| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After migration to DRBG use, remove DCRYPTO_ladder_random() function.
BUG=none
TEST=make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ifdb3fd79ec03ac94066a91ed38b61218dbceefde
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3155295
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To simplify identification of FIPS module boundary, move all sources
into same place.
BUG=b:134594373
TEST=make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I6acd12d12c00a3362041914bd515534f72a08ab2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3150057
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During FIPS refactoring many additional test commands were added to
CRYPTO_TEST=1 image for unit testing. However, this lead to very small
space left in image.
Adding local switches to several CCD commands to activate it only once
working on related parts. This free around 6.5K.
BUG=none
TEST=make BOARD=cr50 CRYPTO_TEST=1
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I8f11988d2994c6c4b25748d3c0c07096ba00c392
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3139977
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since https://crrev.com/c/3125994 and https://crrev.com/c/3119223 were
in review at the same time and landed one after another, check for
result of DCRYPTO_equals() wasn't properly updated.
This is a fix addressing that DCRYPTO_equals() now returns DCRYPTO_OK
instead of 1 in case of matching values.
BUG=none
TEST=make BOARD=cr50 CRYPTO_TEST=1; ccd - u2f_test
test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I582906f9a6be57e1d645370377caa5e5ab3e2481
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3146593
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When both https://crrev.com/c/3125994 and https://crrev.com/c/3119223
landed it resulted in broken host build as function attribute
optimize("") is not supported by clang. This is happened due as both CLs
are relatively independent by nature, but the first one added one of the
sources to host build.
BUG=none
TEST=make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: If1b8425cea418ae42179bef46f6f5998ded3dc1f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3146223
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Inject the fips fingerprint into the cr50 image, so it can verify the
fips module before starting to execute it. This change adds a script to
calculate the checksum and inject it into a elf file before signing.
If CONFIG_FIPS_CHECKSUM is defined, generate an elf file with the fips
checksum and use that to create signed images and hex files.
The build process doesn't change for RO artifacts. Nothing changes if
CONFIG_FIPS_CHECKSUM isn't defined.
The new chain for RW is
ec.RW.elf -> ec.RW.elf.fips -> ec.RW.flat
ec.RW.elf.fips is generated with util/inject_fips_fingerprint.sh.
util/inject_fips_fingerprint.sh calculates the fips module fingerprint,
copies ec.RW.elf to ec.RW.elf.fips, and then injects the fingerprint
into ec.RW.elf.fips.
util/signer/bs will be modified to use ec.RW.elf.fips if it exists in a
followup CL.
BUG=none
TEST=manual
# Verify cr50 is the only board that creates the fips artifacts
make buildall -j
objdump the text.fips_checksum section of ec.RW.elf and
ec.RW_B.elf. Make sure they match ec.RW.fips.checksum and
ec.RW_B.fips.checksum
# Verify cr50 can update to image signed with devid and that
# image shows Stored hash that matches the computed one.
H1_DEVIDS="${DEVID}" make -j BOARD=cr50 CR50_DEV=1
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Change-Id: Iab857ec1b7e3ae0d23681a25467e26286bd68210
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3078053
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change moves the fips checksum into its own section, so objcopy can
be used to update the fips checksum in the elf files.
BUG=none
TEST=make buildall -j
Change-Id: I8004c7efaf607eabd2932ecb9fdf377e0c68b6c0
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3120046
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
P-256 sign requires a random nonce which is generated from provided
DRBG. Implementation of dcrypto_p256_ecdsa_sign() cleaned out DRBG
once nonce is successfully created. This works fine when DRBG is
instantiated just for purposes of signing this particular message,
but doesn't work if we want to use system-wide DRBG which is perfectly
instantiated as reseeded as needed as we want for FIPS. Instantiation
of DRBG using entropy from TRNG is relatively expensive operation
which we can avoid this way.
Moving DRBG management outside ECDSA Sign makes it clearer. Now the
caller is responsible what to do with DRBG and allows further updates
with automated reseeding if ECDSA Sign fails due to DRBG.
