| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 7d36fb8991e7a249ae56db508078480c27914f2e.
BUG=b:200823466
TEST=make buildall -j
Change-Id: Ifbef35feaf42fca1faa3fc78ceff5cb9bced19f8
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3285750
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 1b25735b732e7766aceb3f060e4ca205aba6d358.
BUG=b:200823466
TEST=make buildall -j
Change-Id: I2e29902d7026c63f23871af0141a3ee7d319852d
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3273456
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 3e1c72ea23fe3c37f5a4e4e8bceea38c0322ba31.
BUG=b:200823466
TEST=make buildall -j
Change-Id: I172b5fd55529754d913f4d18258beccac0bade58
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3273364
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 3b390264a415ce121a8c6f8db9fa9c42c647aaec.
BUG=b:200823466
TEST=make buildall -j
Change-Id: If339cc98bd345a8bb5994bf2b541ff3ee2420be6
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3273192
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:200823466
TEST=make buildall -j ; make runtests
Change-Id: Ie896b990e93e2e2befe94c9a75d4ca946b4e34d9
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3273184
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In unusual case when FIPS test fails, fw_upgrade will fail too as
usb_pdu_valid() didn't check for failure and incorrectly assumed that
digest of data doesn't match. Making check conditional on success of
hash computation.
BUG=b:205836895
TEST=make BOARD=cr50 CRYPTO_TEST=1;
fips sha
fips test in CCD
attempt to firmware upgrade using gsctool
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Iea38f82a46fb00ad0ed543cd9b4b950a6b1c102e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3272287
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The decision of when to refuse to boot the device needs to be refined.
We should never allow booting a device which ever passed a V2
verification. To reliably keep track of successful V2 validations in
the past let's allocate a word in the INFO space which is write only,
once written to 0 it will never change, value of 0 will be the
indication of previous V2 verification success.
The below table describes when booting should be allowed or blocked.
Cache GSCVD Verification |
version present Info result | Block boot
--------- --------- ------ --------------|------------------
none no 0 n/a | yes
none no 1 n/a | no
none yes n/a fail | yes
none yes n/a pass | no, update cache, info
v1 n/a n/a pass | no
v1 n/a n/a fail | check v2
v2 n/a n/a fail | yes
v2 yes n/a pass | no
This patch implements the above table, fixing the case where Cr50 was
refusing to boot if neither local cache nor AP flash structures were
present.
BUG=b:203212461, b:141191727
TEST=tried running AP RO verification on a device without local cache
and RO_GSCVD not in AP flash. The device booted successfully.
Verified that both V1 and V2 validation works as expected, and
fallback from V1 to V2 happens if V1 fails and RO_GSCVD is found
in AP flash.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I1f64123a3631932d142662a76deaf6ef6fee47fa
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3229981
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The INFO_BOARD_ID_OFFSET value includes the offset of the board ID
field, there is no need to add the field offset again.
This incorrect calculation is not a problem, because the offset of the
'bid' field is zero, but the logic is wrong.
BUG=none
TEST=board ID value is still reported properly.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I3e7061a930d751d2cf13113b1e519e8f976195bc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3236754
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Certain test configurations present a problem for the raiden protocol
V2 implementation on the Cr50 side, which result in random SPI read
failures.
While the issue is still being investigated this patch offers a
workaround, where SPI and USB transactions are not overlaid, the
driver first reads the entire requested number of bytes into a buffer,
and then sends them to the host in multiple USB packets.
Since buffer memory can not be permanently dedicated to the driver, it
uses dynamic allocation to acquire the buffer. The allocation could
fail, for instance when the flashrom operation is requested soon after
startup and heap memory is used for NVMEM compaction. If the
allocation fails, the driver sends an error packet to the host, and
the host requests to restart the response. To be able to restart the
response the driver now stores the request.
With some instrumentation, measurements taken on reading of 200 2040
byte blocks have shown that memory was held by this driver for 94% of
the duration.
To address the case when flashrom session is interrupted mid PDU
transfer, do not wait for the transmit queue to become available for
more than 500 ms. In case the queue gets stuck return without waiting
any more, this will make sure the allocated buffer is freed.
