in the limited
capabilities mode but the update is possible, observed that the
new image took over worked after powercycling the device.
- observed proper error message on the recovery screen showing where
the error comes from
Change-Id: I46ba75392f8e891bb8503fb15aea2c56b5805e83
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/535978
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, read_tty reads characters from tty as long as there
is something to read. This causes read_tty to loop forever if the board
is in reboot loop.
This patch makes cts.py stop reading tty if boot count exceeds
max_boot_count. Reboot is detected by detecting REBOOT_MARKER.
This patch also does:
- Remove debug option: This adds complexity for no real value. Developers
should debug tests using regular tools (make, uart console, etc.).
- Remove html output. Nobody use it. Should be redone when it's needed
using proper libraries.
BUG=chromium:664309
BRANCH=none
TEST=cts.py -m task/gpio/interrupt
Change-Id: I51d1dd51c4097e8115ef04ad46853720295141b4
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/410281
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch hides expected messages from output to the terminal
and reorganizes log directory as follows:
- All test output goes under /tmp/ects/$dut/$module
- Openocd output is recorded in openocd.log
- uart outputs are recorded in uart_th.log and uart_dut.log
- build output is recorded in build.log
- Check exit code from all subprocess calls
- Dump build log if build fails
- Dump openocd log if openocd fails
BUG=chromium:664309
BRANCH=none
TEST=cts.py --setup and build images in chroot then run cts.py -m meta
outside chroot.
Change-Id: I13294c3bf777ad7ae590459d3cf5aea405d59f96
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/409536
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for update related vendor commands in mn50 by relocating
relevant code from board/cr50 to chip/g.
BUG=b:36910757
BRANCH=None
TEST=./extra/usb_updater/usb_updater -d 18d1:502a build/mn50/ec.bin
Change-Id: Iec0fe5585b5b6eb099f9254dfb0e5b02d5106abc
Reviewed-on: https://chromium-review.googlesource.com/537999
Commit-Ready: Nick Sanders <nsanders@chromium.org>
Tested-by: Nick Sanders <nsanders@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an external charger is connected, only the LED on the side the
charger is connected should be on, the other side should be off. The
existing LED behavior was incorrect in that only the side that was
charging was being updated and the other side would remain in its
previous state.
This CL adds a fix so that if only one LED is being controlled, the
other side is always turned off. In addition, the logic for double tap
events was changed slightly so that if a double tap event is in
progress and a charger is connected, the new state will be updated as
soon as the charge state is changed instead of waiting for the double
tap event to complete.
BUG=b:62481906
BRANCH=eve
TEST=Manual With battery level < 15% so that both LEDs are red when
the charger isn't connected, connect charger and verified that the LED
on the side the charger is connected turns white and the LED on the
other side turns off.
Change-Id: I7462629409496383adb43445e732dd6ca2f9f589
Signed-off-by: Scott Collyer <scollyer@google.com>
Reviewed-on: https://chromium-review.googlesource.com/537960
Commit-Ready: Scott Collyer <scollyer@chromium.org>
Tested-by: Scott Collyer <scollyer@chromium.org>
Reviewed-by: Duncan Laurie <dlaurie@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The stago build is not well kept after, as it is not used in production,
celes however is.
BUG=chromium:734103
TEST=None
Change-Id: Ie62a4729192fe63d18348f47105a2585c9e4f5be
Reviewed-on: https://chromium-review.googlesource.com/538571
Commit-Ready: Bernie Thompson <bhthompson@chromium.org>
Tested-by: Bernie Thompson <bhthompson@chromium.org>
Reviewed-by: Yixiang Li <yixiang@google.com>
|
|
|
|
|
|
|
|
|
|
|
| |
BRANCH=cr50
BUG=None
TEST=built an image, observed version number.
Change-Id: I2717530abb92383e1d0260580bed81e00f4f21bb
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/538162
Reviewed-by: Nick Sanders <nsanders@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The setup time of original i2c setting which i2c freq is 1MHz is closed
to the margin of the spec. This CL improves the setup time with a new
setting. (For example, in npcx evb, measured setup time now is about
480 ns.)
