summaryrefslogtreecommitdiff
path: root/board
Commit message (Collapse)AuthorAgeFilesLines
* cr50: drop cryptoc for always_memset()stabilize-14149.B-cr50_stabVadim Sukhomlinov2021-08-1012-12/+18
| | | | | | | | | | | | | | | | | | | To implement FIPS module we need to bring many crypto functions in the module boundary. Unfortunately, cryptoc is a third-party library used by dcrypto code in cr50. Cryptoc is also not well-maintained and shared with other projects. BUG=b:138578318 TEST=make BOARD=cr50 CRYPTO_TEST=1 Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: I40090f5d32df088c88d7313dd693fc8a0dd4b308 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3083187 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
* cr50: fix CRYPTO_TEST=1 broken due to FIPS codeVadim Sukhomlinov2021-08-093-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | Linker script used by FIPS module broke several extension commands used for testing due to section name used (no wildcards support). FIPS self-integrity tests broke access to crypto commands as until there is no correct digest it fails and prevents access to crypto. This is temporary fix until digest computation is done. TPM tests requires GCM for testing - adding this module when built with CRYPTO_TEST=1. U2F test status made a bit clearer (printing success) and hex dumps of key handles, signatures only printed in debug mode now. BUG=none TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: I7c974abf8ac71de2949b35a4411f77a03d9048a0 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3082325 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
* usb_spi: move to Raiden V2 implementationVadim Bendebury2021-08-022-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch introduces an alternative USB SPI protocol implementation to be used by Cr50: Raiden V2. The SPI USB endpoint descriptor is modified to advertise the new version in the bInterfaceProtocol, which allows the flashrom utility to use the new protocol version. Protocol version 2 implements segmentation and reassembly where longer flash read and write PDUs can be transferred split into shorter fixed size USB packets. The comment section in usb_spi_v2.c describes the protocol in detail. Each time a USB packet is received from the host, the packet header is examined to determine the command. The command could be a DUT configuration query OR a request to read and or write some data from/to the SPI flash chip, OR a request to retransmit the last PDU from the beginning. This patch implementation does not process the retransmittion request command yet, in case a packet is dropped flashrom would need to be re-run. This is a pretty rare condition, but if deemed necessary support can be added later. H1 SPI controller supports multibuffer transactions where the CS signal is kept asserted while the controller clocks the bus when the next portion of data to write becomes available or there is more room to read data to send back to the host. This allows to support arbitrary length read and write transactions. There is no need to support write transactions longer than 256 bytes of data, as this is a typical SPI flash chip page size. For read direction the size of 2040 was chosen, which is close to 2K and takes full payload of 34 USB packets on top of 2 byte headers. The protocol state machine on the device sideOB can be in one of two states, IDLE or WRITING. Many of host requests do not require the device to change state: configuration requests, or writes of short blocks of data (fitting into one USB packet) can be executed immediately. Requests to read long blocks of data can still be executed without leaving the IDLE state, the device starts the SPI transaction and then iterates reading one packet worth of data at a time and sends it back to the host. Once the entire PDU is read, the CS is deasserted. In case the host requests to write a block of data which does not fit into a USB packet the device asserts the CS, sends the first received block to the SPI flash chip and then enters the WRITING state, expecting the controller to send the rest of the PDU in following packets. Once the entire PDU is transferred the CS is deasserted and state is changed back to IDLE. BUG=b:79492818 TEST=performed numerous flash read/write operations with 16M SPI flash chip on the Atlas device. Timing results comparison of various operations: Raiden V1 Raiden V2 Reading entire chip: 3m 16s 0m 52s Vanilla writing of new image: 16m 22s 5m 48s Writing of AP firmware into an erased flash chip (no read before or after writing) 4m 12s 1m 38s Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Change-Id: I374f3caab7146fc84b62274e9e713430d7d31de0 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2977965 Reviewed-by: Brian Nemec <bnemec@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org>