In tpm2/ecc.c we can now replace DRBG instantiation with using FIPS DRBG
created during initialization. Still more changes are needed to fully
switch to DRBG use for key gen as we need to handle reseeds properly.
BUG=b:138577416
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I092b18cde5f6a8aede0a65e24a892dda9de7afa2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3138384
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set FIPS module build flags to reduce changes in object file due to
compiler's randomization during LTO.
Adjusted several optimization options which resulted in smaller image.
Freed 136 bytes for ToT.
BUG=b:138578318
TEST=make BOARD=cr50, test that image works.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I99d9bf459bda6f1fcbd8dafe6f23539dda110fd8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3123967
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Introduce enum dcrypto_result defining DCRYPTO_OK and DCRYPTO_FAIL
constants such that they have large Hamming distance, thus becoming
more fault-injection resistant.
2. Added value_barrier() and value_barrier_ptr() which prevents compiler
from certain optimizations, removal of conditional execution.
3. Added hardened_select_if_zero() primitive which produce branch-less
selection between values.
4. Added convenience function dcrypto_ok_if_zero() to convert zero into
DCRYPTO_OK.
5. DCRYPTO_equals() implemented in a way that it also checks completion
of all iterations in addition to comparing value. This makes it
resistant to fault injection which would result in no comparisons
made.
6. Updated uses of DCRYPTO_equals() to check for new return code.
7. Few memcmp() replaced with DCRYPTO_equals().
BUG=b:197893750
TEST=make BOARD=cr50 CRYPTO_TEST=1; tests/tpmtest.py
in console check that FIPS KAT tests passes.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I2a0373e8be97c2d61a2c4743c74614c2ff064a8a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3125994
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Split U2F crypto from U2F command processing by moving all crypto
code into boards/cr50 (platform hooks).
U2F state management is part of common code and passed to U2F crypto
as a parameter.
Previously reviewed as https://crrev.com/c/3034852, but reverted due to
ChromeOS dependency on include/u2f.h. In this revision this is addressed
by restoring include/u2f.h with previous content and new additions
and adjusting dependencies in other headers.
BUG=b:134594373
TEST=make BOARD=cr50 CRYPTO_TEST=1
console: u2f_test
test/tpmtest.py
FAFT U2F tests pass
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Iff1973c8e475216b801d7adde23b1ef6c4a6f699
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3119223
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Switch to hardened p256 code sequences for dcrypto which introduce
blinding of secrets and control flow integrity checks.
Dcrypto sequences are taken from cr52 board (/chip/g/fips).
Code size increased by 1008 bytes, but expect savings from aligned
p256_int.
BUG=none
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I434a373fc602e01bf815099a3661a2cef93af22f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3133625
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During unit testing discovered an issue with test order specific bug
which resulted in incorrect system-level DRBG initialization. It was
revealed after several independent CLs landed.
This fix corrects this issue.
BUG=b:138577416
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I1222bc72d5560a4984a78abf53d5e3b2178d0977
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3133626
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIPS requires pair-wise consistency test for asymmetric key generation
algorithms. For U2F we use only ECDSA P-256, so adding this step into
key generation function.
BUG=b:198219806
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
This test covers U2F and TPM2 uses of ECDSA keygen.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I520a233e700a68b19c863bad05271f97693b5ca9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3131949
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need to block access to all crypto in case of FIPS errors. There are
multiple steps to implement, this is one of few.
There is common API crypto_enabled() which is used by nvmem and some
other functions to check wherever access to crypto is possible.
This is same intent as fips_crypto_allowed(), though the latter checks
for FIPS KAT errors, while the former checks only key ladder status.
Here we make all FIPS errors to revoke access from key ladder, and
fips_crypto_allowed() to check key ladder status. This way we also
ensure that in case of FIPS errors access to device secrets will be
blocked.