BUG=b:196820680
TEST=successfully ran hundreds of cycles of read, and read and write
on the setup which exhibits the problem without this patch on
pretty much every read attempt.
The slow down caused by this change is pretty small: average of
five attempts to read 16MB of SPI flash on guybrush device take
50.560s before this change and 51.267s after this change, which
is a 1.7% slowdown.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I82c98f912a8763b7e242dad48997a8d2ffbaf29a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3188568
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cap the number of I2C flog errors at 2 per boot. The timestamps of the
two events can indicate if the unwedge issues happen successively or if
there is a large gap between events. Many events with a short gap are
likely benign and due to i2c not being terminated correctly. Inidividual
I2C errors are likely caused by some other issue.
BUG=b:146067724
TEST=check the number of i2c log messages on coral in s0ix
Change-Id: I3f04c85e6233bf0c790db0d40a85aab3c927b9b8
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3225996
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FE_TPM_I2C_ERROR events don't mean much and it's not a big deal if cr50
needs to recover the I2C bus. Remove FE_TPM_I2C_ERROR logging from
chip/i2cp.
BUG=b:146067724
TEST=make buildall -j
Change-Id: I2bdce35fc794559c8236b1c14d87fa4372ffafa4
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3219755
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a reland of 3cac98670745fc5ca82a058fab512567f8444759
The structure of u2f command related types are updated before the
original CL lands. Update the fuzzer to correctly fuzz the new code, and
ignore the profdata generated by fuzzers in .gitignore.
Original change's description:
> cr50_fuzz: Add fuzzer for u2f commands
>
> Currently there's only one fuzzer for Pinweaver and one for host
> commands in cr50. Add a fuzzer for the u2f commands (generate, sign,
> attest) used in the WebAuthn flow to ensure its security. Most regions
> of the concerning functions are covered except for pure error code
> returns and unreachable regions (currently auth secret is not used in
> sign and attest command yet).
>
> Rename old cr50_fuzz namings to pinweaver_fuzz, since they only cover
> Pinweaver commands.
>
> BUG=b:172367435
> TEST=make buildall -j
> TEST=make host-u2f_fuzz && \
> ./build/host/u2f_fuzz/u2f_fuzz.exe -timeout=10 \
> -ignore_ooms=false -ignore_timeouts=false -fork=71; \
> llvm-profdata merge -sparse default.profraw -o default.profdata; \
> llvm-cov show ./build/host/u2f_fuzz/u2f_fuzz.exe \
> -object ./build/host/u2f_fuzz/RO/board/cr50/dcrypto/u2f.o \
> --instr-profile default.profdata \
> board/cr50/dcrypto/u2f.c common/u2f.c > report
>
> Cq-Depend: chromium:3162473
> Change-Id: I02b820cf03f7b46ccad7c3bc7b82e73ff45217c6
> Signed-off-by: Howard Yang <hcyang@google.com>
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3162469
> Reviewed-by: Andrey Pronin <apronin@chromium.org>
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Reviewed-by: Leo Lai <cylai@google.com>
Bug: b:172367435
Change-Id: I279e20b21a11e0ec957b6a5c3e95bc9a3b9df196
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3217474
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Howard Yang <hcyang@google.com>
Commit-Queue: Howard Yang <hcyang@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 3cac98670745fc5ca82a058fab512567f8444759.
Reason for revert:
This patch breaks building of 'make buildall' and seems to be leaving some generated files in the root directory.
Original change's description:
> cr50_fuzz: Add fuzzer for u2f commands
>
> Currently there's only one fuzzer for Pinweaver and one for host
> commands in cr50. Add a fuzzer for the u2f commands (generate, sign,
> attest) used in the WebAuthn flow to ensure its security. Most regions
> of the concerning functions are covered except for pure error code
> returns and unreachable regions (currently auth secret is not used in
> sign and attest command yet).
>
> Rename old cr50_fuzz namings to pinweaver_fuzz, since they only cover
> Pinweaver commands.