* cr50: add basic U2F test to tpmtest, disable eciesVadim Sukhomlinov2021-07-281-0/+4
| | | | | | | | | | | | | | | | | | | | | Add basic test to U2F generate, sign and attest commands to make sure commands are processed correctly. When build with CRYPTO_TEST=1 pretend that power button for U2F is always pressed when requested to simulate user presence. BUG=None TEST=make BOARD=cr50 CRYPTO_TEST=1 tests/tpmtest.py Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: I8fda8037ea7322eb5fa46421ded6da3d1bba9c66 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3048103 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Mary Ruthven <mruthven@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
* cr50: add FIPS module self-integrity checkVadim Sukhomlinov2021-07-282-0/+33
| | | | | | | | | | | | | | | | | Added computation of FIPS module SHA256 digest and comparison with precomputed value. BUG=b:138578318 TEST=make BOARD=cr50, check console output Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: I3aaac07ff460b5021f2b7dab4f6df2710325c60b Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3045839 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
* cr50: add linker script to consolidate FIPS module sectionsVadim Sukhomlinov2021-07-232-4/+88
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added linker script to sort by name all symbols from FIPS module and place them together in text.fips, rodata.fips and bss.fips sections which are later placed at fixed locations by chip's linker script. Note, this has impact on image size as LTO intentionally won't work across FIPS module boundary and probably don't discard some unused functions. Currently size increase is 1544 bytes. List of functions added: fips_p256_ecdsa_sign fips_drbg_clear DCRYPTO_asn1_sigp board_set_fips_policy_test u2f_gen_kek DCRYPTO_asn1_pubp fips_drbg_init fips_throw_err board_fips_enforced fips_trng_bytes dcrypto_p256_pick DCRYPTO_hkdf dcrypto_p256_rnd fips_mode adaptive_proportion_test fips_rand_bytes fips_set_policy board_fips_power_up_done fips_crypto_allowed Note, some of these functions can be removed, and some will be used once switch to FIPS key gen. BUG=b:138578318 TEST=make BOARD=cr50 Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: I0ab3cf1fc7fd6de2025b69d46c71625d96d7873b Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3041098 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
* Add necessary utilities to the FIPS boundarystabilize-14106.B-cr50_stabMary Ruthven2021-07-223-0/+209
| | | | | | | | | | | | | | | | | | | | BUG=none TEST=make buildall -j find -name util.o board/cr50/dcrypto/util.o is only a part of the cr50 build ./build/cr50/RO/common/util.o ./build/cr50/RO/board/cr50/dcrypto/util.o ./build/cr50/RW/common/util.o ./build/cr50/RW/board/cr50/dcrypto/util.o ./build/cr50/cryptoc/util.o Change-Id: Ib1e82922548f9ec483338baaad94c6b2cb10f371 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3043359 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
* cr50: make CRYPTO_TEST=1 work againVadim Sukhomlinov2021-07-212-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | Recent changes with FIPS module - removal of ECIES from dcrypto build, broke CRYPTO_TEST=1 build where tpm2/ecies.c used those functions. So, removing it from build for consistency. Also, some CRYPTO_TEST commands needs more stack, like newly added u2f_test command. These commands are usually executed in the context of TPM task which has larger stack, and to be executed in console task it's size should be a bit larger. BUG=none TEST=make BOARD=cr50 CRYPTO_TEST=1 Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: I7b663eb0b0f64871682c907d66e855e75c091548 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3042142 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Bendebury <vbendeb@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