We moved crypto_api.c from chip/g to board/cr50 to move crypto_enabled()
into fips.c and alias it to fips_crypto_enabled().
crypto_api.h is no longer included from dcrypto.h, and compile time
assert for cipher salt size is moved to proper place.
Since crypto is used by nvmem_init(), move FIPS power-up tests earlier
to ensure nvmem_init() can access crypto.
BUG=b:197893750
TEST=make CRYPTO_TEST=1; tpm_test; check nvmem is properly initialized
on board_init().
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: If70c2a21d61348bd97a47e26db5d8eec08bbf8ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3123836
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make DIOA12 an output on Zork, so it can be used for the ccd recovery or
lid switch signals.
BUG=b:197916691
TEST=setting CCD_REC_LID_PIN toggles lid_open on tomato
Change-Id: I755498fd9bb9b764b0e0aa2bf0394c45b087c767
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3124565
Reviewed-by: Ting Shen <phoenixshen@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Ting Shen <phoenixshen@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 5ae1c684271a117539858cb12252959dfe46803c.
Reason for revert: breaks chromeos-ec-headers
BUG=b:197691499
Original change's description:
> u2f: refactoring to split command processing and crypto
>
> Split U2F crypto from U2F command processing by moving all crypto
> code into boards/cr50 (platform hooks).
>
> U2F state management is part of common code and passed to U2F crypto
> as a parameter.
>
> BUG=b:134594373
> TEST=make BOARD=cr50 CRYPTO_TEST=1
> console: u2f_test
> test/tpmtest.py
> FAFT U2F tests pass
>
> Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
> Change-Id: I85442cddb2959bd3102f7f6e6047134ede90951b
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3034852
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Reviewed-by: Andrey Pronin <apronin@chromium.org>
> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Bug: b:134594373
Change-Id: I61a965995fcd53b4e155084f5f351574cb84cd1e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3115930
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: David Stevens <stevensd@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Split U2F crypto from U2F command processing by moving all crypto
code into boards/cr50 (platform hooks).
U2F state management is part of common code and passed to U2F crypto
as a parameter.
BUG=b:134594373
TEST=make BOARD=cr50 CRYPTO_TEST=1
console: u2f_test
test/tpmtest.py
FAFT U2F tests pass
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I85442cddb2959bd3102f7f6e6047134ede90951b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3034852
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:194901448
TEST=none
Change-Id: Ia16d194f042ab44a36e00668f699dfab4df8a536
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3114224
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use 6 as the major version in util/signer/ec_RW-manifest-prod.json to
reduce merge conflicts in the branches
This has no real effect since we don't prod sign TOT images.
BUG=none
TEST=none
Change-Id: I1300a4080ea4a5fee3115f1e32736985789d9c11
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3114223
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to implement self-integrity test for FIPS module we need to
make sure binary code of module in image doesn't change from build to
build. To do that we already place FIPS module as constant address.
However, any call to functions outside the module creates a relocation
which is changing depending on location of that external function in the
image. To prevent that we either need to bring these functions in the
module like it was done with memcpy() and some others or replace their
invocations with callbacks. Task & Memory management functions are hard
to bring in the module, so replace few invocations with indirect calls
using vtable. This way invocation code will remain the same.
1. Identify and minimize dependency on EC OS - remove few asserts
and cprintfs.
2. Remove checking privilege level in TRNG init - we know that it is
high by the order of initialization in board_init() and that our
RO doesn't drop permissions. Correct initialization of TRNG is
important for certification, so we can't just assume it may be
initialized improperly.
3. Added vtable with EC OS functions, initialization of FIPS module
vtable in board_init().
4. Switched to using vtable instead of direct calls. Note, we continue
to use EC OS with CRYPTO_TEST=1 to reduce vtable size and image
size.
BUG=b:138578318
TEST=make BOARD=cr50; tests
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ibd7bd2353fc4e7e5886f9bfef96b36dc64ff2359
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3107847
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=make -j BOARD=cr50 CR50_DEV=1
Change-Id: I3f5281047ff3f349161e37633320e63b4a8fb318
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3108328
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move tpm_mode_s to .bss.Tpm2_common, so TPM_MODE_ENABLED is cleared
during tpm reset events.
