Using FWMP for CCD management requires that FWMP contents could be
read even when the AP is not operational, i.e. before TPM2_Startup
command is issued.
A fix is added to the TPM2 library to allow access to FWMP contents
even if TPM is not used by the AP. With that in mind there is no need
to delay reading FWMP until TPM2_Startup command is issued. With the
console task stack increase FWMP contents can be read directly on the
console task context.
BRANCH=Cr50
BUG=b:62537474
TEST=with TPM patch applied verified that CCD can be opened when AP is
down (i.e. TPM2_Startup command was not issued).
Change-Id: Ibf4325917a512a855fc658edb9e51e4837328f43
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/817896
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
TPM reset sequence when TPM wipeout is requested has a side effect of
rebooting the entire device. This is not always desirable, in some
cases other actions need to happen before the device is rebooted.
This patch makes resetting the EC the TPM reset caller's responsibility,
BRANCH=cr50
BUG=none
TEST=verified that RMA reset and WP disable properly wipe out the TPM
and reboot the device.
Change-Id: I6e827ce923a2454ae5b2e2597d1a4c9390bbb8b6
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/733813
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
For historical reasons, CCD, reset, and power button control were
scattered around several files. Consolidate the code in more sensible
(in retrospect) places.
No functional changes, just moving code.
BUG=none
BRANCH=cr50
TEST=make buildall; boot cr50
Change-Id: Ic381a5a5d0627753cc771189aa377e88b81b155e
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/653766
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Currently, the Cr50 state machines (EC, AP, RDD, bitbang, etc.) manage
their own enabling and disabling of the ports (UART, SPI, etc.) This
is tricky because the rules for when ports should be enabled are
non-trivial and must be applied in the correct order. In additionl
the changes all need to be serialized, so that the hardware ends up in
the correct state even if multiple state machines are changing
simultaneously.
Consolidate all of that into chip/g/rdd.c. The debug command for it
is now 'ccdstate', which just prints the state machines. This will
allow subsequent renaming of the 'ccdopen', etc. commands to 'ccd
open', etc.
Also include UART bit-banging into that state which must be
consistent. Previously, it was possible for bit-banging to leave UART
TX connected, instead of returning it to the previous state.
Use better names for CCD config fields for UART. I'd had them backwards.
BUG=b:62537474
BRANCH=cr50
TEST=manual, with a CR50_DEV=1 image
1) No servo or CCD
Pull SERVO_DETECT low (disconnected)
Pull CCD_MODE_L high (disabled)
Pull EC_DETECT and AP_DETECT high (on)
Reboot. RX is enabled even if cables are disconnected so we buffer.
ccdstate -> UARTAP UARTEC
Pull EC_DETECT low.
ccdstate -> UARTAP
Pull EC_DETECT high and AP_DETECT low.
ccdstate -> UARTEC
Pull AP_DETECT high.
ccdstate -> UARTAP UARTEC
2) Servo only still allows UART RX
Pull SERVO_DETECT high (connected).
ccdstate -> UARTAP UARTEC
3) Both servo and CCD prioritizes servo.
Pull CCD_MODE_L low (enabled).
ccdstate -> UARTAP UARTEC
Reboot, to make sure servo wins at boot time.
ccdstate -> UARTAP UARTEC
Bit-banging doesn't work when servo is connected.
bitbang 2 9600 even -> superseded by servo
bitbang -> disabled
ccdstate -> UARTAP UARTEC
4) CCD only allows more ports and remembers we wanted to bit-bang
Pull SERVO_DETECT low.
ccdstate --> UARTAP+TX UARTEC+BB I2C SPI
bitbang 2 disable
ccdstate --> UARTAP+TX UARTEC+TX I2C SPI
Reboot and see we don't take over servo ports until we're
sure servo isn't present.
ccdstate --> UARTAP UARTEC (for first second)
ccdstate --> UARTAP+TX UARTEC+TX I2C SPI (after that)
5) Bit-banging takes over ECTX
bitbang 2 9600 even
bitbang -> baud rate 9600, parity even
ccdstate -> UARTAP+TX UARTEC+BB I2C SPI
bitbang 2 disable
ccdstate -> UARTAP+TX UARTEC+TX I2C SPI
6) Permissions work. Allow easy access to full console and ccdopen:
ccdset OpenNoTPMWipe always
ccdset OpenNoLongPP always
ccdset GscFullConsole always
Default when locked is full AP UART EC RO, no I2C or SPI
ccdlock
ccdstate -> UARTAP+TX UARTEC
No EC transmit permission means no bit-banging
bitbang 2 9600 even
bitbang -> disabled
ccdstate -> UARTAP+TX UARTEC
But it remembers that we wanted to
ccdopen
ccdstate -> UARTAP+TX UARTEC+BB I2C SPI
bitbang 2 disable
ccdstate -> UARTAP+TX UARTEC+TX I2C SPI
Try turning on/off permissions
ccdset UartGscTxECRx always
ccdlock
ccdstate -> UARTAP+TX UARTEC+TX
No read means no write either
ccdset UartGscRxECTx ifopened
ccdlock
ccdstate -> UARTAP+TX
ccdopen
ccdset UartGscRXAPTx ifopened
ccdlock
ccdstate -> (nothing)
Check AP transmit permissions too
ccdopen
ccdset UartGscRxAPTx always
ccdset UartGscTxAPRx ifopened
ccdlock
ccdstate -> UARTAP
Check I2C
ccdopen
ccdset I2C always
ccdlock
ccdstate -> UARTAP I2C
SPI port is enabled if either EC or AP flash is allowed
ccdopen
ccdset flashap always
ccdlock
ccdstate -> UARTAP I2C SPI
ccdopen
ccdset flashec always
ccdset flashap ifopened
ccdlock
ccdstate -> UARTAP I2C SPI
Back to defaults
ccdoops
Change-Id: I641f7ab2354570812e3fb37b470de32e5bd10db7
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/615928
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
The device_state module is used for debouncing GPIO inputs to
determine device state. It was overkill for managing the battery
present state as forwarded to the write protect pin, and split that
handling between 3 files (board.c, wp.c, device_state.c). Move all of
that logic into wp.c so it's easier to maintain.