>
> BUG=b:172367435
> TEST=make buildall -j
> TEST=make host-u2f_fuzz && \
> ./build/host/u2f_fuzz/u2f_fuzz.exe -timeout=10 \
> -ignore_ooms=false -ignore_timeouts=false -fork=71; \
> llvm-profdata merge -sparse default.profraw -o default.profdata; \
> llvm-cov show ./build/host/u2f_fuzz/u2f_fuzz.exe \
> -object ./build/host/u2f_fuzz/RO/board/cr50/dcrypto/u2f.o \
> --instr-profile default.profdata \
> board/cr50/dcrypto/u2f.c common/u2f.c > report
>
> Cq-Depend: chromium:3162473
> Change-Id: I02b820cf03f7b46ccad7c3bc7b82e73ff45217c6
> Signed-off-by: Howard Yang <hcyang@google.com>
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3162469
> Reviewed-by: Andrey Pronin <apronin@chromium.org>
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Reviewed-by: Leo Lai <cylai@google.com>
Bug: b:172367435
Change-Id: Ie844e44e0cd6254553694c23a535f18329cef77d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3212497
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently there's only one fuzzer for Pinweaver and one for host
commands in cr50. Add a fuzzer for the u2f commands (generate, sign,
attest) used in the WebAuthn flow to ensure its security. Most regions
of the concerning functions are covered except for pure error code
returns and unreachable regions (currently auth secret is not used in
sign and attest command yet).
Rename old cr50_fuzz namings to pinweaver_fuzz, since they only cover
Pinweaver commands.
BUG=b:172367435
TEST=make buildall -j
TEST=make host-u2f_fuzz && \
./build/host/u2f_fuzz/u2f_fuzz.exe -timeout=10 \
-ignore_ooms=false -ignore_timeouts=false -fork=71; \
llvm-profdata merge -sparse default.profraw -o default.profdata; \
llvm-cov show ./build/host/u2f_fuzz/u2f_fuzz.exe \
-object ./build/host/u2f_fuzz/RO/board/cr50/dcrypto/u2f.o \
--instr-profile default.profdata \
board/cr50/dcrypto/u2f.c common/u2f.c > report
Cq-Depend: chromium:3162473
Change-Id: I02b820cf03f7b46ccad7c3bc7b82e73ff45217c6
Signed-off-by: Howard Yang <hcyang@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3162469
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Leo Lai <cylai@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To support FIPS mode we need to block access to crypto in case of
errors.
1) Added check for FIPS errors into DCRYPTO_aes_init()
2) Return codes updated to enum dcrypto_result
3) Call sites updated to check for return codes
BUG=b:197893750
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Id614cc346fe22537e9208196bf1322221a253b0c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3194985
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To implement FIPS mode for Cr50 we should be able to block access to
crypto functions if errors are detected. Historically all HASH/HMAC
functions were declared as void with no return type.
1) Split existing functions into public part (data structs, update and
final parts) and internal part - unchecked init functions.
2) Introduced new functions to start SHA / HMAC operation which returns
status code and block access to crypto in case of FIPS errors.
3) Dcrypto hash algorithms codes updated to match TPM_ALG_ID to simplify
adaptation layer and move checks inside Dcrypto module.
4) Updated all uses of API outside FIPS module to check return code and
act accordingly.
5) As a side effect RSA can now support SHA384 & SHA512 for signing,
board/host mock ups simplified.
BUG=b:197893750
TEST=make buildall -j; make BOARD=cr50 CRYPTO_TEST=1;
test/tpm_test/tpm_test.py
TCG tests
------------------------------ Test Result Summary ---------------------
Test executed on: Tue Sep 28 15:23:35 2021
Performed Tests: 248
Passed Tests: 248
Failed Tests: 0
Errors: 0
Warnings: 0
========================================================================
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Ibbc38703496f417cba693c37d39a82a662c3f7ee
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3192137
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cr50 so far builds RO and RW images as part of build process.