* cr50: replace call to __aeabi_uldivmod with better implementationVadim Sukhomlinov2021-07-211-7/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | FIPS module should be self contained. Adding __aeabi_uldivmod is challenging as it comes from compiler builtin and used by other parts. In this CL we implement udiv32() which divides 64-bit number by 32-bit number. Since it doesn't compute reminder and don't have to support real 64-bit by 64-bit division it's faster. Also, we can use ARM instruction to count leading zeros instead of doing it manually. This code is reused from Ti50 cryptolib code as is. Exhaustive bn_div() test is provided by test/tpm_test/bn_test.c which is now can be built with board/cr50/dcrypto version. BUG=b:138578318 TEST=make BOARD=cr50 test/tpm_test/make CR50=1 build/tpm_test/bn_test Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: I19cebc5c11d3a80bc50732350b7c598bfa374348 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3042138 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
* build dcrypto and u2f separatelystabilize-14094.B-cr50_stabstabilize-14093.B-cr50_stabstabilize-14092.66.B-cr50_stabstabilize-14092.57.B-cr50_stabrelease-R93-14092.B-cr50_stabMary Ruthven2021-07-141-24/+39
| | | | | | | | | | | | | | | | Build dcrypto and u2f separately as a part of the fips_module object. This doesn't change how cryptoc is built. That'll be done in a followup CL. BUG=none TEST=none Change-Id: I411ee297ae8e88f0c38b6798c7b58c0e657750b1 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3002451 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* cr50: add CRYPTO_TEST_SETUP descriptionMary Ruthven2021-07-081-0/+6
| | | | | | | | | | | BUG=none TEST=none Change-Id: I24314865ef591ae791e20559534ca4e40af7d46d Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3010921 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org>
* CRYPTO_TEST: fix build ap_state build issueMary Ruthven2021-07-021-0/+2
| | | | | | | | | | | BUG=none TEST=make -j BOARD=cr50 CRYPTO_TEST=1 Change-Id: Iad1c87d6ca3dfd798a6b63a0cffc087e1dd716a2 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3002450 Reviewed-by: Andrey Pronin <apronin@chromium.org> Commit-Queue: Andrey Pronin <apronin@chromium.org>
* tpm_mode: make available to all boards and restore on resetsVadim Bendebury2021-06-304-41/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch removes the restriction of TPM_MODE vendor command, allowing any board's AP to disable TPM mode if required. In addition, TPM reset processing flow is being modified to always reboot the H1 in case TPM reset happens when TPM is disabled. BUG=b:191180387, b:191180208 TEST=on an Atlas device: localhost ~ # gsctool -a -f start target running protocol version 6 keyids: RO 0xaa66150f, RW 0x334f70df offsets: backup RO at 0, backup RW at 0x4000 Current versions: RO 0.0.11 RW 0.6.30 $ localhost ~ # gsctool -a -m disable TPM Mode: disabled (2) localhost ~ # gsctool -a -f start [WARNING:bus.cc(638)] Bus::SendWithReplyAndBlock took 1516ms to... Problems reading from TPM, got 10 bytes Failed to start transfer localhost ~ # reboot -- GSC reboots during device rebnoot localhost ~ # gsctool -a -f start target running protocol version 6 keyids: RO 0xaa66150f, RW 0x334f70df offsets: backup RO at 0, backup RW at 0x4000 Current versions: RO 0.0.11 RW 0.6.30 localhost ~ # reboot -- GSC does NOT reboot during device rebnoot Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Change-Id: I492bd2f201f3c5c7d1cd9b228ec6ab1cdcf8fa53 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2987913 Reviewed-by: Mary Ruthven <mruthven@chromium.org>
