From 834207c4854a9f15e4deb9f3a7a03677feed7e68 Mon Sep 17 00:00:00 2001 From: Vadim Bendebury Date: Fri, 26 Aug 2016 17:40:17 -0700 Subject: [PATCH] cr50: provide build mode for signing with fob We don't really have the ability to build the latest signer yet, but this should not stop us from being able to build a properly signed image using the ec makefiles. As a stopgap measure the suggestion is to keep the latest signer binary in ~/bin/codesigner in chroot, then with this patch applied invoking make with CR50_DEV=1 will cause the proper sighner used and proper signing procedure followed. The signed targets need to be built in series to avoid concurrent use of the signer fob, an addition dependency is being added to enforce that. BRANCH=none BUG=chrome-os-partner:55557 TEST=ran make as follows: CR50_DEV=1 make BOARD=cr50 touched the fob when requested, uploaded the generated build/cr50/ec.bin on a kevin-tpm2 using usb_updater, and observed it boot properly with the new version. Change-Id: Ia9494bdc60b4bd3b8e5e09cbcbd8b27409c739d2 Signed-off-by: Vadim Bendebury Reviewed-on: https://chromium-review.googlesource.com/376885 Tested-by: Bill Richardson Reviewed-by: Bill Richardson --- Makefile.rules | 6 +- chip/g/build.mk | 12 + util/signer/ec_RW-manifest-kevin_evt_1.json | 157 ++ util/signer/fuses.xml | 2034 +++++++++++++++++++ 4 files changed, 2206 insertions(+), 3 deletions(-) create mode 100644 util/signer/ec_RW-manifest-kevin_evt_1.json create mode 100644 util/signer/fuses.xml diff --git a/Makefile.rules b/Makefile.rules index d2a151205b..565c95c34d 100644 --- a/Makefile.rules +++ b/Makefile.rules @@ -45,8 +45,8 @@ cmd_flat_to_obj = $(CC) -T $(out)/firmware_image.lds -nostdlib $(CPPFLAGS) \ # Allow the .roshared section to overlap other sections (itself) cmd_ec_elf_to_flat ?= $(OBJCOPY) --set-section-flags .roshared=share \ -O binary $< $@ -cmd_elf_to_signed ?= sudo $(out)/util/signer --key=util/signer/$(3) \ - --input=$< --format=bin --output=$@.signed $(SIG_EXTRA) \ +cmd_elf_to_signed ?= sudo $(SIGNER) --key=util/signer/$(3) \ + --input=$< --format=bin --output=$@.signed $(SIGNER_EXTRAS) \ && sudo chown $(shell whoami) $@.signed && mv $@.signed $@ cmd_elf_to_dis = $(OBJDUMP) -D $< > $@ cmd_elf_to_hex = $(OBJCOPY) -O ihex $< $@ @@ -274,7 +274,7 @@ $(out)/RO/%.flat: $(out)/RO/%.elf $(out)/RO/%.smap $(call quiet,elf_to_signed,RO_SIGN,$(CR50_RO_KEY)) $(out)/RW/%.flat: $(out)/RW/%.elf $(out)/RW/%.smap - $(call quiet,elf_to_signed,RW_SIGN,loader-testkey-A.pem) + $(call quiet,elf_to_signed,RW_SIGN,$(CR50_RW_KEY)) $(out)/RO/%.hex: $(out)/RO/%.flat $(call quiet,bin_to_hex,OBJCOPY) diff --git a/chip/g/build.mk b/chip/g/build.mk index 9cc0edb8a1..ed5c62ccbe 100644 --- a/chip/g/build.mk +++ b/chip/g/build.mk @@ -101,6 +101,18 @@ $(out)/RW/ec.RW_B.flat: $(out)/util/signer endif CR50_RO_KEY ?