With adding FIPS module and moving to board-specific crypto library with
different interfaces it become hard to maintain build process as RO
sources use crypto, but with different APIs, and changing that crypto
is challenging as it is also used by other boards with different crypto
APIs.
In this CL we enable RW and RO to have independent selection of crypto
library and include paths, and don't contaminate include paths with
unused things like third_party/cryptoc for RW.
BUG=none
TEST=make buildall -j
make BOARD=cr50
make BOARD=cr50 CRYPTO_TEST=1
Built cr50 images can be flashed and are workable.
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I1b666fbb8193b79f71c885a761436443fd3fca7b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3200069
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some reason didn't spot earlier another unnecessary complains of
gcc 11.2 in private-cr5x builds with make buildall -j.
Made it so BOARD can override settings done by CHIP even though CHIP is
loaded later. These settings should apply to both CFLAGS and LDFLAGS
due to LTO build.
BUG=none
TEST=make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I8880c518b23778cccf969909e330e9e2d62b5fae
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3194984
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Move DRBG initialization flag inside DRBG context to prevent use of
DRBG which is not properly initialized.
2) Add configurable reseed threshold to cover both deterministic key gen
and non-deterministic randoms. Simplify reseeding logic, remove
similar code snippets. Also, can support NDRBG with reseed threshold
equal to 0, which will result in reseeding each time.
3) Adjust parameter names to match NIST SP 800-90A specification.
4) Enforce checking result of hmac_drbg_generate(), update call sites
to check for errors.
5) Reseeding in generate function consumes additional data as per
NIST SP 800-90Ar1 9.3.1
BUG=b:138577416
TEST=make BOARD=cr50 CRYPTO_TEST=1 DRBG_TEST=1;
test/tpm_test/tpm_test.py
in ccd:
hmac_drbg
rand_perf
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I0e780b5c237d7fbc64e8b0e74d12559a1f40f84c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3183397
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
struct APPKEY_CTX is an empty struct passed with few APIs and not used
for any purpose. Remove it.
BUG=none
TEST=make BOARD=cr50 CRYPTO_TEST=1;
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I4bcb8f196b70cefc58a81e8592d83aa70464fcf8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3169374
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An "Approved" RNG listed in FIPS 140-2 Annex C must be used for the
generation of random data or cryptographic keys used by an approved
security function. Detailed information and guidance on Key Generation
can be found in NIST SP 800-133 and FIPS 140-2 IG 7.8 and D.12.
Many of function use raw entropy from TRNG without any health tests or
even checking returned status, as old API didn't provide any indication
of failure.
With this patch we remove old API: rand() and rand_bytes() and expose
new API:
fips_rand_bytes() - generation of random bits from properly instantiated
and reseeded as needed DRBG.
fips_trng_bytes() - generation of entropy from TRNG with statistical
testing and checking for TRNG failures.
fips_trng_rand32() - generation of 32 bits from TRNG with health check
and indication of status.
ccd, rsa, ecc, pinweaver, rma_auth are updated to use new APIs.
These functions are moved into dcrypto.h which will become "Public API"
for the module.
trng_test vendor command moved to dcrypto/trng.c where it belongs.
BUG=b:138577416
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpmtest.py
TCG tests.
-------------------------- Test Result Summary -------------------------
Test executed on: Thu Sep 16 10:16:59 2021
Performed Tests: 248
Passed Tests: 248
Failed Tests: 0
Errors: 0
Warnings: 0
======================================================================
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I80d103ead1962ee388df5cabfabe0498d8d06d38
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3165870
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To simplify identification of FIPS module boundary, move all sources
into same place.
BUG=b:134594373
TEST=make buildall -j
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I6acd12d12c00a3362041914bd515534f72a08ab2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3150057
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Split U2F crypto from U2F command processing by moving all crypto
code into boards/cr50 (platform hooks).
U2F state management is part of common code and passed to U2F crypto
as a parameter.
Previously reviewed as https://crrev.com/c/3034852, but reverted due to
ChromeOS dependency on include/u2f.h. In this revision this is addressed
by restoring include/u2f.h with previous content and new additions
and adjusting dependencies in other headers.
