Cr50: Rearrange flash to allow dual RO images

We had been putting the NVMEM flash where the boot rom would
expect to find RO_B, preventing us from ever being able to update
the bootloader.

With this CL, we're rearranging the flash to support both RO_A
and RO_B. The current flash layout now looks like this:

  0x40000 RO_A
  0x44000 RW_A
  0x7c000 TOP_A
  0x80000 RO_B
  0x84000 RW_B
  0xbc000 NVMEM
  0xbffff <end of flash>

BUG=chrome-os-partner:44803
BRANCH=none
TEST=make buildall, also manual tests on Cr50 boards

First, check that our current process still works:

  make BOARD=cr50 CR50_RO_KEY=cr50_rom0-dev-blsign.pem.pub
  spiflash -i -v build/cr50/ec.hex

  Yep, it does, but that only produces RO_A, not RO_B.

To test the dual RO behavior, I used prebuilt RO_A and RO_B blobs
for the bootloaders, signed using Marius' new scheme.

Build the unsigned image, then sign it using Vadim's scripts:

  make BOARD=cr50 -j30
  ~/bin/bs hex

We'll garble various bits of the full image to invalidate each of
the four RO/RW/A/B parts.

Find lines common to both ROs and common to both RWs:

  sort B1*.hex | uniq -c | grep ' 2 ' | \
       awk '{print $2}' | sort > tmp.ro2
  sort build/cr50/RW/ec.RW*.signed.hex | uniq -c | grep ' 2 ' | \
       awk '{print $2}' | sort > tmp.rw2
  ro=$(diff tmp.ro2 tmp.rw2 | grep '<' | head -1 | awk '{print $2}')
  rw=$(diff tmp.ro2 tmp.rw2 | grep '>' | head -1 | awk '{print $2}')

Double-check to be sure we don't have any false matches:

 grep -l $ro build/cr50/RW/ec.RW*.signed.hex B1_*.hex
 grep -l $rw build/cr50/RW/ec.RW*.signed.hex B1_*.hex

The pre-signed RO_A image is older than RO_B, but both have the
same epoch/major/minor, which is all that the bootrom checks for.
It doesn't look at the timestamp.

The RW_A is older than RW_B because of the sequential signing
process. The RO bootloaders will check their timestamp, so RW_B
should be preferred.

RO_A  RO_B  RW_A  RW_B
good  good  good  good

  cat build/cr50/RW/ec.RW*.signed.hex B1_*.hex > foo.hex
  spiflash -v -i foo.hex

    jump @00040400
    jump @00084000

  => boots RO_A -> RW_B

RO_A  RO_B  RW_A  RW_B
good  good  good  bad

  cat build/cr50/RW/ec.RW*.signed.hex B1_*.hex > foo.hex

  ln=$(grep -n $rw foo.hex | awk -F: 'NR==2 {print $1}')
  sed -i "${ln}d" foo.hex

  spiflash -v -i foo.hex

    jump @00040400
    jump @00044000

  => boots RO_A -> RW_A

RO_A  RO_B  RW_A  RW_B
bad   good  good  good

  cat build/cr50/RW/ec.RW*.signed.hex B1_*.hex > foo.hex

  ln=$(grep -n $ro foo.hex | awk -F: 'NR==1 {print $1}')
  sed -i "${ln}d" foo.hex

  spiflash -v -i foo.hex

    jump @00080400
    jump @00084000

  => boots RO_B -> RW_B

RO_A  RO_B  RW_A  RW_B
bad   good  good  bad

  cat build/cr50/RW/ec.RW*.signed.hex B1_*.hex > foo.hex

  ln=$(grep -n $ro foo.hex | awk -F: 'NR==1 {print $1}')
  sed -i "${ln}d" foo.hex

  ln=$(grep -n $rw foo.hex | awk -F: 'NR==2 {print $1}')
  sed -i "${ln}d" foo.hex

  spiflash -v -i foo.hex

    jump @00080400
    jump @00044000

  => boots RO_B -> RW_A

Yay.

