| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SQA images won't be built anymore. This change removes the SQA support.
It deletes all SQA ifdefs and replaces CR50_RELAXED with CR50_DEV.
BUG=b:158011401
TEST=manual
build regular image and check eraselfashinfo and rollback aren't
included.
build image with CR50_SQA=1 and check it's no different than the
regular image.
build DBG image and make sure it still starts open, it has the
eraseflashinfo and rollback commands, and it can flash old cr50
images.
Change-Id: I5e94c88b1903cfcf0eee0081fc871e55fc8586c7
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2227149
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes it possible to check if the INFO1 Board ID space is
programmed or not.
BUG=b:153764696
TEST='make buildall -j'
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ic771956a08e276c2e1a426729a8ecdae3f86a04f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2204974
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rolling back to 0.0.22 requires erasing the INFO1 rollback protection
space, as current RW level is at two, and 0.0.22 is at one.
The only way to erase INFO1 is to run a node locked prod signed 0.3.22
image. But 0.3.22 will destroy board ID along with the rollback spaces
AND it is not capable of rollback, so to roll back to a lower than
0.3.22 version one still needs to run the SQA image. 0.3.22 will not
allow to restore the Board ID either.
Another problem is that SQA image would update the rollback INFO1
space, thus again preventing 0.0.22 from running.
This patch alleviates the situation by allowing the SQA images to
write Board ID fields and preventing SQA images from updating rollback
space in INFO1.
BRANCH=cr50
BUG=b:146522336
TEST=with the new image was able to downgrade a device from 0.4.24 to
0.0.22
Change-Id: I8babf15ae32036dc612ae9c808c773a2b3355762
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1975092
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's ok to set the board id type if it's blank. It doesn't matter if the
flags are set. Use the given flags if the flags are empty or use the
existing flags if they're already set.
BUG=b:143649068
BRANCH=cr50
TEST=manual
eraseflashinfo
gsctool -i ZZAF:0x7f7f - SUCCEEDS.
Board ID: 5a5a4146:a5a5beb9, flags 00007f7f
gsctool -i ZZAF:0x7f7f - FAILS
Board ID: 5a5a4146:a5a5beb9, flags 00007f7f
eraseflashinfo
gsctool -i 0xffffffff:0x3f80 - SUCCEEDS.
Board ID: ffffffff:ffffffff, flags 00003f80
gsctool -i ZZAF:0x7f7f - SUCCEEDS.
Board ID: 5a5a4146:a5a5beb9, flags 00003f80
eraseflashinfo
bid 0xffffffff 0x3f80
Board ID: ffffffff:00000000, flags 00003f80
gsctool -i ZZST:0x3f80 - FAILS.
Board ID: ffffffff:00000000, flags 00003f80
update to image with BID TEST:ffff:10
eraseflashinfo
gsctool -i 0xffffffff:0x3f80 - FAILS
Board ID: ffffffff:ffffffff, flags ffffffff
gsctool -i ZZAF:0x7f7f - FAILS
Board ID: ffffffff:ffffffff, flags ffffffff
gsctool -i ZZST:0x7f7f - SUCCEEDS.
Board ID: 5a5a5354:a5a5acab, flags 00007f7f
update to image with BID TEST:0:100
eraseflashinfo
gsctool -i whitelabel - SUCCEEDS.
Board ID: ffffffff:ffffffff, flags 00003f80
gsctool -i ZZST:0 - SUCCEEDS.
Board ID: 5a5a5354:a5a5acab, flags 00003f80
Change-Id: I07de4721cb9cc9ad6e74a51e1794a49cb70f70fb
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1892122
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's ok if type and type_inv are both empty. Only show an error if the
board ID type isn't empty and the inversion is incorrect.
BUG=none
BRANCH=cr50
TEST=set whitelabel rlz and run 'bid' command. Make sure the warning
isn't shown.
Change-Id: I12b1e4b34559bc8b6ad482d9694c9dd143bfcd1c
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1892121
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:143649068
BRANCH=cr50
TEST=manual
eraseflashinfo
Board ID: ffffffff:ffffffff, flags ffffffff
gsctool -S AAAAAAAAAAAAAAAAAAAAAAA1
succeeds
eraseflashinfo
gsctool -i 0xffffffff:0x3f80
Board ID: ffffffff:ffffffff, flags 0x3f80
gsctool -S AAAAAAAAAAAAAAAAAAAAAAA1
succeeds
eraseflashinfo
gsctool -i ZZAF:0x7f7f
Board ID: 5a5a4146:a5a5beb9, flags 0x3f80
gsctool -S AAAAAAAAAAAAAAAAAAAAAAA1
fails
Change-Id: I5d2a3f35c5c7e4e79cadbb3a6737e5db00f8ca5a
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1892120
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the board id type is 0xffffffff, hold off on erasing any type_inv
bits until we get a type that isn't empty.