BUG=b:134594373
TEST=make BOARD=cr50 CRYPTO_TEST=1
console: u2f_test
test/tpmtest.py
FAFT U2F tests pass
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: Iff1973c8e475216b801d7adde23b1ef6c4a6f699
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3119223
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need to block access to all crypto in case of FIPS errors. There are
multiple steps to implement, this is one of few.
There is common API crypto_enabled() which is used by nvmem and some
other functions to check wherever access to crypto is possible.
This is same intent as fips_crypto_allowed(), though the latter checks
for FIPS KAT errors, while the former checks only key ladder status.
Here we make all FIPS errors to revoke access from key ladder, and
fips_crypto_allowed() to check key ladder status. This way we also
ensure that in case of FIPS errors access to device secrets will be
blocked.
We moved crypto_api.c from chip/g to board/cr50 to move crypto_enabled()
into fips.c and alias it to fips_crypto_enabled().
crypto_api.h is no longer included from dcrypto.h, and compile time
assert for cipher salt size is moved to proper place.
Since crypto is used by nvmem_init(), move FIPS power-up tests earlier
to ensure nvmem_init() can access crypto.
BUG=b:197893750
TEST=make CRYPTO_TEST=1; tpm_test; check nvmem is properly initialized
on board_init().
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: If70c2a21d61348bd97a47e26db5d8eec08bbf8ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3123836
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 5ae1c684271a117539858cb12252959dfe46803c.
Reason for revert: breaks chromeos-ec-headers
BUG=b:197691499
Original change's description:
> u2f: refactoring to split command processing and crypto
>
> Split U2F crypto from U2F command processing by moving all crypto
> code into boards/cr50 (platform hooks).
>
> U2F state management is part of common code and passed to U2F crypto
> as a parameter.
>
> BUG=b:134594373
> TEST=make BOARD=cr50 CRYPTO_TEST=1
> console: u2f_test
> test/tpmtest.py
> FAFT U2F tests pass
>
> Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
> Change-Id: I85442cddb2959bd3102f7f6e6047134ede90951b
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3034852
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Reviewed-by: Andrey Pronin <apronin@chromium.org>
> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Bug: b:134594373
Change-Id: I61a965995fcd53b4e155084f5f351574cb84cd1e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3115930
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: David Stevens <stevensd@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Split U2F crypto from U2F command processing by moving all crypto
code into boards/cr50 (platform hooks).
U2F state management is part of common code and passed to U2F crypto
as a parameter.
BUG=b:134594373
TEST=make BOARD=cr50 CRYPTO_TEST=1
console: u2f_test
test/tpmtest.py
FAFT U2F tests pass
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I85442cddb2959bd3102f7f6e6047134ede90951b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3034852
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects. While just making local copy of cryptoc would
solve an issue, it's suboptimal as prevents from many optimizations and
improvements.
1. Clean-up of #include dependencies on cryptoc
2. Build configuration drops linking with cryptoc for cr50
3. Dcrypto SHA512 code updated to compile and partially tested.
It is about 4x faster on large messages, and about 620 bytes larger.
Added an config option to use Dcrypto version as software, but not
enabled. More testing is needed to make sure it's safe and doesn't
have unintended interactions with RSA and ECDSA Dcrypto code.
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1; tpm_test
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I030b60b75daeec9c8ef079017a73345829bf7f0b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3093093
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects. While just making local copy of cryptoc would
solve an issue, it's suboptimal as prevents from many optimizations and
improvements.
Provided SHA & HMAC implementations from Ti50 project. This provides
better performance (500us vs. 670us earlier for HMAC DRBG) and reduce
code size. This implementation also enables stack use savings when
only specific digest is needed. Earlier SHA512 context was allocated
when only SHA256 is needed greatly increasing stack consumption for
code using HMAC_DRBG and others.
However, it introduce subtle API changes which require handling.
As for tests, since core implementation is hardware-independent, make
it available for BOARD=host too.