Now make sure RW_A and RW_B can be updated using usb_updater.

  \rm -rf build
  make BOARD=cr50 -j30
  ~/bin/bs

  ./extra/usb_updater/usb_updater build/cr50/ec.bin

  I'm running RW_A, it updates and reboots into RW_B. Good.

  reboot 5 times, and it reverts to RW_A.

  Power cycle and it goes to RW_B again.

Update to RW_A.

  \rm -rf build
  make BOARD=cr50 -j30
  ~/bin/bs

  ./extra/usb_updater/usb_updater build/cr50/ec.bin

  I'm running RW_B, it updates and reboots into RW_A. Good.

  reboot 5 times, and it reverts to RW_B.

  Power cycle and it goes to RW_A again.

Cool.

Change-Id: I6c1689920de06c72c69f58ad2ef1059d9ee0d75f
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/362521
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>

board/cr50/board.c

@@ -171,35 +171,38 @@ const unsigned int spi_devices_used = ARRAY_SIZE(spi_devices);
 int flash_regions_to_enable(struct g_flash_region *regions,
 			    int max_regions)
 {
-	uint32_t half = CONFIG_FLASH_SIZE / 2;
+	/*
+	 * This needs to account for two regions: the "other" RW partition and
+	 * the NVRAM in TOP_B.
+	 *
+	 * When running from RW_A the two regions are adjacent, but it is
+	 * simpler to keep function logic the same and always configure two
+	 * separate regions.
+	 */
 
-	if (max_regions < 1)
+	if (max_regions < 2)
 		return 0;
 
-	if ((uint32_t)flash_regions_to_enable <
-	    (CONFIG_MAPPED_STORAGE_BASE + half))
-		/*
-		 * Running from RW_A. Need to enable writes into the top half,
-		 * which consists of NV_RAM and RW_B sections.
-		 */
-		regions->reg_base = CONFIG_MAPPED_STORAGE_BASE + half;
+	/* Enable access to the other RW image... */
+	if (system_get_image_copy() == SYSTEM_IMAGE_RW)
+		/* Running RW_A, enable RW_B */
+		regions[0].reg_base = CONFIG_MAPPED_STORAGE_BASE +
+			CONFIG_RW_B_MEM_OFF;
 	else
-		/*
-		 * Running from RW_B, need to enable access to both program
-		 * memory in the lower half and the NVRAM space in the top
-		 * half.
-		 *
-		 * NVRAM space in the top half by design is at the same offset
-		 * and of the same size as the RO section in the lower half.
-		 */
-		regions->reg_base = CONFIG_MAPPED_STORAGE_BASE +
-			CONFIG_RO_SIZE;
+		/* Running RW_B, enable RW_A */
+		regions[0].reg_base = CONFIG_MAPPED_STORAGE_BASE +
+			CONFIG_RW_MEM_OFF;
+	/* Size is the same */
+	regions[0].reg_size = CONFIG_RW_SIZE;
+	regions[0].reg_perms = FLASH_REGION_EN_ALL;
 
-	/* The size of the write enable area is the same in both cases. */
-	regions->reg_size = half;
-	regions->reg_perms =  FLASH_REGION_EN_ALL;
+	/* Enable access to the NVRAM region */
+	regions[1].reg_base = CONFIG_MAPPED_STORAGE_BASE +
+		CONFIG_FLASH_NVMEM_OFFSET;
+	regions[1].reg_size = CONFIG_FLASH_NVMEM_SIZE;
+	regions[1].reg_perms = FLASH_REGION_EN_ALL;
 
-	return 1; /* One region is enough. */
+	return 2;
 }
 
 #define CPRINTS(format, args...) cprints(CC_SYSTEM, format, ## args)

board/cr50/board.h

@@ -21,14 +21,15 @@
 /* TODO(crosbug.com/p/44745): For debugging only */
 #define CONFIG_CMD_FLASH
 