* tpm_mode: do not proceed if nvmem commits can not be enabledVadim Bendebury2021-06-301-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | NVMEM commits are disabled for a few seconds after every TPM reset. Setting TPM mode to 'disabled' requires the commits to be enabled first, so that the NVMEM updates would be saved immediately. Re-enabling the commits must be done by the same task which disables them, i.e. the TPM task. This patch moves the invocation of 'nvmem_enable_commits()' to the main processing thread of the TPM mode vendor command handler. When invoked through TPM it will be able to properly reenable NVMEM commits. When invoked through USB it will fail if TPM reset happened less than 3 seconds ago. BUG=b:187831914 TEST=verified that when the TPM disable command is sent immediately after TPM reset over USB it is rejected with error code 11, no lockup/watchdog reset is observed. Testing the AP sending the command will be done when debugging NBR. Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Change-Id: I035cd5db2c55fe5c9dd3679153bf9a2ec49210b6 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2998302 Reviewed-by: Mary Ruthven <mruthven@chromium.org>
* dcrypto: remove unused functionalityVadim Sukhomlinov2021-06-301-2/+0
| | | | | | | | | | | | | | | | | | | | | Cr50 doesn't use AES-CMAC and P256-ECIES functions. Currently these functions are not linked in as they are not used. Since we will change a build process to build crypto library separately to implement FIPS certification requirements, better to remove it from library as otherwise they will increase image size. Files are still there in case if will be needed in the future. BUG=b:134594373 TEST=make BOARD=cr50 Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Change-Id: I0922a5f35a85b1a2d85e6b325716ac3838c2c9cb Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2988186 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Mary Ruthven <mruthven@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Mary Ruthven <mruthven@chromium.org>
* cr50: use board/cr50/dcryptoMary Ruthven2021-06-282-3/+36
| | | | | | | | | | | | BUG=b:191799047 TEST=make buildall -j ; run tpmtest Change-Id: I8b743c16c4e4b8b0779eb40ba1eb0a78613930f9 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2980812 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
* cr50: switch SPI CS to GPIO modestabilize-RUST-14057.B-cr50_stabstabilize-14057.B-cr50_stabVadim Bendebury2021-06-253-7/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | To be able to send and receive multiple SPI buffer quantities in a single SPI transaction it is necessary to control the SPI CS signal directly, as opposed to connecting it to the SPI controller. Direct mode allows to keep CS asserted as long as necessary to transfer the full data blob, size of which might exceed the the size of the SPI controller buffer. BUG=b:79492818 TEST=flashrom access still works fine: $ flashrom -p raiden_debug_spi:target=ap --flash-name flashrom f10dff7b-dirty on Linux 5.4.0-71-generic (x86_64) flashrom is free software, get the source code at https://flashrom.org Using clock_gettime for delay loops (clk_id: 1, resolution: 1ns). Raiden target: 2 Found GigaDevice flash chip "GD25Q127C/GD25Q128C" (16384 kB, SPI) on... vendor="GigaDevice" name="GD25Q127C/GD25Q128C" Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Change-Id: Idecf019d3fd19675d7f78e4dc1140106a2112c6b Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2973580 Reviewed-by: Mary Ruthven <mruthven@chromium.org>
* ap_ro_integrity_check: Add vendor command to check statusMary Ruthven2021-06-181-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | AP RO verification has four outcomes. Shimless RMA needs to be able to check the status. This change adds a vendor command to check the AP RO verification status NOT_TRIGGERED: The last AP reboot was not triggered by RO verification key combination. PASS: The last AP reboot was triggered by RO verification key combination, and the verification passes FAIL: The last AP reboot was triggered by RO verification key combination, and it fails. In reality, the device should brick and the system will not see this response. UNSUPPORTED: The last AP reboot was triggered by RO verification key combination, but there is no data to perform it or the board doesn't support it. BUG=b:182594555 TEST=manual # Erase board id # Erase AP RO hash cr50 > ap_ro_info erase # Check status AP RO status = 3: unsupported # Set gbb flags /usr/share/vboot/bin/set_gbb_flags.sh 0x140 # Set AP RO hash ./util/ap_ro_hash.py -v True GBB # Check status AP RO status = 0: not run # Trigger verification # Check status AP RO status = 1: pass # Change gbb flags /usr/share/vboot/bin/set_gbb_flags.sh 0xa39 # Trigger verification # Check status AP RO status = 2: FAIL # Set board id to DUKI:0x10 # Check status AP RO status = 3: unsupported Change-Id: I354ccd6317cd36008a66ffd93afb3ee95f3c3561 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2950314 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