Before change (with cryptoc):
*** 12368 bytes in flash and 5784 bytes in RAM
After:
*** 13136 bytes in flash and 5796 bytes in RAM
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I2ff5362aee9078ce83dc1f8081943a5101d5f666
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3064201
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces an alternative USB SPI protocol implementation
to be used by Cr50: Raiden V2. The SPI USB endpoint descriptor is
modified to advertise the new version in the bInterfaceProtocol, which
allows the flashrom utility to use the new protocol version.
Protocol version 2 implements segmentation and reassembly where longer
flash read and write PDUs can be transferred split into shorter fixed
size USB packets. The comment section in usb_spi_v2.c describes the
protocol in detail.
Each time a USB packet is received from the host, the packet header is
examined to determine the command. The command could be a DUT
configuration query OR a request to read and or write some data
from/to the SPI flash chip, OR a request to retransmit the last PDU
from the beginning.
This patch implementation does not process the retransmittion request
command yet, in case a packet is dropped flashrom would need to be
re-run. This is a pretty rare condition, but if deemed necessary
support can be added later.
H1 SPI controller supports multibuffer transactions where the CS
signal is kept asserted while the controller clocks the bus when the
next portion of data to write becomes available or there is more room
to read data to send back to the host. This allows to support
arbitrary length read and write transactions. There is no need to
support write transactions longer than 256 bytes of data, as this is a
typical SPI flash chip page size. For read direction the size of 2040
was chosen, which is close to 2K and takes full payload of 34 USB
packets on top of 2 byte headers.
The protocol state machine on the device sideOB can be in one of
two states, IDLE or WRITING. Many of host requests do not require the
device to change state: configuration requests, or writes of short
blocks of data (fitting into one USB packet) can be executed
immediately. Requests to read long blocks of data can still be
executed without leaving the IDLE state, the device starts the SPI
transaction and then iterates reading one packet worth of data at a
time and sends it back to the host. Once the entire PDU is read, the
CS is deasserted.
In case the host requests to write a block of data which does not fit
into a USB packet the device asserts the CS, sends the first received
block to the SPI flash chip and then enters the WRITING state,
expecting the controller to send the rest of the PDU in following
packets.
Once the entire PDU is transferred the CS is deasserted and state is
changed back to IDLE.
BUG=b:79492818
TEST=performed numerous flash read/write operations with 16M SPI flash
chip on the Atlas device. Timing results comparison of various
operations:
Raiden V1 Raiden V2
Reading entire chip: 3m 16s 0m 52s
Vanilla writing of new image: 16m 22s 5m 48s
Writing of AP firmware into an
erased flash chip (no read
before or after writing) 4m 12s 1m 38s
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I374f3caab7146fc84b62274e9e713430d7d31de0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2977965
Reviewed-by: Brian Nemec <bnemec@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is necessary to be able to send SPI transactions with sizes
exceeding the SPI controller buffer size. This can be achieved by
asserting CS before sending the first batch (data block) in a
transaction and deasserting CS after the last batch.
Let's add a SPI controller spi_sub_transaction() API, with an
additional parameter indicating when the last batch is submitted for
processing.
The existing spi_transaction() API becomes a wrapper which always
calls spi_sub_transaction() to send a full single batch transaction.
BUG=b:79492818
TEST='flashrom --flash-name' still succeeds.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ia0c5114edd5caf6c6d0e22cab3bfa3c4d86ac79a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2977964
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:191799047
TEST=make buildall -j ; run tpmtest
Change-Id: I8b743c16c4e4b8b0779eb40ba1eb0a78613930f9
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2980812
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Code placing data on the upstream usb_spi queue does not check if
there is enough room on the queue, which could result in silent
dropping of data when the upstream queue is busy.
This is not a big deal with Raiden protocol V1 where USB packets to
the host are sent one at a time, but becomes a problem if the DUT
sends multiple USB packets without waiting for the host.
Adding a sleep in the loop waiting for the room in the queue to free
up seems an appropriate solution, since the AP is held in reset at
this point and there is no much activity happening on Cr50.
Experiments have shown that with 2KB PDU size the total wait time
while reading a 16M flash does not exceed 30 ms when this fix is
deployed.
