| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=none
Change-Id: I0f03f432ada1064ffba9595be78ca7ab4d25ecd1
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3155151
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
Owners-Override: Jora Jacobi <jora@google.com>
Tested-by: Jack Rosenthal <jrosenth@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This branch is being used to build eraseflashinfo images. Let RW try to
erase info1 even if it's not a DBG image. RO will block the erase
if the image isn't signed correctly.
BUG=b:187438971
TEST=none
Change-Id: I61a31cf7c4252396ce267fb6b4e54de37479335f
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2911497
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
| |
BUG=b:187438971
TEST=none
Change-Id: Iadd988fdb2a03dcb85cc726cbd91be857930d8d6
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2883086
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With moving to the new Cr50 RO only images which have a certain bit in
their header set and are signed by the prod key will be allowed to
erase the INFO1 space.
This patch modifies the eraseflashinfo console command to report
failure in case the bit in the header is not present.
To maintain backwards compatibility with RO 0.0.10 while it is
available. this check is not compiled in into images with CR50_DEV=1.
This will allow dev images built from ToT to erase INFO1 space until
transition to the new RO is completed.
BRANCH=cr50-mp
BUG=b:74100307,b:187438971
TEST=make BOARD=cr50
Change-Id: I44d0e78c7257be153f7994ef20fc03893e8b8109
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1856819
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit 10346db1a08568f1e4bbfde67d05d014bbf42110)
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2878871
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 585534b0b7c94c0281eb7bf6e19eb47293f502f0.
BUG=b:187438971
TEST=make buildall -j
Change-Id: I7412a0188238da5b037da4220d206e1851bfed70
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2878870
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:187081660,b:187081660
TEST=flashing the image erases the third rollback mask bit
[0.049072 update_rollback_mask: bailing out at bit 0]
[0.051795 update_rollback_mask: bailing out at bit 3]
[0.052886 updated 1 info map words]
> sysinfo
...
Rollback: 0/0/1 3/3/3
...
Change-Id: Id802e3e4b010fbc7274e34360beaa47adcd0816f
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2869128
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit 7189f6992f5ca7ffd22775e8f73bb1e1cde24bbf)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2880142
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:184965542
TEST=see BUG
Change-Id: I340af997123ad0b5329a81311663ed90ffaab4b3
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2836190
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit d4cb504dc0e329d2f9714a47f295c7ed8b76b527)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2837406
(cherry picked from commit acdca9c81756cece9502505d64c856750d467e19)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2851344
(cherry picked from commit 5ae080dabe58606f9bd7bc36502a33feceeb7edd)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2880141
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Increase TRNG_EMPTY_COUNT, so boards with slow TRNG have enough time to
generate a sample.
BUG=b:172542178,b:178116958
TEST=generate RSA keys 50 times on the hatch with slow TRNG. Verify the
average time is around 6 seconds.
Change-Id: I1b821286e1e4b5da8baa59caeda907ab3fe49f81
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2641744
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 88b7c50e717211fbced47709e78a9e95c91ce533)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2669410
(cherry picked from commit 1d41ad204955874b96248ace0d288535d86b2495)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2713839
(cherry picked from commit 2ec3f05cb79ee3ec00ec2a3e3a70cbecd5f1382b)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2880140
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:161755898
TEST=none
Change-Id: Ic1e719addea733a3b8d198a771e0f038f9adf854
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2310592
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit a414783d0c97878809bcbe4dad4881fb52d7b57b)
Change-Id: I73dc2eefbb6f2a218a5611b80ae917db39ff9472
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314581
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 3eb43ffd5dfb3acdb90e2b98916da4704e9e64db)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350298
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't touch the SYS_RST_L or EC_RST_L signals when flashing the AP if
flashrom is run with custom_rst=True.
BUG=b:154885210
TEST=manual on bob
ecrst on
flashrom -p raiden_debug_spi:target=EC -r ec.bin
ecrst on
flashrom -p raiden_debug_spi:target=AP,custom_rst=True -r ap.bin
check ecrst is still on
flashrom -p raiden_debug_spi:target=AP -r ap.bin
Change-Id: Ia1ab8c853c25ced994e053c9e19a18d0d0f1cb45
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2301239
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit f2711530bf8dfb764584cc1e35c35a428c90cbd0)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311264
(cherry picked from commit f82d8ad180592195b9e7ae704186391b730c245d)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350297
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
new_device and new_gang_mode are both only used for spi_hash SPI
enable/disable. Rename them, so that's clear.