Cr50 still clears TPM_MODE_DISABLED by doing a hard reset instead of
triggering a tpm reset event.
BUG=b:191180387,b:196820239
TEST=run firmawre_Cr50TpmMode
Change-Id: I5f5cedb7b5b6a03bf504583c378fae87896cef2b
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3105485
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In preparation to switching from TRNG to DRBG, refactor to remove
duplicated code, reduce code size.
1. Isolate hardware-dependent code (trng.c) from platform-agnostic in
fips_rand.c. This will enable better host emulation for tests.
2. Change how read_rand() returns status to take advantage of ARM ABI.
Unfortunately any composite type on ARM is returned on stack. Use
uint64_t with combined validity flag in high bits and random in low
32 bits. This alone reduce code size around 100 bytes.
3. Avoid code duplication by implementing rand() using read_rand().
4. Drop use of common/trng.h to reduce dependency on code outside
boundary. To be completed with migration to DRBG.
BUG=b:138577416
TEST=make BOARD=cr50 CRYPTO_TEST=1; rand_perf and FIPS tests
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ifdc42e7210414a4abeac8c132a684e451fbbc19c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3100489
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects. While just making local copy of cryptoc would
solve an issue, it's suboptimal as prevents from many optimizations and
improvements.
1. Clean-up of #include dependencies on cryptoc
2. Build configuration drops linking with cryptoc for cr50
3. Dcrypto SHA512 code updated to compile and partially tested.
It is about 4x faster on large messages, and about 620 bytes larger.
Added an config option to use Dcrypto version as software, but not
enabled. More testing is needed to make sure it's safe and doesn't
have unintended interactions with RSA and ECDSA Dcrypto code.
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1; tpm_test
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I030b60b75daeec9c8ef079017a73345829bf7f0b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3093093
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIPS security policy was updated to move U2F key management out of scope
as it doesn't add anything from certification standpoint on L1, but
greatly complicates design and requires flash operations to be in the
FIPS module boundary.
This change aligns FIPS initialization flow with security policy:
1) Checking of U2F key type is removed and would be handled during
U2F command processing to choose approved / not-approved key gen.
2) FIPS module is always in approved mode when self-integrity tests,
known-answer tests and TRNG power-up tests succeeds.
3) Implementation of console command and TPM2 command moved out of
FIPS boundary.
BUG=b:134594373
TEST=make BOARD=cr50 [CRYPTO_TEST=1]; console commands
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I03fc8fa450927e4d37e691770e872e7ffa5b628d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3093088
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects. While just making local copy of cryptoc would
solve an issue, it's suboptimal as prevents from many optimizations and
improvements.
Removed redundant functions (dcrypto_p256_pick and dcrypto_p256_rand).
Another improvement is separation of platform independent code in p256.c
to support better host-side unit tests. For this purpose added fast
random number generator using LFSR to replace use of TRNG for blinding
and wiping secrets where security strength is not required.
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
in console: dcrypto_ecdsa
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I9bfd13b8006ddca55508635962be4502a56532b5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3087833
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects. While just making local copy of cryptoc would
solve an issue, it's suboptimal as prevents from many optimizations and
improvements.
Provided SHA & HMAC implementations from Ti50 project. This provides
better performance (500us vs. 670us earlier for HMAC DRBG) and reduce
code size. This implementation also enables stack use savings when
only specific digest is needed. Earlier SHA512 context was allocated
when only SHA256 is needed greatly increasing stack consumption for
code using HMAC_DRBG and others.
However, it introduce subtle API changes which require handling.
As for tests, since core implementation is hardware-independent, make
it available for BOARD=host too.
Before change (with cryptoc):
*** 12368 bytes in flash and 5784 bytes in RAM
After:
*** 13136 bytes in flash and 5796 bytes in RAM
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I2ff5362aee9078ce83dc1f8081943a5101d5f666
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3064201
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects.