This CL also removes the timing settings of higher i2c source clock
frequencies which are not used so far to save the code size.
BRANCH=none
BUG=b:38217035
TEST=No build error for make buildall; run stress test with i2cxfer and
i2cscan on gru with 400K and 1MHz i2c freq.
Change-Id: I5428a7dab1d935fd428ee9012604813e752cead8
Signed-off-by: CHLin <CHLIN56@nuvoton.com>
Reviewed-on: https://chromium-review.googlesource.com/527739
Commit-Ready: CH Lin <chlin56@nuvoton.com>
Tested-by: CH Lin <chlin56@nuvoton.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Driver data structs are now accessed through the drv_data pointer.
BUG=chromium:733352
BRANCH=None
TEST=`make buildall -j`
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Change-Id: I8fedb425708a08ae6900ade6f17967fe2bc75ebf
Reviewed-on: https://chromium-review.googlesource.com/537217
Commit-Ready: Shawn N <shawnn@chromium.org>
Tested-by: Shawn N <shawnn@chromium.org>
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On PMIC reset, VCC power rail goes down thus resulting in loss of
panic data. Thus, provide a chance to the chip to backup panic data if
available.
BUG=b:62076222
BRANCH=None
TEST=make -j buildall
1. > crash divzero
> panic
=== PROCESS EXCEPTION: 06 ====== xPSR: ffffffff ===
r0 : r1 : r2 : r3 :
r4 :00000001 r5 :00000000 r6 :00000000 r7 :00000000
r8 :00000000 r9 :00000000 r10:00000000 r11:00000000
r12: sp :00000000 lr : pc :
Divide by 0
mmfs = 2000000, shcsr = 0, hfsr = 0, dfsr = 0
2. > crash assert
> panic
=== PROCESS EXCEPTION: 00 ====== xPSR: ffffffff ===
r0 : r1 : r2 : r3 :
r4 :dead6663 r5 :000000a4 r6 :00000000 r7 :00000000
r8 :00000000 r9 :00000000 r10:00000000 r11:00000000
r12: sp :00000000 lr : pc :
mmfs = 0, shcsr = 0, hfsr = 0, dfsr = 0
3. > crash watchdog
> panic
=== PROCESS EXCEPTION: 3c ====== xPSR: ffffffff ===
r0 : r1 : r2 : r3 :
r4 :dead6664 r5 :0000000a r6 :00000000 r7 :00000000
r8 :00000000 r9 :00000000 r10:00000000 r11:00000000
r12: sp :00000000 lr : pc :
mmfs = 0, shcsr = 0, hfsr = 0, dfsr = 0
4. > crash unaligned
> panic
=== PROCESS EXCEPTION: 06 ====== xPSR: ffffffff ===
r0 : r1 : r2 : r3 :
r4 :200c0d9e r5 :00000000 r6 :00000000 r7 :00000000
r8 :00000000 r9 :00000000 r10:00000000 r11:00000000
r12: sp :00000000 lr : pc :
Unaligned
mmfs = 1000000, shcsr = 0, hfsr = 0, dfsr = 0
Change-Id: Ife5c9bbc12dcf6c4922f18b7530b21a3b87e65b3
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/530138
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Holding the mutex just around the dcrypto_call is not enough: dcrypto
instruction memory content might change in presence of multiple calling
tasks.
Switching to broad acquire/release pattern instead.
Note to sub-projects: pair your dcrypto_init(_and_lock) w/ matching dcrypto_unlock
BUG=none
BRANCH=cr50
TEST=tcg_tests pass
Change-Id: Idb7f2d79ce533db95cab51d89e3869ecf9f3d499
Reviewed-on: https://chromium-review.googlesource.com/535916
Commit-Ready: Marius Schilder <mschilder@chromium.org>
Tested-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Nadim Taha <ntaha@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When starting up the Cr50 should check if this image is supposed to
run on a chip with the board ID value read from INFO1.
If it is not supposed to run on this chip, and there is no rollback
counter overflow, set the rollback counter to a value which will
trigger a rollback and reboot.
If rollback counter has already exceeded the threshold - set a flag
indicating that the image is running in the "mismatch" mode and
continue.