BUG=none
TEST=make buildall -j
Change-Id: I67a4f7865e8a5ff21c79b4462a0f2c1d0f85f76d
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2300698
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit ccacb7fc9378c4c00a39b2fbf913128c87e00b7f)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311249
(cherry picked from commit 96e157cb7cdbe503b35b027ba2d7809537665ecf)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350296
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To reuse u2f_origin_user_keypair(), u2f_sign extracts the
key handle bytes from versioned and non-versioned requests
according to the format. In the versioned path the code
incorrectly uses the non-versioned struct to extract the
key handle bytes, which would result in wrong private key and thus
non-verifiable signature in WebAuthn on version 1 key handles.
Both the bug and the fix do not affect the non-versioned path.
BUG=b:144861739
TEST=Added debug statements to verify that u2f_generate and u2f_sign
arrive at the same private key. With the previous buggy code
they get different private key.
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Change-Id: If79daeff98b01d050fcdc8dd69c809c184e6abb3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2303278
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit 2a50e993189539323b6d54a97482524f01cc7347)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311248
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit c17a09b5897ad43cbf3a2525988cdde82154953b)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350295
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In https://crrev.com/c/2258534 fix read_tpm_nvmem_size() was introduced,
however it failed to properly return size of hidden objects, and code
worked because it was masked by prior check of size for nvmem variable
with getvar(), and these variables were always set together.
This fix relies on https://crrev.com/c/2280405 for tpm2 to add proper
service function.
BUG=None
TEST=manual, tested in upcoming change in cr50/board/u2f.c
Cq-Depend: chromium:2280405
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I38cfbf97e5cc99907c05887345017db92c5abc72
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2285432
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit c870cf3dbe00e887ffc816c9345818b530192d09)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311247
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 8e907c91f89cee8943fe5e59856788adea2427b1)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350294
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was added to support u2fd on M77, and can
be removed iff the version of cr50 this change is
included in will not be expected to work with M77.
BUG=b:158268336
TEST=build
Signed-off-by: Louis Collard <louiscollard@chromium.org>
Change-Id: I6bbbae44a86c1a70fef4c8e1da1c1116f9909aa8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2275504
Reviewed-by: Yicheng Li <yichengli@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Yicheng Li <yichengli@chromium.org>
Tested-by: Yicheng Li <yichengli@chromium.org>
(cherry picked from commit 6863b3943c7eb72199374a2e0eb9fe5721ac2bd0)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311246
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 2b4371ffe9a305447e0439ed6e08e9bdd35e90de)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350293
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Despite all make tricks, sometimes switching between make invocations
with CR50_DEV defined and not defined, the code which updates the
IFNO1 RW rollback space runs even when CR50_DEV was defined at compile
time and the image header rollback space is set to all zeros.
This causes complete clearing of the INFO1 RW rollback space, which in
turn prevents from running images built without CR50_DEV=1.
Let's add a check to see if the currently running image has the entire
rollback space in the header erased, and not proceed with the INFO1
space update in this case.
BUG=b:160013710
TEST=verified that images built both with CR50_DEV defined and not
defined run properly.
- removed '#ifndef CR50_DEV' block around lines 610..719 and built
and ran the image, observed the "Skipped updating INFO1 RW" map
message.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I63a54ba2a82cd250d1e4018768b7a55c406b69c0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2271016
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit b1da01d568865aedf1d113cf81c678f605b3dc73)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311245
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 496ab3b201bd96c82caab84df877ee369963dcdc)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350292
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support generating and signing versioned key handles in addition
to non-versioned ones.
BUG=b:144861739
TEST=used webauthntool to verify that KH generated by old cr50 firmware
can be signed with this firmware
TEST=used webauthntool to verify that non-versioned KH generated by this
firmware can be signed by old cr50 firmware
(This and the first TEST proves that non-versioned path is the
same as old firmware.)