BUG=b:79492818
TEST=with the rest of the patches applied observed successful flashrom
operations running Raiden protocol version V2. Without this patch
there were periodic drops of data sent by DUT.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I73fdfdda09837891dc1db2453098ec1d219c4553
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2973573
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Increase the size of the hmac output buffer to 512, so it's big enough
to support the lab responses.
BUG=b:189376694
TEST=drbg_test.py
Change-Id: Id5ff4024079241d36a33f1c36f322a27c4b929d7
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2923240
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It has not always been like that but recently the following message
started showing up on the console when building Cr50 image with
CR50_DEV and H1_DEVID variables defined:
awk: cmd. line:1: warning: regexp escape sequence "' is not a ...
This patch fixes the problem.
BUG=none
TEST=running 'CR50_DEV=1 H1_DEVIDS="0 1" make BOARD=cr50 -j' succeeds
and does not generate the above error message any more.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I3a34e1dc5dc3ca58928bfeac32df1ac7e1aa3c4c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2931956
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In preparation to dcrypto code refactoring as independent build unit
for Cr50 U2F FIPS certifcation, need to enable disabling the use of
crypto provided by chip/g/dcrypto and chip/g/trng.c. While use of
chip/g/dcrypto is controlled by CONFIG_DCRYPTO, chip/g/trng.c is always
linked in. Since all chip/g boards (cr50, cr52*, cr53*) enable
CONFIG_DCRYPTO, and logically trng is cryptographic unit, move it under
CONFIG_DCRYPTO control.
BUG=b:134594373
TEST=make buildall -j
Change-Id: I7be47abfe961c4a216a56e15c88254b60da10005
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2937383
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes in compiler resulted in multiple warnings treated as errors,
failing host test builds.
Addresing warnings by checking return values.
BUG=none
TEST=make runtests
Change-Id: Idb2686370bf041791099b3e332ff25173338e994
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2936000
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable rddkeepalive on red boards, so nothing needs to be done to enable
ccd.
BUG=none
TEST=build red board image. Make sure ccd is automatically enabled.
Change-Id: If629ead1307d8d12cd36678bae792f1109a0839c
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2916575
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the two new error flag values that were introduced in the ti50
report.
See
https://chrome-internal.googlesource.com/ti50/common/ti50/+/main/applications/fw_updater/src/structures.rs
for ti50 definitions
BUG=none
TEST=none
Cq-Depend: chrome-internal:3831829
Change-Id: I794a49d7c0814258350b479e90167d500081433a
Signed-off-by: Jett Rink <jettrink@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2897129
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable dev features in CRYPTO_TEST builds, so it's easier to update and
rollback to MP images.
Add the rollback command and disable update checks.
BUG=b:186663661
TEST=make clobber ; make -j BOARD=cr50
make clobber ; make -j BOARD=cr50 CRYPTO_TEST=1
Change-Id: Id8929f67f206d3222c551532c91921bd646d2a50
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875480
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add CONFIG_CMD_GPIOCFG to control building the gpiocfg command.
BUG=b:186663661
TEST=flash usage doesn't change with make -j BOARD=cr50
Change-Id: Ie723ef230ac838ff8298d39fd089c232f852871e
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875473
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add CONFIG_CMD_PINMUX to control building the pinmux command.
BUG=b:186663661
TEST=flash usage doesn't change with make -j BOARD=cr50
Change-Id: I17dba6f988388c39c58aebd11ee202ae0e7d5d9f
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2875472
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:186004390
TEST=checked 'ccdstate' output in Octopus:
> ccdstate
AP: on
AP UART: on
EC: on
Servo: undetectable
Rdd: connected
KeepAlive: disabled
CCD EXT: enabled
State flags: UARTAP+TX UARTEC+TX I2C SPI USBEC+TX
CCD ports blocked: (none)
>
>
> rddkeepalive true
Forcing Rdd detect keepalive
>
>
> ccdstate
AP: off
AP UART: off
EC: on
Servo: undetectable
Rdd: connected
KeepAlive: enabled
CCD EXT: enabled
State flags: UARTEC+TX I2C SPI USBEC+TX
CCD ports blocked: (none)
>
> rddkeepalive
Rdd: connected
KeepAlive: enabled
>
> rddkeepalive false
Using actual Rdd state
>
> rddkeepalive
Rdd: connected
KeepAlive: disabled
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: Ib0517a62ddd97f334cc62530abdb8fe612ac998c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2844339
Tested-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:184965542
TEST=see BUG
Change-Id: I340af997123ad0b5329a81311663ed90ffaab4b3
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2836190
Reviewed-by: Andrey Pronin <apronin@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The cr50 serial number is based on the devid, so the serial number can
be found using the sysinfo devid output. The serial number is the devid
without '0x's, capitalized, and the space is replaced with a '-'.