+/* We're using all of TOP_B for NVMEM. TOP_A is unused as yet. */
 #define CONFIG_FLASH_NVMEM
 /* Offset to start of NvMem area from base of flash */
-#define CONFIG_FLASH_NVMEM_OFFSET (CONFIG_FLASH_SIZE>>1)
+#define CONFIG_FLASH_NVMEM_OFFSET (CFG_TOP_B_OFF)
 /* Address of start of Nvmem area */
 #define CONFIG_FLASH_NVMEM_BASE (CONFIG_PROGRAM_MEMORY_BASE + \
 				 CONFIG_FLASH_NVMEM_OFFSET)
 /* Size in bytes of NvMem area */
-#define CONFIG_FLASH_NVMEM_SIZE CONFIG_RW_MEM_OFF
+#define CONFIG_FLASH_NVMEM_SIZE CFG_TOP_SIZE
 /* Size partition in NvMem */
 #define NVMEM_PARTITION_SIZE (CONFIG_FLASH_NVMEM_SIZE / NVMEM_NUM_PARTITIONS)
 

chip/g/config_chip.h

@@ -36,11 +36,6 @@
 /* Program is run directly from storage */
 #define CONFIG_MAPPED_STORAGE_BASE CONFIG_PROGRAM_MEMORY_BASE
 
-#if defined(BOARD)
-/* Compute the rest of the flash params from these */
-#include "config_std_internal_flash.h"
-#endif
-
 /* Interval between HOOK_TICK notifications */
 #define HOOK_TICK_INTERVAL_MS 500
 #define HOOK_TICK_INTERVAL    (HOOK_TICK_INTERVAL_MS * MSEC)
@@ -67,17 +62,73 @@
 /* Number of IRQ vectors on the NVIC */
 #define CONFIG_IRQ_COUNT (GC_INTERRUPTS_COUNT - 15)
 
-#undef CONFIG_RW_MEM_OFF
-#undef CONFIG_RW_SIZE
-
-/* Leaving 16K for the RO aka loader. */
-#define CONFIG_RW_MEM_OFF 0x4000
-#define CONFIG_RW_B_MEM_OFF (CONFIG_RW_MEM_OFF + (CONFIG_FLASH_SIZE>>1))
-#define CONFIG_RW_SIZE ((CONFIG_FLASH_SIZE>>1) - CONFIG_RW_MEM_OFF)
-#define CONFIG_CUSTOMIZED_RO
+/* We'll have some special commands of our own */
 #define CONFIG_EXTENSION_COMMAND 0xbaccd00a
 
-#undef CONFIG_RO_SIZE
-#define CONFIG_RO_SIZE CONFIG_RW_MEM_OFF
+/*
+ * The flash memory is implemented in two halves. The SoC bootrom will look for
+ * the first-stage bootloader at the beginning of each of the two halves and
+ * prefer the newer one if both are valid. In EC terminology the bootloader
+ * would be called the RO firmware, so we actually have two, not one. The
+ * bootloader also looks in each half of the flash for a valid RW firmware, so
+ * we have two possible RW images as well. The RO and RW images are not tightly
+ * coupled, so either RO image can choose to boot either RW image.
+ *
+ * The EC firmware configuration is not (yet?) prepared to handle multiple,
+ * non-contiguous, RO/RW combinations, so there's a bit of hackery to make this
+ * work.
+ *
+ * The following macros try to make this all work.
+ */
 