TEST=used webauthntool to verify that non-versioned KH generated by this
firmware can be signed by this firmware
TEST=used webauthntool to verify that versioned KH generated by this
firmware can be signed by this firmware
TEST=test_that --board=nami <IP> firmware_Cr50U2fCommands
Cq-Depend: chromium:2280394
Change-Id: Idf413a1a3e6c35a3e7e651faaa91fe2894b805db
Signed-off-by: Yicheng Li <yichengli@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2202949
Reviewed-by: Louis Collard <louiscollard@chromium.org>
(cherry picked from commit 8855605441c69ace829d4acbe584df4f8bf140a5)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311244
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit cf3ba739d1a434299bff3024deb73ea6ee09fdaf)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350291
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added service function read_tpm_nvmem_size() to return size of hidden
nvmem object, which is needed in FIPS framework code, but can't be
implemented locally due to conflicting headers between TPM2 library
and Cryptoc library, and util.h
BUG=none
TEST=make BOARD=cr50; meaningul test will be added in upcoming CLs
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Iab9520170cfdcd754f1fe2e79143f75766284921
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2258534
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit a12d9f33ec06e33e25337e24979722baf2f3956f)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311242
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 7ecc28fbeaa4c764d5cc96d16b9f9601706d4a74)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350290
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many source files over time started to respect 'bool' and 'size_t'
types for better code readability. However, these types are defined
in stdbool.h and stddef.h headers, so each time they were used
there was a need to include them. util.h included both, and one option
was to use it, but it conflicts with TPM2 library on definition MAX/MIN
BUG=none
TEST=make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ia0aca578e901c60aeafee5278471c228194d36bf
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2258540
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 3f0b2cb3b3b21b324f899e1912d8402c94ccb07e)
Change-Id: Id2643b6162a26c2e031677f614944913e3218849
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314579
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit dc919240e80218122cd51e22e93cf46166bd1f60)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350289
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://crrev.com/c/2222386 added support for short EC keys to some
functions. Extending this support to sign and verify.
Added test vectors for regression testing in tpmtest.py
BUG=b:157528390
TEST=tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I3db2c9eee9da995d45d534a2732130948548ead8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2265605
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit c8e570f49157412f058bd272c0e3cdf5324a634d)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314578
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit cb154f1c53cb44be9c3f007912b53ed7c7a87657)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350288
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds another NVMEM API, which allows to erase stored TPM
objects selectively. The list of indices of the objects to be erases
is supplied in a zero terminated array.
The existing nvmem_erase_tpm_data() has been modified to erase only
selected objects, if the list of objects is supplied by the caller.
BUG=b:138578447
TEST=Using tpm_manager_client created a bogus NVMEM object, modified
Cr50 code to provide a CLI command which would invoke the new
NVMEM API function to delete the new object.
Invoked 'dump_nvmem' command before and after deleting the bogus
object. Observed the NVMEM contents compacted and the bogus
object deleted. Rebooted the device, observed proper Chrome OS
start up maintaining the existing user account.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I3e299c8004141fa01ff20c290131b6526575c42e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2253324
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit a33e33844859f5e3b2949cd085fce50acad29f86)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311239
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit d646c32f4ebd7a6fb17e54f942e50694ba840d94)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350287
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add proper TRNG health tests and CR50-wide DRBG with reseeding
BUG=b:138578157
TEST=tpmtest.py -t1 fails after cr50 reboot.
rand_perf in console (kick-off FIPS TRNG test) and then
tpmtest.py -t1 and tpmtest.py -t2 should succeed.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I94c2dbd7a00dedcf1a0f318539a3c73c0c8076ef
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2251381
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 2d7cdfffa2fec56805406c50e8c3b58b6d0b617c)
Change-Id: I694515004ea4d6965b99fde047802fb5d505f7b4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314577
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 63785cc1fffd11ee0c6e737de84c64da6e721f15)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350286
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The logic of deciding if the alternative RW image is newer than a
certain version needs to be updated to accommodate moving to higher
prod and prepvt major version numbers.