BRANCH=cr50
BUG=b:35586335
TEST=with the rest of the patches applied verified both falling back
to an older image and continuing running with the flag set if
rollback is not possible.
Change-Id: I58d97de61dc446aaf1dd06b6e2b6bb426c14a172
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/535977
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
with the board ID match happening in the RW we need to be able to set
the rollback counter to a value which would guarantee a fallback
during the next boot.
BRANCH=cr50
BUG=b:35586335
TEST=with the rest of the patches verified the ability to set the
counter to trigger a fallback on the next reboot.
Change-Id: I161f39354e5523121e26e8ad84a791a8b06e5123
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/535976
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until the Board ID check is moved to RO, it is possible to start an RW
with a mismatching Board ID.
Let's add a function to check for mismatch and report the status.
Also eliminating the unnecessary check for empty header Board ID field
- it is going to match any board ID anyways and fixing a CPRINTF
statement in read_board_id().
BRANCH=cr50
BUG=b:35586335
TEST=verified that empty board ID header does not trigger a mismatch
on a board with a non-empty INFO1. With the rest of the patches
applied verified that board ID mismatch is reported properly.
Change-Id: Ie03f8137e494117b7a238e3af72527e0a46369e1
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/535975
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:62076222
BRANCH=None
TEST=make -j buildall
Change-Id: Id1482cc959233b41b0d917e8650866651d9a61fe
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/530137
Reviewed-by: Mulin Chao <mlchao@nuvoton.com>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some platforms like poppy/eve where a PMIC reset is required on
reboot/panic to ensure a complete power-cycle of the AP, there is a
drop on VCC power rail thus resulting in a loss of panic data. For
such cases, provide API to backup panic data in BBRAM before
performing a PMIC reset. Additionally, check for panic data in
system_pre_init and restore if available from BBRAM.
BUG=b:62076222
BRANCH=None
TEST=make -j buildall
1. > crash divzero
> panic
=== PROCESS EXCEPTION: 06 ====== xPSR: ffffffff ===
r0 : r1 : r2 : r3 :
r4 :00000001 r5 :00000000 r6 :00000000 r7 :00000000
r8 :00000000 r9 :00000000 r10:00000000 r11:00000000
r12: sp :00000000 lr : pc :
Divide by 0
mmfs = 2000000, shcsr = 0, hfsr = 0, dfsr = 0
2. > crash assert
> panic
=== PROCESS EXCEPTION: 00 ====== xPSR: ffffffff ===
r0 : r1 : r2 : r3 :
r4 :dead6663 r5 :000000a4 r6 :00000000 r7 :00000000
r8 :00000000 r9 :00000000 r10:00000000 r11:00000000
r12: sp :00000000 lr : pc :
mmfs = 0, shcsr = 0, hfsr = 0, dfsr = 0
3. > crash watchdog
> panic
=== PROCESS EXCEPTION: 3c ====== xPSR: ffffffff ===
r0 : r1 : r2 : r3 :
r4 :dead6664 r5 :0000000a r6 :00000000 r7 :00000000
r8 :00000000 r9 :00000000 r10:00000000 r11:00000000
r12: sp :00000000 lr : pc :
mmfs = 0, shcsr = 0, hfsr = 0, dfsr = 0
4. > crash unaligned
> panic
=== PROCESS EXCEPTION: 06 ====== xPSR: ffffffff ===
r0 : r1 : r2 : r3 :
r4 :200c0d9e r5 :00000000 r6 :00000000 r7 :00000000
r8 :00000000 r9 :00000000 r10:00000000 r11:00000000
r12: sp :00000000 lr : pc :
Unaligned
mmfs = 1000000, shcsr = 0, hfsr = 0, dfsr = 0
Change-Id: I95cdd55e260487903e089653a47d3995d177daed
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/530136
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide APIs that allow chips to implement their own version of
backing up/restoring panic data to persistent storage.
BUG=b:62076222
BRANCH=None
TEST=make -j buildall
Change-Id: Idda2d55703d4fe7e0a8d6305695fbf4e193b596b
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/530196
Reviewed-by: Mulin Chao <mlchao@nuvoton.com>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Defects reported by Coverity.