= rom-testkey-A.pem +ifeq ($(CR50_DEV),) +CR50_RW_KEY = loader-testkey-A.pem +SIGNER = $(out)/util/signer +SIGNER_EXTRAS = +else +SIGNER = $(HOME)/bin/codesigner +CR50_RW_KEY = cr50_rom0-dev-blsign.pem.pub +RW_SIGNER_EXTRAS = -x util/signer/fuses.xml +RW_SIGNER_EXTRAS += -j util/signer/ec_RW-manifest-kevin_evt_1.json +$(out)/RW/ec.RW_B.flat: $(out)/RW/ec.RW.flat +$(out)/RW/ec.RW.flat $(out)/RW/ec.RW_B.flat: SIGNER_EXTRAS = $(RW_SIGNER_EXTRAS) +endif # This file is included twice by the Makefile, once to determine the CHIP info # # and then again after defining all the CONFIG_ and HAS_TASK variables. We use diff --git a/util/signer/ec_RW-manifest-kevin_evt_1.json b/util/signer/ec_RW-manifest-kevin_evt_1.json new file mode 100644 index 0000000000..94295f7473 --- /dev/null +++ b/util/signer/ec_RW-manifest-kevin_evt_1.json @@ -0,0 +1,157 @@ +{ +// List of fuses and their expected values. +"fuses": { + "FLASH_PERSO_PAGE_LOCK": 5, // individualized + "FW_DEFINED_DATA_BLK0": 2, // kevin EVT 1 + "FW_DEFINED_DATA_EXTRA_BLK6": 0 // escape hatch +}, +// Rollback state. +"info": { +"0": -1, +"1": -1, +"2": -1, +"3": -1, +"4": -1, +"5": -1, +"6": -1, +"7": -1, +"8": -1, +"9": -1, +"10": -1, +"11": -1, +"12": -1, +"13": -1, +"14": -1, +"15": -1, +"16": -1, +"17": -1, +"18": -1, +"19": -1, +"20": -1, +"21": -1, +"22": -1, +"23": -1, +"24": -1, +"25": -1, +"26": -1, +"27": -1, +"28": -1, +"29": -1, +"30": -1, +"31": -1, +"32": -1, +"33": -1, +"34": -1, +"35": -1, +"36": -1, +"37": -1, +"38": -1, +"39": -1, +"40": -1, +"41": -1, +"42": -1, +"43": -1, +"44": -1, +"45": -1, +"46": -1, +"47": -1, +"48": -1, +"49": -1, +"50": -1, +"51": -1, +"52": -1, +"53": -1, +"54": -1, +"55": -1, +"56": -1, +"57": -1, +"58": -1, +"59": -1, +"60": -1, +"61": -1, +"62": -1, +"63": -1, +"64": -1, +"65": -1, +"66": -1, +"67": -1, +"68": -1, +"69": -1, +"70": -1, +"71": -1, +"72": -1, +"73": -1, +"74": -1, +"75": -1, +"76": -1, +"77": -1, +"78": -1, +"79": -1, +"80": -1, +"81": -1, +"82": -1, +"83": -1, +"84": -1, +"85": -1, +"86": -1, +"87": -1, +"88": -1, +"89": -1, +"90": -1, +"91": -1, +"92": -1, +"93": -1, +"94": -1, +"95": -1, +"96": -1, +"97": -1, +"98": -1, +"99": -1, +"100": -1, +"101": -1, +"102": -1, +"103": -1, +"104": -1, +"105": -1, +"106": -1, +"107": -1, +"108": -1, +"109": -1, +"110": -1, +"111": -1, +"112": -1, +"113": -1, +"114": -1, +"115": -1, +"116": -1, +"117": -1, +"118": -1, +"119": -1, +"120": -1, +"121": -1, +"122": -1, +"123": -1, +"124": -1, +"125": -1, +"126": -1, +"127": -1 +}, + + // Note: tag needs to match what cros_personalize anticipated! + // https://cs.corp.google.com/search/?q=kCrosFwr + "tag": "00000000000000000000000000000000000000000000000000000000", + + // cros_loader uses b1-dev key as key to verify RW with + "keyid": -1187158727, // b1-dev key + + "p4cl": 177, // P4 sync cl for XML we link against. 