BUG=none
TEST=the 'nvmem_find_partition: No Legacy Partitions found.' message
is not printed during startup any more when updating from 6.3 to
6.4.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I59e18712b3365446c29f569bf0b50f95ab67df95
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2250658
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 66bf0868e8bd55ba9e0d04671d164cfa1072173b)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311237
Tested-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 40c028b97f42c31b0f1b560387954fe3ecce6143)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350285
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Time it takes for TRNG to come-up with 32-bit of randomness
varies, and once TRNG started to use 1-bit alphabet, it's average
increased. We handle this timeout by resetting TRNG and
writing record in the flash log. With current setting of EMPTY_COUNT
set to 400 it's almost never happens under normal use, and is harmless,
but adds unnecessary records in the log under heavy use like TRNG
health tests. Adjusting EMPTY_COUNT to higher value reduce probability
of TRNG reset when value is just delayed, but TRNG is not stalled yet.
BUG=b:138578157
TEST=tpmtest -t0
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ic0152da05934a70dd16b3e4178361bfcefbdda26
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2252481
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: William Wesson <wesson@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 0c649ba01ab555e84ab030b7f1a38c48b294bbe2)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311236
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 581f4c663dfeb2e67993346ecf55d6357f5ebd55)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350284
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to changes in internal structures, stack consumption for SHA2,
HMAC, HMAC_DRBG grew up, and when combined with stack growth due to
changes in cprintf cause crash for some development console commands.
This patch increase console stack for CR50_DEV and CRYPTO_TEST modes.
BUG=none
TEST=manual, build with CR50_DEV or CRYPTO_TEST, run taskinfo
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I7170c65e4b8092d165c478f505a435f834744ed9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2251382
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 08b1e22d83bd1d6c07619065fded9d0496f90e58)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311235
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 48b402f628608856950b4cd6b843351645a08586)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350283
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to NIST SP 800-90B only vetted conditioning mechanism should
be used for post-processing raw entropy. See SP 800-90B, 3.1.5.1 Using
Vetted Conditioning Components. Use of non-vetted algorithms is governed
in 3.1.5.2, but assumes conservative coefficient 0.85 for entropy estimate,
which increase number of requests to TRNG to get desirable entropy.
More details on entropy estimate tests are in associated bug.
Entropy measurements using NIST assessment tool didn't report noticeable
change in entropy estimate. However, more changes are needed to use
DRBG instead of raw TRNG for all purposes.
TRNG changes reviewed also at https://crrev.com/c/1926384
BUG=b:138577834
TEST=test/tpm_test/nist_entropy.sh
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I5a578b90b8b7a77fae6a218eec48e87e7644ab44
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2240519
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 32730b21cfd504438d6a711834b445c68ec19ae5)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314576
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 7727323aefbc11690fe181ba7ad90ee7ea6c2077)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350282
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement board-local configuraration of FIPS 140-2/3 policy as
complementary to FWMP policy. This is intended mostly for lab
testing and dogfooding, when FWMP policy is not feasible.
board_fips_enforced() returns status of FIPS from FWMP and NVRAM
and caches state to avoid expensive operations later.
BUG=b:138577491
TEST=manual, make buildall -j
Actual test command to be added in upcoming CLs
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I8fa651e56e6e76a87bbc4dd911e7a8c0546e7e0f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2247112
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit d61ca497127ee518d65b26975cf3fadd62bc0a9a)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311233
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 9d82124693fc5d264582a4bac713e5d7ede4ebd3)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350281
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIPS 140-2 certification requires that security related output from
module should be disabled until completion of known-answer tests.
However, it's tricky to justify what output is security related, as
most of output data can be used to track current execution stage which
may be helpful for attacker. So, its safer to disable any output for
a short time once internal testing is done.
Provide console_disable_output() and console_enable_output()
functions which are supposed to be used by board initialization code
driving FIPS mode initialization.
BUG=b:138577539
TEST=manual; make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I42902acef7a5e99142ce2b6517ae511f63206e93
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2247103
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 770e5cecfdc2ddd761b5b1cdb78e29c936e6cb92)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311232
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 710f3b490e85c0b1dcf3cfc1f09429259f2fdbd9)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350280
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add FE_LOG_FIPS_FAILURE event type
BUG=b:138577539
TEST=manual
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I11be32598ddbbb327175a656c21abcb8388246d0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2247106
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit b239403fed9873dd5a1b297d061ecded0c7a0804)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311231
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 38bb773756eb4fab36685358c3c0160b62e52402)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350279
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added check for output len as defined by NIST for HMAC_DRBG and
define error codes instead of constants.