* ap_ro_integrity_check: skip verify based on RLZMary Ruthven2021-06-181-0/+69
| | | | | | | | | | | | | | | | | | | Some factories programmed hashes into devices that don't support reading from AP flash while EC_RST_L is asserted. Skip AP RO verification on these devices if the RLZ is blocked. BUG=b:185783841 TEST=manual Set board id to YVRQ:0x10 Verify AP RO verification can be triggered Set board id to VYRC:0x10 Verify AP RO verification is skipped even if the hash is stored. Change-Id: I7ef5ceafd55ae5e90b4a754d1e92317a9a745ef9 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2950313 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
* brdprop: print tpm-board-cfgMary Ruthven2021-06-181-1/+1
| | | | | | | | | | | BUG=b:186446598 TEST=none Change-Id: I0192cd85904fe162c38bbedd5321187bc24be8d9 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2970991 Reviewed-by: Namyoon Woo <namyoon@chromium.org> Commit-Queue: Namyoon Woo <namyoon@chromium.org>
* Move copy chip/g/dcrypto to boards/cr50/dcryptoJosip Sokcevic2021-06-1728-0/+10103
| | | | Signed-off-by: Josip Sokcevic <sokcevic@google.com>
* cr50: support EC-EFS 2.1Namyoon Woo2021-06-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | This patch adds the codes that support EC-EFS 2.1. However, it is not enabled. EC-EFS 2.0 is still enabled as default. BUG=b:187953899 TEST=built cr50 image, and ran it on hatch with CONFIG_EC_EFS2_VERSION defined as 0 and 1 respectively. For both cases, CrOS booted good. Also checked CrOS recovery was done good with corrupted TPM secdata, and booted good at the end. > ec_comm corrupt > ecrst pulse Ran the unittest for both version as well. $ make run-ec_comm $ make run-ec_comm21 Signed-off-by: Namyoon Woo <namyoon@google.com> Change-Id: I7623fa56dd44a01002628685826105afe76e034f Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2891925 Tested-by: Namyoon Woo <namyoon@chromium.org> Reviewed-by: Mary Ruthven <mruthven@chromium.org> Commit-Queue: Namyoon Woo <namyoon@chromium.org>
* add reserved `VIRTUAL_NV_INDEX_RMA_BYTES` in comment.Leo Lai2021-06-161-0/+3
| | | | | | | | | | | | | | | | | The index is added to cr50 repository while the usage is only for generic TPM2.0 case. In the future we don't want GSC to re-use the index number. BUG=b:187821960 BUG=b:191163997 TEST=make buildall -j Signed-off-by: cylai@chromium.org Change-Id: I6cfb12cf4558dd0bf2c99e045ef6e0b89698bbc7 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2892151 Tested-by: Leo Lai <cylai@google.com> Commit-Queue: Andrey Pronin <apronin@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org>
* CRYPTO_TEST: open ccdMary Ruthven2021-05-251-1/+1
| | | | | | | | | | | | | CRYPTO_TEST images don't need to have restricted CCD. Open CCD for crypto test images like we do for DBG images. BUG=none TEST=ccd is automatically open in crypto test images Change-Id: I674ef9055e1a87caf9f8b2b28f9893e79ed9e7e5 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2916576 Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
* CRYPTO_TEST_SETUP: enable dev featuresMary Ruthven2021-05-071-0/+3
| | | | | | | | | | | | | | | | | Enable dev features in CRYPTO_TEST builds, so it's easier to update and rollback to MP images. Add the rollback command and disable update checks. BUG=b:186663661 TEST=make clobber ; make -j BOARD=cr50 make clobber ; make -j BOARD=cr50 CRYPTO_TEST=1 Change-Id: Id8929f67f206d3222c551532c91921bd646d2a50 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875480 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* CRYPTO_TEST_SETUP: remove ap ro verification and spi hashMary Ruthven2021-05-071-0/+4