BUG=b:143649068
BRANCH=cr50
TEST=Use gsctool -i 0xffffffff:0x3f80 to set flags to 0x3f80. Get the
board id and make sure the rlz and rlz_inv fields are still 0xffffffff.
Change-Id: I8243cb59f2560dc232bb982e1615271136d60f24
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1892118
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We will be able to set the board id flags without setting the type. If
only flags are set, then check the flags. If the type is set, also check
the type.
BUG=b:143649068
BRANCH=cr50
TEST=set flags to 0x3f80. Try to update to a ZZAF:0:0:0 image. Make
sure it isn't rejected with board id type mismatch. Try to update to a
prepvt image. Make sure it's rejected.
Change-Id: Ie0efdd7b1b6d76f385688f75c0765c08cab3755c
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1892117
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add type_inv to the bid command output. In the bid output you can't tell
the difference between a board with type 0xffffffff and a empty type.
Change the command output to show type and type_inv, so we can tell the
difference.
Remove unused clear_flag parameter
BUG=b:143649068
BRANCH=cr50
TEST=run 'bid'
Change-Id: I13b6ba472010fdf85f94cb4015a9bbc48531973d
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1892115
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The INFO1 flash space is used for various purposes (endorsement key
seed, Board ID and flags, serial number, etc.).
Accessing these spaces in INFO1 is accompanied by managing the flash
region registers, each time opening a window of the appropriate size,
with appropriate permissions, etc,
In fact none of these spaces contain a secret, to simplify things and
preventing situations when concurrent accesses change the flash range
window settings lets dedicate previously unused Region 7 register file
to providing always open read access to INFO1.
Write access will be enabled/disabled as required. In prod images
write accesses will always happen from the vendor command context. In
DBG images CLI commands will also have write access to INFO1.
INFO1 window is accessed by other H1 based devices as well, this is
why it is necessary to enable the window in the common chip code.
BRANCH=cr50, cr50-mp
BUG=b:138256149
TEST=the firmware_Cr50SetBoardId test now passes on Mistral.
Cq-Depend: chrome-internal:1577866, chrome-internal:1581327
Change-Id: Id27348f3b04191f1b3b60fd838d06009f756baa2
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1730147
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When building with CR50_SQA defined, the resulting image is supposed
to allow transitioning the H1 chip it is running on from pre-pvt to MP
track. This should include preserving the Board ID value, but setting
the board id flags to zero, and erasing the INFO1 RW map, because
older MP image could have a less restrictive mask.
The rest of the INFO1 space should be preserved.
Sometimes there is a need to set flags to a non-zero value and migrate
from MP to pre-pvt. This would be possible if image is compiled with
CR50_SQA set 2 or a larger numeric value.
This patch creates a structure describing the layout of the INFO1
space and modifies the 'eraseflashinfo' command to behave differently
depending on the build time configuration.
In addition to erasing the INFO1 RW map:
- when CR50_DEV is set - everything but INFO1 RO map is erased
- when CR50_SQA is set to 1, the board ID flags are set to zero, and
INFO1 RW map is erased.
- when CR50_SQA is set to 1, the board ID flags can be set to a value
which would not lock out the currently running image and INFO1 RW
map is erased.
With these modifications the 'eraseflashinfo' command can be used
instead of 'bid force_pvt', and previously erased INFO1 RO map is
preserved.
BRANCH=none
BUG=none
TEST=tried running 'eraseflashinfo' in three kinds of images
(CR50_DEV=1, CR50_SQA=1, and CR50_SQA=2) and with various board
ID flags set in the image header, and observed the desired
behavior.
Change-Id: Icf26dc3a4a4bb6fac2fcec630749c81aa46e16ae
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1549981
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Devices in the lab need to be switched from prepvt to pvt flags. This
change adds a build flag for CR50_SQA. Images built with CR50_SQA have
more capabilities than normal cr50 images, but less than CR50_DEV
images.
SQA images can access the rollback command, updates including
downgrading to images with lower version numbers and mismatched board id
will not be rejected, and the 'bid force_pvt' console command can be
used to set the bid flags to 0. bid force_pvt does not erase flashinfo.
After the board id has been set, we can still change 1 bits to 0, so we
don't need to eraseflashinfo to change the board id flags to 0. This
makes the command a bit safer, because the board id RLZ can't be changed
just the flags. Changing the flags to 0 works for the test team, because
it prevents cr50 from updating to prepvt.
This change also marks rollback as a safe command. CR50_SQA images
aren't automatically open, so if rollback isn't safe, they will have to
go through the open process to change to pvt. Rollback is only included
in DEV and SQA images, so it's ok if it's marked safe. It's understood
these images aren't supposed to be used on regular devices. They're just
for special development and test environments.