BUG=None
BRANCH=None
TEST=`make buildall -j`
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Change-Id: I083ef9e499076f7009717ccbe0a3ab0a055e1bed
Reviewed-on: https://chromium-review.googlesource.com/535836
Commit-Ready: Shawn N <shawnn@chromium.org>
Tested-by: Shawn N <shawnn@chromium.org>
Reviewed-by: Scott Collyer <scollyer@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rev1 (Soraka) was using proto settings. Instead use the settings described
in fuel gauge specification.
BRANCH=none
BUG=b:62552007
TEST=On soraka, check that the system goes to ship mode and no error
messages appear, using "ectool batterycutoff" from OS or "cutoff"
from EC console.
Change-Id: I04e6b08265d20395d13e28e93cb14c1d49b376df
Signed-off-by: Shamile Khan <shamile.khan@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/531736
Reviewed-by: Vijay Hiremath <vijay.p.hiremath@intel.corp-partner.google.com>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the FIDO U2F Authenticator Transports Extension, the list of
transports will be extended to:
FIDOU2FTransports ::= BIT STRING {
bluetoothRadio(0), -- Bluetooth Classic
bluetoothLowEnergyRadio(1),
uSB(2),
nFC(3),
uSBInternal(4)
}
Given our implementation is internal, update the value from bit(2) uSB
to bit(4) uSBInternal.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=cr50
BUG=b:35545754
TEST=with follow-up CLs, run U2FTest on Eve
and manually verify the individual attestation certificate
with an ASN.1 parser.
Change-Id: I62fe72ffed9b7eb34e31164fded46f458e5cbc16
Reviewed-on: https://chromium-review.googlesource.com/536775
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement system_get_chip_unique_id() for the g hardware.
It includes the hardware revision, the chip device id and
the read-only key id.
The key-id is included because this unique id is used as serial number
inside certificates and for security reason, we want a different id if
the RO has changed (e.g Node locked firmware).
The id is also 32-byte long for convenience reason when used for
certificates, but the high 16 bytes are currently zeros.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=cr50
BUG=b:35545754
TEST=dump the x.509 individual attestation certificate which includes
the unique id as serial number.
Change-Id: If24597d0de696d2700122d425724f14703fc5256
Reviewed-on: https://chromium-review.googlesource.com/536774
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
x25519 requires quite a bit more stack size (1696/2048), so
increase its size.
BRANCH=none
BUG=b:38486828
TEST=Flash hammer, ./usb_updater2 -c always reports the same
device public key, and authenticator is correct.
Change-Id: I51dff9f10167d654561ef7f199b9b9206511b7e9
Reviewed-on: https://chromium-review.googlesource.com/532476
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handle UPDATE_EXTRA_CMD_PAIR_CHALLENGE command, where the
lid sends a random x25519 public key, and nonce, and the base
replies with its own (stable) x25519 public key, and computes
a shared secret using its private key to verify its identity.
BRANCH=none
BUG=b:38486828
TEST=Flash hammer, ./usb_updater2 -c always reports the same
device public key, and authenticator is correct.
Change-Id: Ida60ffa7476794ee92669951c740dbe35950fb9c
Reviewed-on: https://chromium-review.googlesource.com/532475
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In CL:503475, SERVO_TYPE is initialized *after* toad cable detection.
This make flash_ec failed to update plankton EC.
This CL adjust the timing of SERVO_TYPE detection, so toad cable
detection can work properly.
BUG=b:35648297
BRANCH=plankton
TEST=utils/flash_ec --board=plankton
Change-Id: I08a11b99109454096949b3ff64ed1c4d5f9891df
Reviewed-on: https://chromium-review.googlesource.com/535381
Commit-Ready: Wei-Han Chen <stimim@chromium.org>
Tested-by: Wei-Han Chen <stimim@chromium.org>
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:37970194,b:36394093
BRANCH=None
TEST=Verified that LED blinks when in debug mode and stops blinking on
exit from debug mode.
Change-Id: I536d0eeffdc59bef940ea1f0f01d7c595320d9c4
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/529766
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>
|