| | | | | | | | | | | | | | | | Remove AP RO verification and spi hash support to save space. This saves 3952 bytes in the CRYPTO_TEST image. BUG=b:186663661 TEST=make clobber ; make -j BOARD=cr50 ; make clobber ; make -j BOARD=cr50 CRYPTO_TEST=1 Change-Id: I77eb3de547fad1e4a894b0e6eff62adaa8cbf65d Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875478 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* CRYPTO_TEST_SETUP: remove unnecessary commandsMary Ruthven2021-05-071-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove these commands. CONFIG_CMD_ECRST CONFIG_CMD_SYSRST CONFIG_CMD_WP CONFIG_CMD_DUMP_NVMEM CONFIG_CMD_PINMUX CONFIG_CMD_GPIOCFG CONFIG_CMD_SLEEPMASK CONFIG_CMD_TIMERINFO CONFIG_CONSOLE_HISTORY CONFIG_I2C_XFER CONFIG_I2C_SCAN CONFIG_CONSOLE_CMDHELP This saves 6068 bytes of space. BUG=b:186663661 TEST=make -j BOARD=cr50 Change-Id: I3f559fe853ab51b9618edb3e2a5bd215c2155325 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875477 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* add CONFIG_CMD_ROLLBACKMary Ruthven2021-05-072-1/+2
| | | | | | | | | | | | | Add CONFIG_CMD_ROLLBACK for building the rollback command. BUG=b:186663661 TEST=flash usage doesn't change with make -j BOARD=cr50 Change-Id: Iea22485368fbb57eed114653c6f78758cc5c8111 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875476 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* add CONFIG_SPI_HASHMary Ruthven2021-05-072-6/+12
| | | | | | | | | | | | | Add CONFIG_SPI_HASH to control building spi hash support. BUG=b:186663661 TEST=flash usage doesn't change with make -j BOARD=cr50 Change-Id: If2f731897bcddec226cd0f388e94e82f7eeaeb8f Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875475 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* isolate CONFIG_AP_RO_VERIFICATIONMary Ruthven2021-05-072-0/+4
| | | | | | | | | | | | | | | Isolate CONFIG_AP_RO_VERIFICATION BUG=b:186663661 TEST=flash usage doesn't change with make -j BOARD=cr50 #undef CONFIG_AP_RO_VERIFICATION doesn't have build errors. Change-Id: I9bf7e897a44302062551ecb553236a08dc96432e Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875474 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* add CONFIG_CMD_WPMary Ruthven2021-05-071-0/+2
| | | | | | | | | | | | | | | | Add CONFIG_CMD_WP to control building the wp commands. This adds the wp console command, the bpforce console command, and the wp vendor command. BUG=b:186663661 TEST=flash usage doesn't change with make -j BOARD=cr50 Change-Id: I707ace6d35b691a49d983b714ad519ae85c7e01f Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875470 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* add CONFIG_CMD_SYSRSTMary Ruthven2021-05-071-9/+11
| | | | | | | | | | | | | Add CONFIG_CMD_SYSRST to control building the sysrst command. BUG=b:186663661 TEST=flash usage doesn't change with make -j BOARD=cr50 Change-Id: I4922b5b55d895bc2f4b43614fe2af210c5fbe134 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875469 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* add CONFIG_CMD_ECRSTMary Ruthven2021-05-071-0/+2
| | | | | | | | | | | | | Add CONFIG_CMD_ECRST to control building the ecrst command. BUG=b:186663661 TEST=flash usage doesn't change with make -j BOARD=cr50 Change-Id: Ia3b7a0284c594d03257fa669bff0ab8bec155125 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875468 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* ccdstate: displays "CCD_MODE" instead of "CCD EXT" fieldstabilize-RUST-13932.B-cr50_stabstabilize-13942.B-cr50_stabstabilize-13935.B-cr50_stabNamyoon Woo2021-04-221-3/+1
| | | | | | | | | | | | | | | | | | | | | | | BUG=b:186048264 TEST=ran it on Octopus. > ccdstate AP: on AP UART: on EC: on Servo: undetectable Rdd: connected KeepAlive: disabled CCD_MODE: asserted State flags: UARTAP+TX UARTEC+TX I2C SPI USBEC+TX CCD ports blocked: (none) Signed-off-by: Namyoon Woo <namyoon@google.com> Change-Id: If854d5f56c812ab04a3271b07f1ebdd5ad1e6e86 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2845279 Tested-by: Namyoon Woo <namyoon@chromium.org> Reviewed-by: Mary Ruthven <mruthven@chromium.org> Commit-Queue: Namyoon Woo <namyoon@chromium.org>
* ccdstate: add 'KeepAlive' line in outputNamyoon Woo2021-04-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BUG=b:186004390 TEST=checked 'ccdstate' output in Octopus: > ccdstate AP: on AP UART: on EC: on Servo: undetectable Rdd: connected KeepAlive: disabled CCD EXT: enabled State flags: UARTAP+TX UARTEC+TX I2C SPI USBEC+TX CCD ports blocked: (none) > > > rddkeepalive true Forcing Rdd detect keepalive > > > ccdstate AP: off AP UART: off EC: on Servo: undetectable Rdd: connected KeepAlive: enabled CCD EXT: enabled State flags: UARTEC+TX I2C SPI USBEC+TX CCD ports blocked: (none) > > rddkeepalive Rdd: connected KeepAlive: enabled > > rddkeepalive false Using actual Rdd state > > rddkeepalive Rdd: connected KeepAlive: disabled Signed-off-by: Namyoon Woo <namyoon@google.com> Change-Id: Ib0517a62ddd97f334cc62530abdb8fe612ac998c Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2844339 Tested-by: Namyoon Woo <namyoon@chromium.org> Reviewed-by: Mary Ruthven <mruthven@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Commit-Queue: Namyoon Woo <namyoon@chromium.org>