Propagate status for hmac_drbg_generate_p256
BUG=b:138578157
TEST=make buildall ; make BOARD=cr50 ; tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I16a1eac51ca11a6419a86922cfe59c13d9c703a0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243762
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit a80fb0e310e1b5e9436707d0a928212a47aa21b9)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2311230
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 06fa9e38473c26f4867770d09c9aa4d1bc44aada)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350278
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To prevent issues with long HMAC keys (longer than block size, which
is 64 for SHA-256 and 128 bytes for SHA-384/512)
BUG=b:158094716
TEST=make BOARD=cr50 CRYPTO_TEST=1 ; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: If4c3e6cd0c753f39a7ea39515ae0596cfab6a6b8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2239481
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 6a4736fa6f91ceead5359808f6cd63db145a98a8)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314115
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit f2062b333aae05390d2508e73bf7c438eab29ec0)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350277
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to Python3 switch tpm_test.py stop working. Updates to make it
work with Python3.
cros lint complains it can't import Crypto and rsa
BUG=None
TEST=tpmtest.py
tpmtest.py -t
To test exception handling change line 167 in crypto_test.py from
if real_out_text != out_text:
to
if real_out_text == out_text:
and run tpmtest.py again.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I927b25ab3288274993949c53564bed73faa346e9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2231974
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 043326f2bb542cc3e9fa74364364f933141b294d)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314114
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 0baab77dff91a6361b818b822ee376fd95983bbd)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350276
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:158533918
TEST=tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ia6b59c49afc7ed19507fab254cab44b2a5c1953b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2236588
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit e1b8aaed2a60b88dd047bc6e341327636d0f0212)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314113
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 69e127fb8e0235596d82e18df4a0a9d89997279e)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350275
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FTDI module used by tpmtest has stability issues, causing unstable
connection, which seemed to be dependent on setup delay. increased delay
to make it more stable.
Also, FTDI don't work correctly with multiple Ultradebug interfaces.
Make it use ISERIAL env variable if configured to guide interface choice.
BUG=None
TEST=make
Change-Id: Ifa27aac7ef42a8eb990963fa0cf1923a7405f0c7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2226139
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 4fd5c9a385b1a2388d6e7ab282ed5bb570e43288)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314112
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit b61589b2bb6cc379df6cf79578a951c4a223be90)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350274
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
You may need to do 'sudo emerge swig' to get latest swig installed.
Python3 differentiates between string and bytes, so need proper handling.
BUG=None
TEST=cd test/tpm_test && make
Change-Id: I6e09258a1f6a3fb2923760f446a2ff911e871b40
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2222978
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 80f707188fad40701201bc1bb13b4f7558f42528)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314111
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 5c695b0b1a181a1b7d5df01b1aa01228df2c94f4)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350273
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPM test directory has bitrotted and does not compile any more,
leave alone pass tests. This patch updates the tests to match changed
EC codebase:
test/tpm_test/Makefile - look for include files in more directories
test/tpm_test/bn_test.c -
1. add support for OpenSSL 1.1 where BIGNUM structure became opaque
and require special functions to access it.
2. added backward compatibility layer for OpenSSL 1.0.2
3. fixed issues with OpenSSL memory allocations
4. added support to print details of failure
5. added more cases for modulo inverse testing
6. added testing for bn_div to increase branch coverage
BRANCH=cr50
BUG=none
TEST=./test/tpm_test (../../build/tpm_test/bn_test) now passes
Change-Id: Ida5fb07277909977f78ad1199e7a0f3677aabdc3
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1764711
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit fb1d26a58e5511d70f747e8b943096c22dead07c)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2223147
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit 1da8e0dd19cd7e7c16712fbf0deb00c9f4ad5889)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314110
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 257cadc0e13e4573c4f51d41f64183a32837e9ab)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350272
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
make of ftdi_spi_tpm fails:
../../include/config.h:4878:25: fatal error: fuzz_config.h:
No such file or directory
#include "fuzz_config.h"
It seems issue happened after moving fuzzing tests into a fuzz subfolder
in https://chromium-review.googlesource.com/1180179
Added include search path to correct issue.