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I40090f5d32df088c88d7313dd693fc8a0dd4b308
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3083187
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linker script used by FIPS module broke several extension commands
used for testing due to section name used (no wildcards support).
FIPS self-integrity tests broke access to crypto commands as until
there is no correct digest it fails and prevents access to crypto.
This is temporary fix until digest computation is done.
TPM tests requires GCM for testing - adding this module when built with
CRYPTO_TEST=1.
U2F test status made a bit clearer (printing success) and hex dumps of
key handles, signatures only printed in debug mode now.
BUG=none
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I7c974abf8ac71de2949b35a4411f77a03d9048a0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3082325
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:194901448
TEST=none
Change-Id: I9d4d5133d26ac528b2ecf5e1b0f4be20a47badb8
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3072819
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:1031705
BRANCH=master
TEST=None
Signed-off-by: kerker <kerker@chromium.org>
Change-Id: Idf4f5342da6b3f3307e1948c165d44b83031543a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2425983
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
(cherry picked from commit 24f03775900d085130f4d411da3bfdfe29afc7ef)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3067596
Reviewed-by: Craig Hesling <hesling@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces an alternative USB SPI protocol implementation
to be used by Cr50: Raiden V2. The SPI USB endpoint descriptor is
modified to advertise the new version in the bInterfaceProtocol, which
allows the flashrom utility to use the new protocol version.
Protocol version 2 implements segmentation and reassembly where longer
flash read and write PDUs can be transferred split into shorter fixed
size USB packets. The comment section in usb_spi_v2.c describes the
protocol in detail.
Each time a USB packet is received from the host, the packet header is
examined to determine the command. The command could be a DUT
configuration query OR a request to read and or write some data
from/to the SPI flash chip, OR a request to retransmit the last PDU
from the beginning.
This patch implementation does not process the retransmittion request
command yet, in case a packet is dropped flashrom would need to be
re-run. This is a pretty rare condition, but if deemed necessary
support can be added later.
H1 SPI controller supports multibuffer transactions where the CS
signal is kept asserted while the controller clocks the bus when the
next portion of data to write becomes available or there is more room
to read data to send back to the host. This allows to support
arbitrary length read and write transactions. There is no need to
support write transactions longer than 256 bytes of data, as this is a
typical SPI flash chip page size. For read direction the size of 2040
was chosen, which is close to 2K and takes full payload of 34 USB
packets on top of 2 byte headers.
The protocol state machine on the device sideOB can be in one of
two states, IDLE or WRITING. Many of host requests do not require the
device to change state: configuration requests, or writes of short
blocks of data (fitting into one USB packet) can be executed
immediately. Requests to read long blocks of data can still be
executed without leaving the IDLE state, the device starts the SPI
transaction and then iterates reading one packet worth of data at a
time and sends it back to the host. Once the entire PDU is read, the
CS is deasserted.
In case the host requests to write a block of data which does not fit
into a USB packet the device asserts the CS, sends the first received
block to the SPI flash chip and then enters the WRITING state,
expecting the controller to send the rest of the PDU in following
packets.
Once the entire PDU is transferred the CS is deasserted and state is
changed back to IDLE.
BUG=b:79492818
TEST=performed numerous flash read/write operations with 16M SPI flash
chip on the Atlas device. Timing results comparison of various
operations:
Raiden V1 Raiden V2
Reading entire chip: 3m 16s 0m 52s
Vanilla writing of new image: 16m 22s 5m 48s
Writing of AP firmware into an
erased flash chip (no read
before or after writing) 4m 12s 1m 38s
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I374f3caab7146fc84b62274e9e713430d7d31de0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2977965
Reviewed-by: Brian Nemec <bnemec@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add basic test to U2F generate, sign and attest commands to make sure
commands are processed correctly.
When build with CRYPTO_TEST=1 pretend that power button for U2F is
always pressed when requested to simulate user presence.