echo ${DEVID//0x/} | tr '[:lower:]' '[:upper:]' | tr ' ' '-'
No scripts or tests use serialno.
This command saves 208 bytes.
BUG=b:181999426
TEST=none
Change-Id: Ib6629ceb9cfa001d8c758077119717f29116cb15
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2799442
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add 'atboot' arg to rddkeepalive that can be used to store rddkeepalive
across cr50 resets.
The atboot flag gets cleared with rddkeepalive disable.
BUG=b:144724216
TEST=manual
# Verify 'rddkeepalive disable' is unchanged
rddkeepalive disable
Using actual Rdd state
rddkeepalive
Rdd: connected
# Verify 'rddkeepalive enable' is unchanged
rddkeepalive enable
Forcing Rdd detect keepalive
rddkeepalive
Rdd: keepalive
# Verify 'rddkeepalive disable' disables keepalive
rddkeepalive disable
Using actual Rdd state
rddkeepalive
Rdd: connected
ccd
...
Flags: 0x000000
# Verify 'rddkeepalive enable atboot' enables keepalive and sets
# the atboot flag.
rddkeepalive enable atboot
Forcing Rdd detect keepalive atboot.
rddkeepalive
Rdd: keepalive (atboot)
# check the ccd rddkeepalive atboot flag (0x80000)
ccd
...
Flags: 0x080000
reboot
...
rddkeepalive
Rdd: keepalive (atboot)
ccd
...
Flags: 0x080000
# Verify this new string doesn't break dut-control
dut-control cr50.ccd_keepalive_en
ccd_keepalive_en:on
# 'rddkeepalive enable' doesn't touch the atboot flag
rddkeepalive enable
Forcing Rdd detect keepalive
rddkeepalive
Rdd: keepalive (atboot)
# 'rddkeepalive disable' clears it.
rddkeepalive disable
Using actual Rdd state
rddkeepalive
Rdd: connected
Change-Id: I10227e335a5de6ed73290ff5be2e65892913de35
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2799441
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Print the Rdd state when the console is locked. Don't allow setting it.
BUG=none
TEST=manual
> ccd lock
CCD locked.
> rddkeepalive
Rdd: connected
> rddkeepalive enable
Parameter 1 invalid
Usage: rddkeepalive [BOOLEAN]
> ccd testlab open
> ccd
State: Opened
...
> rddkeepalive enable
Forcing Rdd detect keepalive
>
Change-Id: Ie309e42e7ef295bb0d7e7208d4bd6c17ce799e98
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2799440
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Increase TRNG_EMPTY_COUNT, so boards with slow TRNG have enough time to
generate a sample.
BUG=b:172542178,b:178116958
TEST=generate RSA keys 50 times on the hatch with slow TRNG. Verify the
average time is around 6 seconds.
Change-Id: I1b821286e1e4b5da8baa59caeda907ab3fe49f81
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2641744
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: Icbd143b072fdd5df3b67d7e5a09ee6c01a77f6b9
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2622889
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: I0293c7ba92d05bf0d47a92bcc86c48ac61060f09
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615127
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
|
|
|
|
|
|
|
|
|
| |
BUG=b:175244613
TEST=make buildall -j
Change-Id: If1d3a3e11736bf6da85938a607038a93254e9cc0
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2615126
|