BRANCH=none
BUG=none
TEST=in test/tpm_test/ make successfully builds ftdi_spi_tpm
Change-Id: I0c212ba7f84babd5db0c02d553345769de301d00
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1913325
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 977c1267c00389de296cc7bdcf946badef4601aa)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314109
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit d40db1ef180589c4a05902c9afba86581512c261)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350271
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now we have several different versions of #! in
our python scripts. Unify them all and specify that we
are using python2.
Signed-off-by: Stefan Reinauer <reinauer@chromium.org>
BUG=none
BRANCH=none
TEST=make buildall
Change-Id: Iab33a3f5d4b827451a55542bcee8837b00da7867
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1817948
Commit-Queue: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Stefan Reinauer <reinauer@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
(cherry picked from commit 68c9a2870ead8a3306a2601c4f5689656d49c6a8)
Change-Id: I55272c289eaeb24bbaa7024ece7beb4cb14ea9ec
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314108
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit a72597d3bfaed8a602e9db138da23d5fdb7f5e56)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350270
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A couple of changes are needed to make tpmtests run with the
latest cr50:
1. The CRYPTO_TESTS flag turns off the TPM in cr50 build, so
no need to initalize TPM.
2. FW_UPGRADE protocol now uses offset into flash instead of
absolute memory addresses to perform upgrade.
BUG=None
TEST=test/tpm_test/tpmtest.py runs and all tests pass
Change-Id: I2402ba956e4588a7452128e75fbc82c44f8cf04f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1804068
Tested-by: Gurleen Grewal <gurleengrewal@google.com>
Commit-Queue: Gurleen Grewal <gurleengrewal@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit ad20ea449951e49ecd991ade3a8f3f5a3fd7a227)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314107
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit d350696c949360a5297a589644d2a6d05e2dc6c4)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350269
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPM test directory has bitrotted and does not compile any more,
leave alone pass tests. This patch updates the tests to match changed
EC codebase:
test/tpm_test/Makefile - look for include files in more directories
test/tpm_test/bn_test.c - add implementation of always_memset() which
for the EC tree now comes from a different tree and provide a plug
for watchdog_reload() which is no used by dcrypto code (which in
fact is not a good idea, but an issue for another day).
test/tpm_test/hash_test.py - update to match new format of return messages
test/tpm_test/upgrade_test.py - update to match the new format of
return messages and limit the test to installing just 2K worth of
data
BRANCH=cr50
BUG=none
TEST=./test/tpmtest/tpmtest.py now passes
Change-Id: Ibcd7fcfba06cd83023e35a2ac4f37ec896492ad4
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/665322
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 0309b5581713ca4f9bd59dbca5c58bbda4acf676)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2314106
Tested-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 7183fc62d98ebdfb2128862c2c640846f3017c95)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2350268
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:158774719
TEST=none
Change-Id: I4558a8d4cb9219c8d78db9982f9c5d80d8a30d84
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242770
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit ceb955abb5628cb11003e094ec9431b3ed6bf240)
Change-Id: I6df4be0f4f1725b9fdc06452f67291d6c8c70429
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243325
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 3dad445418378d1ecf2b6af7f90bc52442f9b9cc)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261503
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After CL:1740075 and CL:1748846 we had a duplicate value for two
different vendor commands in tpm_vendor_cmd.h:
VENDOR_CC_ENDORSEMENT_SEED = 48
VENDOR_CC_U2F_MODE = 48
This CL fixes the issue.
BRANCH=none
BUG=b:139809333
TEST=none
Change-Id: Ic593e138c9126eb2a7e97b2e12c2daa890787d8c
Signed-off-by: Andrey Pronin <apronin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1763303
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Louis Collard <louiscollard@chromium.org>
(cherry picked from commit 4ad4225c1cfdf015ea82158aea7eb44937382460)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243754
Tested-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 31bb714b1a7b48530f1b7fa4b520c304946a3585)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261502
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:158843230
TEST=run 'ver' on cr50
Change-Id: Ia22cbc74dc23156a11caceb587f8380aa68ce23b
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243312
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
(cherry picked from commit af8c38689179bb4dfe15dfb98b7de429fe08cf52)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243324
(cherry picked from commit 5b07b103265cffcc62579bf9e7190142d3b8017e)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261501
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL enables cr50 to accept EC points of which X and/or Y component
has less than 32 bytes.
