pd: Add config to disable PD communication in locked RO

The scheme to disable PD communication in locked RO needs to be implemented on other platforms, so move it to common code, behind CONFIG_USB_PD_COMM_LOCKED. BUG=chrome-os-partner:52157 BRANCH=glados TEST=Manual on chell. Lock system and boot to recovery, then verify PD communication is functional. Enable CONFIG_USB_PD_COMM_LOCKED and verify PD communication isn't functional under the same test conditions. Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org> Change-Id: I8d1f24c0b60cf1c54e329af003b7083ee55ffc40 Reviewed-on: https://chromium-review.googlesource.com/338064 Commit-Ready: Shawn N <shawnn@chromium.org> Tested-by: Shawn N <shawnn@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org> Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2025-12-29 01:50:53 +00:00 · 2016-04-10 15:46:39 -07:00
parent a3341ee7e9
commit d2e77ddbc9
6 changed files with 31 additions and 23 deletions
--- a/board/plankton/board.h
+++ b/board/plankton/board.h
@@ -20,7 +20,6 @@
 #define CONFIG_USB_POWER_DELIVERY
 #define CONFIG_USB_PD_ALT_MODE
 #undef  CONFIG_USB_PD_COMM_ENABLED
-#define CONFIG_USB_PD_COMM_ENABLED 0
 #define CONFIG_USB_PD_CUSTOM_VDM
 #define CONFIG_USB_PD_DUAL_ROLE
 #define CONFIG_USB_PD_DYNAMIC_SRC_CAP
--- a/board/samus_pd/board.c
+++ b/board/samus_pd/board.c
@@ -207,7 +207,6 @@ void board_config_pre_init(void)
 /* Initialize board. */
 static void board_init(void)
 {
-	int pd_enable;
 	int slp_s5 = gpio_get_level(GPIO_PCH_SLP_S5_L);
 	int slp_s3 = gpio_get_level(GPIO_PCH_SLP_S3_L);

@@ -254,22 +253,6 @@ static void board_init(void)
 	if (system_get_image_copy() == SYSTEM_IMAGE_RW)
 		pd_status_flags |= PD_STATUS_IN_RW;

-	/*
-	 * Do not enable PD communication in RO as a security measure.
-	 * We don't want to allow communication to outside world until
-	 * we jump to RW. This can by overridden with the removal of
-	 * the write protect screw to allow for easier testing, and for
-	 * booting without a battery.
-	 */
-	if (system_get_image_copy() != SYSTEM_IMAGE_RW
-	    && system_is_locked()) {
-		ccprintf("[%T PD comm disabled]\n");
-		pd_enable = 0;
-	} else {
-		pd_enable = 1;
-	}
-	pd_comm_enable(pd_enable);
-
 #ifdef CONFIG_PWM
 	/* Enable ILIM PWM: initial duty cycle 0% = 500mA limit. */
 	pwm_enable(PWM_CH_ILIM, 1);
--- a/board/samus_pd/board.h
+++ b/board/samus_pd/board.h
@@ -52,8 +52,7 @@
 #define CONFIG_USB_PD_ALT_MODE
 #define CONFIG_USB_PD_ALT_MODE_DFP
 #define CONFIG_USB_PD_CHECK_MAX_REQUEST_ALLOWED
-#undef  CONFIG_USB_PD_COMM_ENABLED
-#define CONFIG_USB_PD_COMM_ENABLED 0
+#define CONFIG_USB_PD_COMM_LOCKED
 #define CONFIG_USB_PD_CUSTOM_VDM
 #define CONFIG_USB_PD_DUAL_ROLE
 #define CONFIG_USB_PD_TRY_SRC
--- a/board/snoball/board.h
+++ b/board/snoball/board.h
@@ -20,7 +20,6 @@
 #define CONFIG_USB_POWER_DELIVERY
 #define CONFIG_USB_PD_ALT_MODE
 /* TODO: Consider disabling PD communication in RO */
-#define CONFIG_USB_PD_COMM_ENABLED 1
 #define CONFIG_USB_PD_CUSTOM_VDM
 #define CONFIG_USB_PD_DYNAMIC_SRC_CAP
 #define CONFIG_USB_PD_LOGGING
--- a/common/usb_pd_protocol.c
+++ b/common/usb_pd_protocol.c
@@ -46,8 +46,12 @@ static int debug_level;
 * detects source/sink connection and disconnection, and will still
 * provide VBUS, but never sends any PD communication.
 */
-static uint8_t pd_comm_enabled = CONFIG_USB_PD_COMM_ENABLED;
+#if !defined(CONFIG_USB_PD_COMM_ENABLED) || defined(CONFIG_USB_PD_COMM_LOCKED)
+static uint8_t pd_comm_enabled;
 #else
+static uint8_t pd_comm_enabled = 1;
+#endif
+#else /* CONFIG_COMMON_RUNTIME */
 #define CPRINTF(format, args...)
 static const int debug_level;
 static const uint8_t pd_comm_enabled = 1;
@@ -3335,4 +3339,20 @@ DECLARE_HOST_COMMAND(EC_CMD_USB_PD_SET_AMODE,

 #endif /* HAS_TASK_HOSTCMD */

+#ifdef CONFIG_USB_PD_COMM_LOCKED
+/* Enable PD communication at init if we're in RO or unlocked. */
+static void pd_comm_init(void)
+{
+	int pd_enable = 1;
+
+	if (system_get_image_copy() != SYSTEM_IMAGE_RW
+	    && system_is_locked()) {
+		ccprintf("[%T PD comm disabled]\n");
+		pd_enable = 0;
+	}
+
+	pd_comm_enable(pd_enable);
+}
+DECLARE_HOOK(HOOK_INIT, pd_comm_init, HOOK_PRIO_LAST);
+#endif /* CONFIG_USB_PD_COMM_LOCKED */
 #endif /* CONFIG_COMMON_RUNTIME */
--- a/include/config.h
+++ b/include/config.h
@@ -1775,7 +1775,15 @@
 #undef CONFIG_USB_PD_CHECK_MAX_REQUEST_ALLOWED

 /* Default state of PD communication enabled flag */
-#define CONFIG_USB_PD_COMM_ENABLED 1
+#define CONFIG_USB_PD_COMM_ENABLED
+
+/*
+ * Do not enable PD communication in RO as a security measure.
+ * We don't want to allow communication to outside world until
+ * we jump to RW. This can by overridden with the removal of
+ * the write protect screw to allow for easier testing.
+ */
+#undef CONFIG_USB_PD_COMM_LOCKED

 /* Respond to custom vendor-defined messages over PD */
 #undef CONFIG_USB_PD_CUSTOM_VDM