-#endif /* __CROS_EC_CONFIG_CHIP_H */
+/* It's easier for us to consider each half as having its own RO and RW */
+#define CFG_FLASH_HALF (CONFIG_FLASH_SIZE >> 1)
+
+/*
+ * We'll reserve some space at the top of each flash half for persistent
+ * storage and other stuff that's not part of the RW image. We don't promise to
+ * use these two areas for the same thing, it's just more convenient to make
+ * them the same size.
+ */
+#define CFG_TOP_SIZE  0x4000
+#define CFG_TOP_A_OFF (CFG_FLASH_HALF - CFG_TOP_SIZE)
+#define CFG_TOP_B_OFF (CONFIG_FLASH_SIZE - CFG_TOP_SIZE)
+
+/* The RO images start at the very beginning of each flash half */
+#define CONFIG_RO_MEM_OFF 0
+
+/* Size reserved for each RO image */
+#define CONFIG_RO_SIZE 0x4000
+
+/* RW images start right after the reserved-for-RO areas in each half */
+#define CONFIG_RW_MEM_OFF CONFIG_RO_SIZE
+#define CONFIG_RW_B_MEM_OFF (CFG_FLASH_HALF + CONFIG_RW_MEM_OFF)
+
+/* Size reserved for each RW image */
+#define CONFIG_RW_SIZE (CFG_FLASH_HALF - CONFIG_RW_MEM_OFF - CFG_TOP_SIZE)
+
+/*
+ * These are needed in a couple of places, but aren't very meaningful. Because
+ * we have two RO and two RW images, these values don't really match what's
+ * described in the EC Image Geometry Spec at www.chromium.org.
+ */
+/* TODO(wfrichar): Make them meaningful or learn to do without */
+#define CONFIG_EC_PROTECTED_STORAGE_OFF    0
+#define CONFIG_EC_PROTECTED_STORAGE_SIZE   CONFIG_FLASH_SIZE
+#define CONFIG_EC_WRITABLE_STORAGE_OFF     0
+#define CONFIG_EC_WRITABLE_STORAGE_SIZE	   CONFIG_FLASH_SIZE
+#define CONFIG_RO_STORAGE_OFF              0
+#define CONFIG_RW_STORAGE_OFF              0
+#define CONFIG_WP_STORAGE_OFF		   0
+#define CONFIG_WP_STORAGE_SIZE		   CONFIG_EC_PROTECTED_STORAGE_SIZE
+
+/*
+ * Note: early versions of the SoC would let us build and manually sign our own
+ * bootloaders, and the RW images could be self-signed. Production SoCs require
+ * officially-signed binary blobs to use for the RO bootloader(s), and the RW
+ * images that we build must be manually signed. So even though we generate RO
+ * firmware images, they may not be useful.
+ */
+#define CONFIG_CUSTOMIZED_RO
+
+#endif	/* __CROS_EC_CONFIG_CHIP_H */

chip/g/flash.c

@@ -155,8 +155,8 @@ static int do_flash_op(enum flash_op op, int is_info_bank,
 	if (is_info_bank) {
 		/* Only INFO bank operations are supported. */
 		fsh_pe_control = GREG32_ADDR(FLASH, FSH_PE_CONTROL1);
-	} else if (byte_offset >= CONFIG_FLASH_SIZE / 2) {
-		byte_offset -= CONFIG_FLASH_SIZE / 2;
+	} else if (byte_offset >= CFG_FLASH_HALF) {
+		byte_offset -= CFG_FLASH_HALF;
 		fsh_pe_control = GREG32_ADDR(FLASH, FSH_PE_CONTROL1);
 	} else {
 		fsh_pe_control = GREG32_ADDR(FLASH, FSH_PE_CONTROL0);

chip/g/loader/main.c

@@ -111,10 +111,10 @@ int main(void)
 		first = second;
 		second = a;
 	}
-	tryLaunch((uint32_t)first, CONFIG_FLASH_SIZE/2 - CONFIG_RW_MEM_OFF);
+	tryLaunch((uint32_t)first, CONFIG_RW_SIZE);
 	debug_printf("Failed to launch.\n");
 	debug_printf("Attempting to load the alternate image.\n");
-	tryLaunch((uint32_t)second, CONFIG_FLASH_SIZE/2 - CONFIG_RW_MEM_OFF);
+	tryLaunch((uint32_t)second, CONFIG_RW_SIZE);
 	debug_printf("No valid image found, not sure what to do...\n");
 	/* TODO: Some applications might want to reboot instead. */
 	halt();