For testing, the following 4 data inputs can pass the test:
1. Creating salted session with a full-length ephemeral key.
2. Creating salted session with a short ephemeral key.
3. Walking through enrollment flow with a full-length ephemeral key.
4. Walking through enrollment flow with a short ephemeral key.
BUG=b:157528390
TEST=see the comment above.
Change-Id: I12c744ab00391a31d81d4ac6b6e644981ae46f48
Signed-off-by: Leo Lai <cylai@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2222386
Tested-by: Leo Lai <cylai@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit e74d8b264cab776631991e16a6a447da0ce73561)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2243311
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 87ea2a87633b3a003389db1f4f988feefd61eb18)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261500
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In https://crrev.com/c/2227077 ECC command handler was reimplemented,
but associated test was uploaded with old version of constant.
BUG=b:138578319
TEST=make CRYPTO_TEST=1 BOARD=cr50 -j && test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I7c50ed108d193958e62f76c2f7315247df14a398
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2238649
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 27156bdc54e6770dcd6ddf7d3ba7d3b4a8747ec2)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242523
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 1499cf9aa7efa09ec507a73a6b0feb4e45980329)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261499
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=buildall
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: Ie71e668e2966979a94035dcde750b1e31a7ba3f7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2238540
Tested-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Namyoon Woo <namyoon@chromium.org>
(cherry picked from commit e654c3313a8d7c4e42a90d829e0026af563bfb09)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242522
Tested-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 27a8f176d00b0ba22172d3d14cb2d5176d9e630a)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261498
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NIST ACVP test expects access to test point is on curve and verification
of signature with arbitrary public key. Current implementation supported
only fixed public key. ACVP tests to be submitted separately.
Added two new test commands to support ACVP:
- TEST_POINT - test that given point is on selected curve
- TEST_VERIFY_ANY - same as TEST_VERIFY, but use provided Q
- TEST_SIGN_ANY - same as TEST_SIGN, but use provided d (private key)
BUG=b:138578319
TEST=make CRYPTO_TEST=1 BOARD=cr50 -j && test/tpm_test/tpmtest.py
Change-Id: Ibeabede935f5bbac918b3043072e05f8a6417aa4
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2227077
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
(cherry picked from commit 65e147217ad968743b5f6e3d94db6b5dcefb11ad)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242521
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit dff900763507d9885533d32da42489acb141cc98)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261497
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch closes the AP RO verification loop on the Cr50 side.
If the check is triggered, the valid AP hash is found, and the RO
contents is found to not match the hash, the Cr50 will
- assert the EC reset;
- set a flag to prevent the code from deasserting EC reset;
- start a periodic hook to reassert EC reset in case the user hits
power+refresh.
This will prevent the Chrome OS device from booting.
A new CLI command is being added to display the verification state. In
developer images the new command would allow to clear the failure
state, when running prod images the only way out of the failure state
would be the powercycle.
BUG=b:153764696
TEST=verified that erasing or programming AP RO hash when board ID is
set is impossible.
Verified proper shutdown in case AP RO has is present and the AP
RO space is corrupted and recovery using the new cli command when
running a dev image.
Verified that 'ecrst off' properly reports the override.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I1029114126a9a79f80385af7bc8d5467738e04ca
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2218676
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit dd15f8676d55ef1c78f78016ce6c6175d3806174)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242520
Tested-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 14e0bdc0ebb2908943083b0eb26dfb790b4996a3)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261496
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to support NIST ACVP testing, new commands to provide access to
HMAC implementations (software, and hardware accelerated HMAC SHA-256)
with CRYPTO_TEST_SETUP added:
- Software HMAC (_cpri_StartHMAC) TPM implementation
- dcrypto HMAC (DCRYPTO_HMAC_SHA256_init)
Updated hash_test.py to support different hash algorithms for hash
and HMAC, added HMAC tests.