177 == 0xb1. + + "timestamp": 0, + "epoch": 0, // FWR diversification contributor, 32 bits. + "major": 0, // FW2_HIK_CHAIN counter. + "minor": 6, // Harmless version field. + "applysec": -1, // Mask to and with fuse BROM_APPLYSEC. + "config1": 13, // Which BROM_CONFIG1 actions to take before launching. + "err_response": 0, // Mask to or with fuse BROM_ERR_RESPONSE. + "expect_response": 3 // purgatory level when expectation fails. +} diff --git a/util/signer/fuses.xml b/util/signer/fuses.xml new file mode 100644 index 0000000000..627c8796b8 --- /dev/null +++ b/util/signer/fuses.xml @@ -0,0 +1,2034 @@ + + + + + RegName + BNK0_INTG_CHKSUM + + + FuseLogicalOffset + 0 + + + Width + 24 + + + + + + + RegName + BNK0_INTG_LOCK + + + FuseLogicalOffset + 1 + + + Width + 3 + + + + + + + RegName + DS_GRP0 + + + FuseLogicalOffset + 2 + + + Width + 9 + + + + + + + RegName + DS_GRP1 + + + FuseLogicalOffset + 3 + + + Width + 9 + + + + + + + RegName + DS_GRP2 + + + FuseLogicalOffset + 4 + + + Width + 9 + + + + + + + RegName + DEV_ID0 + + + FuseLogicalOffset + 5 + + + Width + 32 + + + + + + + RegName + DEV_ID1 + + + FuseLogicalOffset + 6 + + + Width + 32 + + + + + + + RegName + BNK1_INTG_CHKSUM + + + FuseLogicalOffset + 7 + + + Width + 24 + + + + + + + RegName + BNK1_INTG_LOCK + + + FuseLogicalOffset + 8 + + + Width + 3 + + + + + + + RegName + LB0_POST_OVRD + + + FuseLogicalOffset + 9 + + + Width + 3 + + + + + + + RegName + LB0_POST_PATCNT + + + FuseLogicalOffset + 10 + + + Width + 2 + + + + + + + RegName + LB0_POST_WARMUP_OVRD + + + FuseLogicalOffset + 11 + + + Width + 3 + + + + + + + RegName + LB0_POST_WARMUP_CNT + + + FuseLogicalOffset + 12 + + + Width + 2 + + + + + + + RegName + LB1_POST_OVRD + + + FuseLogicalOffset + 13 + + + Width + 3 + + + + + + + RegName + LB1_POST_PATCNT + + + FuseLogicalOffset + 14 + + + Width + 2 + + + + + + + RegName + LB1_POST_WARMUP_OVRD + + + FuseLogicalOffset + 15 + + + Width + 3 + + + + + + + RegName + LB1_POST_WARMUP_CNT + + + FuseLogicalOffset + 16 + + + Width + 2 + + + + + + + RegName + LB2_POST_OVRD + + + FuseLogicalOffset + 17 + + + Width + 3 + + + + + + + RegName + LB2_POST_PATCNT + + + FuseLogicalOffset + 18 + + + Width + 2 + + + + + + + RegName + LB2_POST_WARMUP_OVRD + + + FuseLogicalOffset + 19 + + + Width + 3 + + + + + + + RegName + LB2_POST_WARMUP_CNT + + + FuseLogicalOffset + 20 + + + Width + 2 + + + + + + + RegName + LB3_POST_OVRD + + + FuseLogicalOffset + 21 + + + Width + 3 + + + + + + + RegName + LB3_POST_PATCNT + + + FuseLogicalOffset + 22 + + + Width + 2 + + + + + + + RegName + LB3_POST_WARMUP_OVRD + + + FuseLogicalOffset + 23 + + + Width + 3 + + + + + + + RegName + LB3_POST_WARMUP_CNT + + + FuseLogicalOffset + 24 + + + Width + 2 + + + + + + + RegName + LB4_POST_OVRD + + + FuseLogicalOffset + 25 + + + Width + 3 + + + + + + + RegName + LB4_POST_PATCNT + + + FuseLogicalOffset + 26 + + + Width + 2 + + + + + + + RegName + LB4_POST_WARMUP_OVRD + + + FuseLogicalOffset + 27 + + + Width + 3 + + + + + + + RegName + LB4_POST_WARMUP_CNT + + + FuseLogicalOffset + 28 + + + Width + 2 + + + + + + + RegName + MBIST_POST_SEQ + + + FuseLogicalOffset + 29 + + + Width + 25 + + + + + + + RegName + LBIST_POST_SEQ + + + FuseLogicalOffset + 30 + + + Width + 25 + + + + + + + RegName + LBIST_VIA_TAP_DIS + + + FuseLogicalOffset + 31 + + + Width + 3 + + + + + + + RegName + MBIST_VIA_TAP_DIS + + + FuseLogicalOffset + 32 + + + Width + 3 + + + + + + + RegName + TAP_DISABLE + + + FuseLogicalOffset + 33 + + + Width + 3 + + + + + + + RegName + RNGBIST_AR_EN + + + FuseLogicalOffset + 34 + + + Width + 3 + + + + + + + RegName + TESTMODE_KEYS_EN + + + FuseLogicalOffset + 35 + + + Width + 3 + + + + + + + RegName + PKG_ID + + + FuseLogicalOffset + 36 + + + Width + 3 + + + + + + + RegName + BIN_ID + + + FuseLogicalOffset + 37 + + + Width + 3 + + + + + + + RegName + RC_JTR_OSC48_CC_TRIM + + + FuseLogicalOffset + 38 + + + Width + 8 + + + + + + + RegName + RC_JTR_OSC48_CC_EN + + + FuseLogicalOffset + 39 + + + Width + 3 + + + + + + + RegName + RC_JTR_OSC60_CC_TRIM + + + FuseLogicalOffset + 40 + + + Width + 8 + + + + + + + RegName + RC_JTR_OSC60_CC_EN + + + FuseLogicalOffset + 41 + + + Width + 3 + + + + + + + RegName + RC_TIMER_OSC48_CC_TRIM + + + FuseLogicalOffset + 42 + + + Width + 8 + + + + + + + RegName + RC_TIMER_OSC48_CC_EN + + + FuseLogicalOffset + 43 + + + Width + 3 + + + + + + + RegName + RC_TIMER_OSC48_FC_TRIM + + + FuseLogicalOffset + 44 + + + Width + 5 + + + + + + + RegName + RC_TIMER_OSC48_FC_EN + + + FuseLogicalOffset + 45 + + + Width + 3 + + + + + + + RegName + RC_RTC_OSC256K_CC_TRIM + + + FuseLogicalOffset + 46 + + + Width + 8 + + + + + + + RegName + RC_RTC_OSC256K_CC_EN + + + FuseLogicalOffset + 47 + + + Width + 3 + + + + + + + RegName + SEL_VREG_REG_EN + + + FuseLogicalOffset + 48 + + + Width + 3 + + + + + + + RegName + SEL_VREF_REG + + + FuseLogicalOffset + 49 + + + Width + 4 + + + + + + + RegName + SEL_VREF_BATMON_EN + + + FuseLogicalOffset + 50 + + + Width + 3 + + + + + + + RegName + SEL_VREF_BATMON + + + FuseLogicalOffset + 51 + + + Width + 3 + + + + + + + RegName + X_OSC_LDO_CTRL_EN + + + FuseLogicalOffset + 52 + + + Width + 3 + + + + + + + RegName + X_OSC_LDO_CTRL + + + FuseLogicalOffset + 53 + + + Width + 4 + + + + + + + RegName + TEMP_OFFSET_CAL + + + FuseLogicalOffset + 54 + + + Width + 12 + + + + + + + RegName + TRNG_LDO_CTRL_EN + + + FuseLogicalOffset + 55 + + + Width + 3 + + + + + + + RegName + TRNG_LDO_CTRL + + + FuseLogicalOffset + 56 + + + Width + 5 + + + + + + + RegName + TRNG_ANALOG_CTRL_EN + + + FuseLogicalOffset + 57 + + + Width + 3 + + + + + + + RegName + TRNG_ANALOG_CTRL + + + FuseLogicalOffset + 58 + + + Width + 4 + + + + + + + RegName + EXT_XTAL_PDB + + + FuseLogicalOffset + 59 + + + Width + 2 + + + + + + + RegName + DIS_EXT_XTAL_CLK_TREE + + + FuseLogicalOffset + 60 + + + Width + 3 + + + + + + + RegName + OBFUSCATION_EN + + + FuseLogicalOffset + 61 + + + Width + 3 + + + + + + + RegName + HIK_CREATE_LOCK + + + FuseLogicalOffset + 62 + + + Width + 3 + + + + + + + RegName + BNK2_INTG_CHKSUM + + + FuseLogicalOffset + 63 + + + Width + 24 + + + + + + + RegName + BNK2_INTG_LOCK + + + FuseLogicalOffset + 64 + + + Width + 3 + + + + + + + RegName + TESTMODE_OTPW_DIS + + + FuseLogicalOffset + 65 + + + Width + 3 + + + + + + + RegName + HKEY_WDOG_TIMER_EN + + + FuseLogicalOffset + 66 + + + Width + 3 + + + + + + + RegName + FLASH_PERSO_PAGE_LOCK + + + FuseLogicalOffset + 67 + + + Width + 3 + + + + + + + RegName + ALERT_RSP_CFG + + + FuseLogicalOffset + 68 + + + Width + 8 + + + + + + + RegName + BNK3_INTG_CHKSUM + + + FuseLogicalOffset + 69 + + + Width + 24 + + + + + + + RegName + BNK3_INTG_LOCK + + + FuseLogicalOffset + 70 + + + Width + 3 + + + + + + + RegName + FW_DEFINED_DATA_BLK0 + + + FuseLogicalOffset + 71 + + + Width + 8 + + + + + + + RegName + FW_DEFINED_BROM_ERR_RESPONSE + + + FuseLogicalOffset + 72 + + + Width + 16 + + + + + + + RegName + FW_DEFINED_BROM_APPLYSEC + + + FuseLogicalOffset + 73 + + + Width + 12 + + + + + + + RegName + FW_DEFINED_BROM_CONFIG0 + + + FuseLogicalOffset + 74 + + + Width + 8 + + + + + + + RegName + FW_DEFINED_BROM_CONFIG1 + + + FuseLogicalOffset + 75 + + + Width + 8 + + + + + + + RegName + RBOX_MODE_DBG_OVRD_DIS + + + FuseLogicalOffset + 76 + + + Width + 1 + + + + + + + RegName + RBOX_MODE_OUTPUT_OVRD_DIS + + + FuseLogicalOffset + 77 + + + Width + 7 + + + + + + + RegName + RBOX_CLK10HZ_COUNT + + + FuseLogicalOffset + 78 + + + Width + 16 + + + + + + + RegName + RBOX_SHORT_DELAY_COUNT + + + FuseLogicalOffset + 79 + + + Width + 16 + + + + + + + RegName + RBOX_LONG_DELAY_COUNT + + + FuseLogicalOffset + 80 + + + Width + 8 + + + + + + + RegName + RBOX_DEBOUNCE_PERIOD + + + FuseLogicalOffset + 81 + + + Width + 16 + + + + + + + RegName + RBOX_DEBOUNCE_BYPASS_PWRB + + + FuseLogicalOffset + 82 + + + Width + 1 + + + + + + + RegName + RBOX_DEBOUNCE_BYPASS_KEY0 + + + FuseLogicalOffset + 83 + + + Width + 1 + + + + + + + RegName + RBOX_DEBOUNCE_BYPASS_KEY1 + + + FuseLogicalOffset + 84 + + + Width + 1 + + + + + + + RegName + RBOX_KEY_COMBO0_VAL + + + FuseLogicalOffset + 85 + + + Width + 8 + + + + + + + RegName + RBOX_KEY_COMBO1_VAL + + + FuseLogicalOffset + 86 + + + Width + 8 + + + + + + + RegName + RBOX_KEY_COMBO2_VAL + + + FuseLogicalOffset + 87 + + + Width + 8 + + + + + + + RegName + RBOX_KEY_COMBO0_HOLD + + + FuseLogicalOffset + 88 + + + Width + 8 + + + + + + + RegName + RBOX_KEY_COMBO1_HOLD + + + FuseLogicalOffset + 89 + + + Width + 8 + + + + + + + RegName + RBOX_KEY_COMBO2_HOLD + + + FuseLogicalOffset + 90 + + + Width + 8 + + + + + + + RegName + RBOX_BLOCK_KEY0_SEL + + + FuseLogicalOffset + 91 + + + Width + 1 + + + + + + + RegName + RBOX_BLOCK_KEY1_SEL + + + FuseLogicalOffset + 92 + + + Width + 1 + + + + + + + RegName + RBOX_BLOCK_KEY0_VAL + + + FuseLogicalOffset + 93 + + + Width + 1 + + + + + + + RegName + RBOX_BLOCK_KEY1_VAL + + + FuseLogicalOffset + 94 + + + Width + 1 + + + + + + + RegName + RBOX_POL_AC_PRESENT + + + FuseLogicalOffset + 95 + + + Width + 1 + + + + + + + RegName + RBOX_POL_PWRB_IN + + + FuseLogicalOffset + 96 + + + Width + 1 + + + + + + + RegName + RBOX_POL_PWRB_OUT + + + FuseLogicalOffset + 97 + + + Width + 1 + + + + + + + RegName + RBOX_POL_KEY0_IN + + + FuseLogicalOffset + 98 + + + Width + 1 + + + + + + + RegName + RBOX_POL_KEY0_OUT + + + FuseLogicalOffset + 99 + + + Width + 1 + + + + + + + RegName + RBOX_POL_KEY1_IN + + + FuseLogicalOffset + 100 + + + Width + 1 + + + + + + + RegName + RBOX_POL_KEY1_OUT + + + FuseLogicalOffset + 101 + + + Width + 1 + + + + + + + RegName + RBOX_POL_EC_RST + + + FuseLogicalOffset + 102 + + + Width + 1 + + + + + + + RegName + RBOX_POL_BATT_DISABLE + + + FuseLogicalOffset + 103 + + + Width + 1 + + + + + + + RegName + RBOX_TERM_AC_PRESENT + + + FuseLogicalOffset + 104 + + + Width + 2 + + + + + + + RegName + RBOX_TERM_ENTERING_RW + + + FuseLogicalOffset + 105 + + + Width + 2 + + + + + + + RegName + RBOX_TERM_PWRB_IN + + + FuseLogicalOffset + 106 + + + Width + 2 + + + + + + + RegName + RBOX_TERM_PWRB_OUT + + + FuseLogicalOffset + 107 + + + Width + 2 + + + + + + + RegName + RBOX_TERM_KEY0_IN + + + FuseLogicalOffset + 108 + + + Width + 2 + + + + + + + RegName + RBOX_TERM_KEY0_OUT + + + FuseLogicalOffset + 109 + + + Width + 2 + + + + + + + RegName + RBOX_TERM_KEY1_IN + + + FuseLogicalOffset + 110 + + + Width + 2 + + + + + + + RegName + RBOX_TERM_KEY1_OUT + + + FuseLogicalOffset + 111 + + + Width + 2 + + + + + + + RegName + RBOX_DRIVE_PWRB_OUT + + + FuseLogicalOffset + 112 + + + Width + 2 + + + + + + + RegName + RBOX_DRIVE_KEY0_OUT + + + FuseLogicalOffset + 113 + + + Width + 2 + + + + + + + RegName + RBOX_DRIVE_KEY1_OUT + + + FuseLogicalOffset + 114 + + + Width + 2 + + + + + + + RegName + RBOX_DRIVE_EC_RST + + + FuseLogicalOffset + 115 + + + Width + 2 + + + + + + + RegName + RBOX_DRIVE_BATT_DISABLE + + + FuseLogicalOffset + 116 + + + Width + 2 + + + + + + + RegName + BNK4_INTG_CHKSUM + + + FuseLogicalOffset + 117 + + + Width + 24 + + + + + + + RegName + BNK4_INTG_LOCK + + + FuseLogicalOffset + 118 + + + Width + 3 + + + + + + + RegName + FW_DEFINED_DATA_EXTRA_BLK0 + + + FuseLogicalOffset + 119 + + + Width + 8 + + + + + + + RegName + FW_DEFINED_DATA_EXTRA_BLK1 + + + FuseLogicalOffset + 120 + + + Width + 8 + + + + + + + RegName + FW_DEFINED_DATA_EXTRA_BLK2 + + + FuseLogicalOffset + 121 + + + Width + 8 + + + + + + + RegName + FW_DEFINED_DATA_EXTRA_BLK3 + + + FuseLogicalOffset + 122 + + + Width + 8 + + + + + + + RegName + FW_DEFINED_DATA_EXTRA_BLK4 + + + FuseLogicalOffset + 123 + + + Width + 8 + + + + + + + RegName + FW_DEFINED_DATA_EXTRA_BLK5 + + + FuseLogicalOffset + 124 + + + Width + 8 + + + + + + + RegName + FW_DEFINED_DATA_EXTRA_BLK6 + + + FuseLogicalOffset + 125 + + + Width + 5 + + + + + + + RegName + SWDP_P4_LAST_SYNC + + + Default + 177 + + + FuseLogicalOffset + 0 + + + +