BUG=None
TEST=make BOARD=cr50 CRYPTO_TEST=1
tests/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I8fda8037ea7322eb5fa46421ded6da3d1bba9c66
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3048103
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added computation of FIPS module SHA256 digest and comparison with
precomputed value.
BUG=b:138578318
TEST=make BOARD=cr50, check console output
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I3aaac07ff460b5021f2b7dab4f6df2710325c60b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3045839
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added linker script to sort by name all symbols from FIPS module and
place them together in text.fips, rodata.fips and bss.fips sections
which are later placed at fixed locations by chip's linker script.
Note, this has impact on image size as LTO intentionally won't work
across FIPS module boundary and probably don't discard some unused
functions. Currently size increase is 1544 bytes.
List of functions added:
fips_p256_ecdsa_sign
fips_drbg_clear
DCRYPTO_asn1_sigp
board_set_fips_policy_test
u2f_gen_kek
DCRYPTO_asn1_pubp
fips_drbg_init
fips_throw_err
board_fips_enforced
fips_trng_bytes
dcrypto_p256_pick
DCRYPTO_hkdf
dcrypto_p256_rnd
fips_mode
adaptive_proportion_test
fips_rand_bytes
fips_set_policy
board_fips_power_up_done
fips_crypto_allowed
Note, some of these functions can be removed, and some will be used
once switch to FIPS key gen.
BUG=b:138578318
TEST=make BOARD=cr50
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I0ab3cf1fc7fd6de2025b69d46c71625d96d7873b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3041098
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=make buildall -j
find -name util.o
board/cr50/dcrypto/util.o is only a part of the cr50 build
./build/cr50/RO/common/util.o
./build/cr50/RO/board/cr50/dcrypto/util.o
./build/cr50/RW/common/util.o
./build/cr50/RW/board/cr50/dcrypto/util.o
./build/cr50/cryptoc/util.o
Change-Id: Ib1e82922548f9ec483338baaad94c6b2cb10f371
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3043359
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Group the code we are going to move into the fips module.
memcmp
memcpy
memset
memmove
reverse
strncmp
BUG=none
TEST=make buildall -j
Change-Id: Idb1162dd47f00f676cb1c1ec3f77b85808ad9c30
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3043358
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recent changes with FIPS module - removal of ECIES from dcrypto build,
broke CRYPTO_TEST=1 build where tpm2/ecies.c used those functions.
So, removing it from build for consistency.
Also, some CRYPTO_TEST commands needs more stack, like newly added
u2f_test command. These commands are usually executed in the context
of TPM task which has larger stack, and to be executed in console task
it's size should be a bit larger.
BUG=none
TEST=make BOARD=cr50 CRYPTO_TEST=1
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I7b663eb0b0f64871682c907d66e855e75c091548
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3042142
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIPS module should be self contained. Adding __aeabi_uldivmod is
challenging as it comes from compiler builtin and used by other parts.
In this CL we implement udiv32() which divides 64-bit number by 32-bit
number. Since it doesn't compute reminder and don't have to support
real 64-bit by 64-bit division it's faster. Also, we can use ARM
instruction to count leading zeros instead of doing it manually.
This code is reused from Ti50 cryptolib code as is.
Exhaustive bn_div() test is provided by test/tpm_test/bn_test.c which
is now can be built with board/cr50/dcrypto version.
BUG=b:138578318
TEST=make BOARD=cr50
test/tpm_test/make CR50=1
build/tpm_test/bn_test
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I19cebc5c11d3a80bc50732350b7c598bfa374348
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3042138
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Build dcrypto and u2f separately as a part of the fips_module object.
This doesn't change how cryptoc is built. That'll be done in a followup
CL.