BRANCH=cr50
TEST=make BOARD=cr50 CRYPTO_TEST=1 -j && test/tpm_test/tpmtest.py
BUG=b:138578319
Change-Id: I57da2f27734fc7e5dbc896d75c5f8b2ed60e3b18
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1854885
Reviewed-by: Gurleen Grewal <gurleengrewal@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Gurleen Grewal <gurleengrewal@google.com>
(cherry picked from commit 32c349afe72541570984a32bd85b8f1fcf2acb39)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2227074
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit 253388ec3a701a65a0c1ce70bcadc2cfb4626fef)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242519
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit a79a5e6c05359d59d1285702b1b8179b90279b8c)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261495
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch assigns the bit offset 0 in TPM_BOARD_CFG register to
indicate the status of INT_AP_L extension. The bit 1 means INT_AP_L
pulse extension is activated, and 0 means it is not.
BUG=b:148691139
TEST=tested on atlas and on careena.
1. Checked the default TPM_BOARD_CFG (PWRDN_SCRATCH21) value was zero
and the INT_AP_L assertion duration was 4~10 microseconds.
> md 0x400000f4 1 // memory dump on GC_PMU_PWRDN_SCRATCH21
400000F4: 0x00000000
2. Attempted to change the board configuration (with a hacked UART
command.). The register value was unchanged.
> brdcfg 0x01
TPM_BOARD_CFG = 0x00000000
> md 0x400000f4 1
400000F4: 0x00000000
3. Forced to write the board configuration with a hacked UART command.
The register value was changed.
> brdcfg 0x01 force
TPM_BOARD_CFG = 0x80000001
> md 0x400000f4 1
400000F4: 0x80000001
4. Checked the INT_AP_L assertion duration extended to 110
microseconds or longer.
5. After cr50 deep sleep, checked the pulse duration was still
extended.
- turned AP off.
- disconnected Suzy-Qable.
- waited three seconds
- connected Suzy-Qable, and checked the reset cause was 'hibernate
rbox'.
> md 0x400000f4 1
400000F4: 0x8000001
6. With 100 usec long INT_AP pulse, checked trunks_cliend
regression_test, stress_test and ext_command_test runs good.
Checked dmesg and found no TPM errors through all tests.
(ap) $ trunks_client --regression_test
(ap) $ trunks_client --stress_test
(ap) $ trunks_client --ext_command_test
7.checked no character loss during uart_stress_tester.
(chroot) $ uart_stress_tester.py -c -t 600 /dev/ttyUSB2 /dev/ttyUSB1
8. the shortest duration of INT_AP_L assertion and deassertion
observed in logic analyzer were 110 usec and 152 usec.
9. measured the depthcharge exit timestamp and cr50 flash time with
or without INT_AP pulse extended to 100 usec, on atlas and helios:
Change-Id: I5d8f8a3ccf8b0a4f9f8f0059eddd7da71cc319f8
-----------------+-------------------+------------------
| atlas | helios
-----------------+-------------------+------------------
boot (sec) | 1.398 -> 1.402 | 1.004 -> 1.011
cr50 flash (sec) | 10.800 -> 14.609 | 16.024 -> 16.466
-----------------+-------------------+------------------
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: I2b9f9defb63cf05f9d91b741ccb4b49c4c6bc8e2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2202839
Tested-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Namyoon Woo <namyoon@chromium.org>
(cherry picked from commit ea0fd78e5e218ef50ba947f4c921ae91a69b5442)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242518
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit f13eea24af19ac208a08ea9c8eaafa04bb4e66a7)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261494
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the TPM vendor-defined register, TPM_BOARD_CFG,
which indicates the board configuration status. This register is
attributed as one-time-programmable and the value is maintained
across deep sleeps. Cr50 allows a write on this register right after
a cr50 reset until it receives a TPM2_PCR_Extend command.
BUG=b:148691139
TEST=none
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: I89ae5a53c15990ef78812aec5da81a59f04d7d98
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2202838
Tested-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Namyoon Woo <namyoon@chromium.org>
(cherry picked from commit 77f11cd9e99bc1d6a63acee45a3d457b7f205523)
Change-Id: Ia4c0b8f7194659074f0e67bb8464f6879980c03f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2242517
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
(cherry picked from commit 123eabcabd127769bdfb0e52fc0936d3c4c27122)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2261493
|