* add 'atboot' arg to rddkeepalivestabilize-13895.B-cr50_stabMary Ruthven2021-04-011-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add 'atboot' arg to rddkeepalive that can be used to store rddkeepalive across cr50 resets. The atboot flag gets cleared with rddkeepalive disable. BUG=b:144724216 TEST=manual # Verify 'rddkeepalive disable' is unchanged rddkeepalive disable Using actual Rdd state rddkeepalive Rdd: connected # Verify 'rddkeepalive enable' is unchanged rddkeepalive enable Forcing Rdd detect keepalive rddkeepalive Rdd: keepalive # Verify 'rddkeepalive disable' disables keepalive rddkeepalive disable Using actual Rdd state rddkeepalive Rdd: connected ccd ... Flags: 0x000000 # Verify 'rddkeepalive enable atboot' enables keepalive and sets # the atboot flag. rddkeepalive enable atboot Forcing Rdd detect keepalive atboot. rddkeepalive Rdd: keepalive (atboot) # check the ccd rddkeepalive atboot flag (0x80000) ccd ... Flags: 0x080000 reboot ... rddkeepalive Rdd: keepalive (atboot) ccd ... Flags: 0x080000 # Verify this new string doesn't break dut-control dut-control cr50.ccd_keepalive_en ccd_keepalive_en:on # 'rddkeepalive enable' doesn't touch the atboot flag rddkeepalive enable Forcing Rdd detect keepalive rddkeepalive Rdd: keepalive (atboot) # 'rddkeepalive disable' clears it. rddkeepalive disable Using actual Rdd state rddkeepalive Rdd: connected Change-Id: I10227e335a5de6ed73290ff5be2e65892913de35 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2799441 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* ec-comm: make EC_PACKET_MODE_EN a wake source in all statesMary Ruthven2021-04-011-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enable EC_PACKET_MODE_EN wake on high in ec_comm_init_ instead of board_configure_deep_sleep_wakepins, so cr50 will wake from regular sleep and deep sleep when EC_PACKET_MODE_EN is asserted. BUG=b:183611249 TEST=manual # Verify EC-EFS after wake from deep sleep # shutdown AP wait for cr50 to enter deep sleep ec > reboot ap-off # wait for cr50 to enter deep sleep. # Verify cr50 wakes up from deep sleep and verifies EC hash. ec > reboot ap-off # Verify EC-EFS after wake from sleep # keep AP off. Set the idle action to sleep cr50 > idle s # Disable TPM_RST_L wake to prevent that from constantly waking # cr50. cr50 > rw 0x40060284 read 0x40060284 = 0x00860008 cr50 > rw 0x40060284 0x00860000 # Verify cr50 wakes up from sleep and verifies EC hash. ec > reboot ap-off Change-Id: I7fc31154becaafaa536fc1ee6775a7723e49a469 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2799447 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* u2f: Move some u2f logic to common/ for testingYicheng Li2021-02-181-78/+1
| | | | | | | | | | | | | | | | | | | | | Since this is cr50's branch, there's no semantic difference whether we put logic in board/cr50/u2f.c or common/u2f.c. EC's build system doesn't quite allow unit-testing board-specific logic, so to unit-test some of the crypto logic in board/cr50/u2f.c, things need to move to common/u2f.c. There's no change in functionality. There should also be no problem for merging/cherry-picking ToT changes to cr50_stab, because any new u2f changes are made on cr50_stab only and not on ToT. BUG=b:172971998 TEST=make run-u2f TEST=make CR50_DEV=1 BOARD=cr50 Change-Id: I3cb8d78fd6427620a6fe20cef12708899d2896b5 Signed-off-by: Yicheng Li <yichengli@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2702496 Reviewed-by: Mary Ruthven <mruthven@chromium.org>
* cr50_stab: Add unittests for u2fstabilize-quickfix-13729.84.B-cr50_stabstabilize-quickfix-13729.73.B-cr50_stabstabilize-quickfix-13729.60.B-cr50_stabstabilize-13729.72.B-cr50_stabstabilize-13729.57.B-cr50_stabstabilize-13729.56.B-cr50_stabstabilize-13729.49.B-cr50_stabstabilize-13729.45.B-cr50_stabstabilize-13729.16.B-cr50_stabrelease-R89-13729.B-cr50_stabYicheng Li2021-01-121-1/+24
