scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2026-01-10 01:21:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

crossystem: add phase_enforcement field

Browse Source 
Provide 'phase_enforcement' field that indicates if a
system should have its full security features enabled while
in the factory. The backend implementation currently is only
for x86 using chromeos_acpi.

On reef:
$ grep ^ /sys/devices/platform/chromeos_acpi/GPIO.*/*
/sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.0:4
/sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.1:1
/sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.2:10
/sys/devices/platform/chromeos_acpi/GPIO.2/GPIO.3:INT3452:00

BUG=chrome-os-partner:59951
BRANCH=None
TEST=Tested on reef with accompanying coreboot patches and flipping
internal pulls to see the correct setting.

Change-Id: Id5401d795cff8874a038f2456121549713a11237
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/418899
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
This commit is contained in:
Aaron Durbin
2016-12-12 14:15:12 -06:00
committed by chrome-bot
parent 1e9245dfff
commit 8bb1c3b852
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
host/arch/x86/lib/crossystem_arch.c
View File

@@ -67,6 +67,7 @@
#define GPIO_SIGNAL_TYPE_RECOVERY 1
#define GPIO_SIGNAL_TYPE_DEV 2
#define GPIO_SIGNAL_TYPE_WP 3
#define GPIO_SIGNAL_TYPE_PHASE_ENFORCEMENT 4
/* Base name for ACPI files */
#define ACPI_BASE_PATH "/sys/devices/platform/chromeos_acpi"
@@ -792,6 +793,8 @@ int VbGetArchPropertyInt(const char* name)
value = 1 - value; /* Mario reports this backwards */
} else if (!strcasecmp(name,"recoverysw_ec_boot")) {
value = ReadFileBit(ACPI_CHSW_PATH, CHSW_RECOVERY_EC_BOOT);
} else if (!strcasecmp(name,"phase_enforcement")) {
value = ReadGpio(GPIO_SIGNAL_TYPE_PHASE_ENFORCEMENT);
}
/* Fields for old systems which don't have VbSharedData */

2
utility/crossystem.c
View File

@@ -77,6 +77,8 @@ const Param sys_param_list[] = {
{"mainfw_type", IS_STRING, "Active main firmware type"},
{"nvram_cleared", CAN_WRITE, "Have NV settings been lost? Write 0 to clear"},
{"oprom_needed", CAN_WRITE, "Should we load the VGA Option ROM at boot?"},
{"phase_enforcement", 0,
"Board should have full security settings applied"},
{"recovery_reason", 0, "Recovery mode reason for current boot"},
{"recovery_request", CAN_WRITE, "Recovery mode request (writable)"},
{"recovery_subcode", CAN_WRITE, "Recovery reason subcode (writable)"},