NEW PROCESS FOR SQA:
- update to sqa image
- run 'bid force_pvt'
- flash pvt image
- run rollback
BRANCH=cr50
BUG=b:126618143
TEST=run sqa process
Change-Id: Ia713274830c9e19cdb3ccafa87849c160d667683
Signed-off-by: Mary Ruthven <mruthven@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1529834
Commit-Ready: Mary Ruthven <mruthven@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Keith Short <keithshort@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add board_id_is_blank for checking that all fields of a board id are
0xffffffff.
BUG=none
BRANCH=cr50
TEST=none
Change-Id: I591a3529a7f5a2aa4fcd4a7e0ec43356d0e97237
Signed-off-by: Mary Ruthven <mruthven@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1531321
Commit-Ready: Mary Ruthven <mruthven@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allocates 16 bytes of INFO1 space, in the 'board' section, and
after the current Board ID data, to store the serial number
data for use by zero-touch enrollment.
Adds a console command to read / set this data.
Adds TPM vendor commands to set initial sn data, and update it
during RMA.
CQ-DEPEND=CL:*657450
BUG=b:111195266
TEST=tested locally on soraka
BRANCH=none
Change-Id: I752aefad9654742b7719156202f29d635d2306df
Signed-off-by: Louis Collard <louiscollard@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1127574
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, an error reading Board ID would prevent any image from
running, even a wildcard (unrestricted) image with mask=flags=0 which
would match any Board ID.
Now, if Board ID can't be read, match the image against
type=type_inv=flags=0. This will match only an unrestricted image.
(This is better than checking directly for an unrestricted image,
because that check is more susceptible to clock-jitter-induced errors.)
BUG=b:67651806
BRANCH=cr50
TEST=Hack read_board_id() to return error. See that an unrestricted
image will now boot.
Change-Id: I1071e146b4541e8efd50c8409b8f76012a107731
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/713574
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is no point in updating the Cr50 to an image which will not be
allowed to run due to board ID settings mismatch.
This patch modifies the prototype of check_board_id_mismatch() to
allow to pass to this function an arbitrary pointer to an image
header, so that the function can check not only the image in the flash
memory, but also the image which just arrived over the line.
The contents_allowed() function now checks if the new image is
compatible with the Board ID value in Info1 and rejects the new image
if there is a mismatch.
BRANCH=cr50
BUG=none
TEST=tried updating a Cr50 to an image which is incompatible with the
Info1 fields contents. The update attempt is rejected. Verified
that updating to a compatible image still works as designed.
Change-Id: I3d6c16df11fcabd05888f3cbf5e9a81dc51fe66f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/650812
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until the Board ID check is moved to RO, it is possible to start an RW
with a mismatching Board ID.
Let's add a function to check for mismatch and report the status.
Also eliminating the unnecessary check for empty header Board ID field
- it is going to match any board ID anyways and fixing a CPRINTF
statement in read_board_id().
BRANCH=cr50
BUG=b:35586335
TEST=verified that empty board ID header does not trigger a mismatch
on a board with a non-empty INFO1. With the rest of the patches
applied verified that board ID mismatch is reported properly.
Change-Id: Ie03f8137e494117b7a238e3af72527e0a46369e1
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/535975
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
|
|
|
The contents of the board ID fields of the Cr50 image headers is an
important piece of information which determines if an image can run on
a particular H1 chip.
This patch adds this information to the output of the 'version'
command, printing both the contents of the fields of the RW images and
if the image would run with the current INFO1 board ID contents (Yes
or NO).
The board_id feature is in fact g chipset specific, this is why
board_id support files are being moved from the cr50 board scope to
the g chip scope.
BRANCH=cr50
BUG=b:35587387,b:35587053
TEST=observed expected output in the version command:
> bid
Board ID: 000000fa, flags 000000ff
> vers
Chip: g cr50 B2-C
Board: 0
RO_A: * 0.0.10/29d77172
RO_B: 0.0.10/c2a3f8f9
RW_A: * 0.0.20/DBG/cr50_v1.1.6542-856c3aff4
RW_B: 0.0.20/DBG/cr50_v1.1.6543-2c68a2630+
BID A: 00000000:00000000:00000000 Yes
BID B: 000000ea:0000fffc:000000ff No
Build: 0.0.20/DBG/cr50_v1.1.6542-856c3aff4
tpm2:v0.0.289-cb2de5a
cryptoc:v0.0.8-6283eee
2017-06-09 15:34:19 vbendeb@eskimo.mtv.corp.google.com
>
Change-Id: I5b283abf304a7408ca8f424407044fca238185e1
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/530033
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
|