BUG=none
TEST=none
Change-Id: I411ee297ae8e88f0c38b6798c7b58c0e657750b1
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3002451
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=none
Change-Id: I24314865ef591ae791e20559534ca4e40af7d46d
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3010921
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=none
TEST=make -j BOARD=cr50 CRYPTO_TEST=1
Change-Id: Iad1c87d6ca3dfd798a6b63a0cffc087e1dd716a2
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3002450
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:192269002
TEST=none
Change-Id: Ied092d9dd0a909aae116f440fa545ee43ec4c6ed
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3002844
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We compute sha256 for this block to check integrity, but don't use
position independent code, so placing block closer to start of code
with as much constant address as possible to prevent sudden relocations
from breaking self-integrity check.
BUG=b:138578318
TEST=make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I81289fec8ed7fc73b34e2334c45c360cdabbcd88
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2988196
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes the restriction of TPM_MODE vendor command,
allowing any board's AP to disable TPM mode if required.
In addition, TPM reset processing flow is being modified to always
reboot the H1 in case TPM reset happens when TPM is disabled.
BUG=b:191180387, b:191180208
TEST=on an Atlas device:
localhost ~ # gsctool -a -f
start
target running protocol version 6
keyids: RO 0xaa66150f, RW 0x334f70df
offsets: backup RO at 0, backup RW at 0x4000
Current versions:
RO 0.0.11
RW 0.6.30
$ localhost ~ # gsctool -a -m disable
TPM Mode: disabled (2)
localhost ~ # gsctool -a -f
start
[WARNING:bus.cc(638)] Bus::SendWithReplyAndBlock took 1516ms to...
Problems reading from TPM, got 10 bytes
Failed to start transfer
localhost ~ # reboot
-- GSC reboots during device rebnoot
localhost ~ # gsctool -a -f
start
target running protocol version 6
keyids: RO 0xaa66150f, RW 0x334f70df
offsets: backup RO at 0, backup RW at 0x4000
Current versions:
RO 0.0.11
RW 0.6.30
localhost ~ # reboot
-- GSC does NOT reboot during device rebnoot
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I492bd2f201f3c5c7d1cd9b228ec6ab1cdcf8fa53
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2987913
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVMEM commits are disabled for a few seconds after every TPM reset.
Setting TPM mode to 'disabled' requires the commits to be enabled
first, so that the NVMEM updates would be saved immediately.
Re-enabling the commits must be done by the same task which disables
them, i.e. the TPM task. This patch moves the invocation of
'nvmem_enable_commits()' to the main processing thread of the TPM mode
vendor command handler. When invoked through TPM it will be able to
properly reenable NVMEM commits. When invoked through USB it will fail
if TPM reset happened less than 3 seconds ago.
BUG=b:187831914
TEST=verified that when the TPM disable command is sent immediately
after TPM reset over USB it is rejected with error code 11, no
lockup/watchdog reset is observed.
Testing the AP sending the command will be done when debugging
NBR.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I035cd5db2c55fe5c9dd3679153bf9a2ec49210b6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2998302
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cr50 doesn't use AES-CMAC and P256-ECIES functions. Currently these
functions are not linked in as they are not used. Since we will change
a build process to build crypto library separately to implement FIPS
certification requirements, better to remove it from library as
otherwise they will increase image size. Files are still there in case
if will be needed in the future.
BUG=b:134594373
TEST=make BOARD=cr50
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I0922a5f35a85b1a2d85e6b325716ac3838c2c9cb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2988186
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is necessary to be able to send SPI transactions with sizes
exceeding the SPI controller buffer size. This can be achieved by
asserting CS before sending the first batch (data block) in a
transaction and deasserting CS after the last batch.
Let's add a SPI controller spi_sub_transaction() API, with an
additional parameter indicating when the last batch is submitted for
processing.
The existing spi_transaction() API becomes a wrapper which always
calls spi_sub_transaction() to send a full single batch transaction.
BUG=b:79492818
TEST='flashrom --flash-name' still succeeds.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ia0c5114edd5caf6c6d0e22cab3bfa3c4d86ac79a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2977964
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:191799047
TEST=make buildall -j ; run tpmtest
Change-Id: I8b743c16c4e4b8b0779eb40ba1eb0a78613930f9
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2980812
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|