| | | | | | | | | | | | | | | | | | | | | The u2f functionality had no unittests at all. This change is more of a setup (in terms of build dependencies) so that u2f tests can be easily added in the future. This change comes with a few simple tests for u2f_generate. The basic idea here is to use board/host/dcrypto.h to mock the dcrypto functionalities. Since board/host/dcrypto.h includes an alternative to cryptoc's sha256 definitions, we need to exclude cryptoc/sha256.h in the test builds. BUG=b:172971998 TEST=make -j run-u2f TEST=make CR50_DEV=1 BOARD=cr50 -j Signed-off-by: Yicheng Li <yichengli@chromium.org> Change-Id: Idae6f55f599a017aedcaf0fe4cdb6c0506e72712 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2610133 Reviewed-by: Mary Ruthven <mruthven@chromium.org>
* coil: cleanup commentsstabilize-rust-13720.B-cr50_stabMary Ruthven2021-01-113-4/+4
| | | | | | | | | | BUG=b:175244613 TEST=make buildall -j Change-Id: Icbd143b072fdd5df3b67d7e5a09ee6c01a77f6b9 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2622889 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* coil: CONFIG_TPM_SPS->CONFIG_TPM_SPPMary Ruthven2021-01-101-1/+1
| | | | | | | | | BUG=b:175244613 TEST=make buildall -j Change-Id: If1d3a3e11736bf6da85938a607038a93254e9cc0 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615126
* coil: rename spi_master to spi_controllerMary Ruthven2021-01-101-1/+1
| | | | | | | | | | BUG=b:175244613 TEST=make buildall -j Change-Id: If7b5829294a3d4d8a68042f1a8d449e8e6ef158e Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615124 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* coil: CONFIG_SPI_MASTER->CONFIG_SPI_CONTROLLERMary Ruthven2021-01-104-7/+7
| | | | | | | | | | BUG=b:175244613 TEST=make buildall -j Change-Id: I244ca864dad04f2b4f02bb1be2b482921da2fc88 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615123 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* coil: sps->sppMary Ruthven2021-01-101-1/+1
| | | | | | | | | | BUG=b:175244613 TEST=make buildall -j Change-Id: Ia34cccffdd6a82c25b479bb8d2e6370bbf00baf0 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615121 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* coil: CONFIG_SPS->CONFIG_SPPMary Ruthven2021-01-102-3/+3
| | | | | | | | | | BUG=b:175244613 TEST=make buildall -j Change-Id: I79a65f8475e2a764720a1f37a147c3723d34b046 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615120 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* coil: cleanup i2c commentsMary Ruthven2021-01-084-13/+13
| | | | | | | | | | | | Remove coil terms from i2c comments BUG=b:175244613 TEST=make buildall -j Change-Id: If056c099304e1fa676991e22ddaa9cb91ccfdeb3 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613509 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* coil: rename i2cs files to i2cpMary Ruthven2021-01-081-1/+1
| | | | | | | | | BUG=b:175244613 TEST=make buildall -j Change-Id: Iea0b26d4aec99509bc2db0ccc3ad8da701d63e79 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613505
* coil: i2cm->i2ccMary Ruthven2021-01-072-3/+3
| | | | | | | | | | BUG=b:175244613 TEST=make buildall -j Change-Id: I5318e7845c7b87a21b1fa9f5e99629513b7fbb80 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2613504 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* coil: rename I2CS gpiosMary Ruthven2021-01-072-13/+13
| | | | | | | | | | | | | We can't change the register names at this point. We can only change the gpios. This changes the gpio names. BUG=b:175244613 TEST=make buildall -j Change-Id: I0dadd84bbb3d19011e86428b79d0cb08321c35e3 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2611762 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
* coil: i2cs -> i2cpMary Ruthven2021-01-073-11/+11
| | | | | | | | | | | | | | | | | Rename i2cs functionas and variables to i2cp. Change some basic comments. I will rework the i2cp comments to stop using controller when referring to the i2cp, because it's kind of confusing now that master has been renamed to controller. BUG=b:175244613 TEST=make buildall -j Change-Id: I9574e77ab42427ca90d5b8a6421793f52e519f67 Signed-off-by: Mary Ruthven <mruthven@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2611761 Reviewed-by: Namyoon Woo <namyoon@chromium.org>
View Lorry Controller Status