BUG=none
BRANCH=cr50
TEST=manual
plug in battery (or ground DIOM2)
wp command reports WP enabled
unplug battery (or pull DIOM2 high)
wp command reports WP disabled
Change-Id: I71ab9ce5766ecddae430c63a8b31388935a46180
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/604500
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
The WP command is now controlled by CCD configuration (ccdset
wpoverride). In addition to enabling/disabling/following battery for
the current boot (counting deep sleep resume), it is also possible to
set the WP override at boot. That's needed to support persistently
disabling WP for RMA without needing to persistently remove the
battery.
Restricted console commands are now controlled by CCD configuration
(ccdset cr50fullconsole).
The old 'lock' console command has been removed, now that
ccdopen/ccdunlock/ccdlock replace it.
The old TPM vendor commands for set_lock is gone; it will be replaced
by CCD configuration TPM vendor commands in a subsequent CL. The
get_lock command still exists, but only reports the console lock
state; it will be removed too.
See go/cr50-ccd-wp for more information.
BUG=b:62537474
BRANCH=cr50
TEST=manual with CR50_DEV=1 build
ccdinfo --> State = Opened, WPOverride = default(IfOpened)
plug in battery (or jumper DIOM2 to ground on a dev board)
gpioget --> make sure GPIO_BATT_PRES_L=0
wp --> enabled, at boot follow battery
remove battery (or jumper DIOM2 to JTAG pin3 on a dev board)
gpioget --> make sure GPIO_BATT_PRES_L=1
wp --> disabled, at boot follow battery
wp enable --> forced enabled, at boot follow battery
idle d
(wait for restart)
wp --> forced enabled, at boot follow battery
reboot
wp --> disabled, at boot follow battery
plug in battery (or jumper DIOM2 to ground on a dev board)
wp --> enabled, at boot follow battery
wp disable --> forced disabled, at boot follow battery
idle d
(wait for restart)
wp --> forced disabled, at boot follow battery
reboot
wp --> enabled, at boot follow battery
wp disable atboot --> forced disabled, at boot forced disabled
reboot
wp --> forced disabled, at boot forced disabled
wp enable --> forced enabled, at boot forced disabled
idle d
(wait for restart)
wp --> forced enabled, at boot forced disabled
wp follow_batt_pres --> enabled, at boot forced disabled
wp follow_batt_pres atboot --> enabled, at boot follow battery
ccdunlock
wp disable --> access denied
help --> commands like 'crash' are disabled
ccdoops
ccdset cr50fullconsole unlesslocked
ccdset wpoverride always
ccdunlock
help --> commands like 'crash' are still enabled
ccdlock
help --> commands like 'crash' are disabled
wp disable --> forced disabled
ccdoops
Change-Id: Ic441f490bdd7a19dd646fe8338e5d608b42ce72c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/575997
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
This adds the CCD configuration module, and the console commands to
control it. It is not wired up to any of the CCD capabilities; that's
coming in the next CL.
Briefly:
* CCD configuration is persistently stored in nvmem_vars. Use ccdinfo to
print it.
* CCD can be Locked, Unlocked (some capabilities), or Opened
(all capabilities), using the ccdlock / ccdunlock / ccdopen commands.
* CCD config can be restricted by setting a password via ccdpass.
* Individual config capabilities can be set via ccdset. Some of those will
be used to gate access to things like write protect and UARTs. Others
affect the requirements for ccdunlock / ccdopen (for example, is physical
presenc required).
* The entire config can be reset via ccdreset. If only unlocked, config
that is restricted to Opened is not reset.
* If CR50_DEV=1, ccdoops will force-reset and open the config.
See go/cr50-ccd-wp for more information.
BUG=b:62537474
BRANCH=none
TEST=manual with CR50_DEV=1 build
gpioget # make sure GPIO_BATT_PRES_L=0
ccdlock # lock, because CR50_DEV=1 builds start unlocked
ccdinfo # locked, flags=0, all capabilities default
ccdpass # access denied (we're locked)
ccdreset # access denied
ccdset flashap always # access denied
ccdunlock
ccdinfo # unlocked
ccdpass foo
ccdinfo # flags=2 (password set when unlocked)
ccdset flashap always # access denied
ccdset uartectx unlesslocked
ccdinfo # yes, uartectx permission changed
ccdlock
ccdunlock # fails without password
ccdunlock bar # wrong password
ccdunlock foo # busy
(wait 3 sec)
ccdunlock foo
ccdreset
ccdinfo # no password, flags 0, capabilities all default
ccdopen # requires physical presence; tap power or use 'pp'
ccdset uartectx unlesslocked
ccdset batterybypasspp ifopened
ccdpass baz
ccdinfo # password set, flag 0, ccdset changes worked
ccdunlock
ccdreset
ccdinfo # uartectx back to ifopened, password still set
ccdopen baz # still requires physical presence
ccdset opennolongpp always
ccdlock
ccdopen baz # no pp required
ccdset unlocknoshortpp unlesslocked
ccdlock
ccdopen baz # short pp sequence required (3 taps)
ccdlock
ccdunlock baz # short pp sequence required
ccdopen baz # pp not required
ccdset unlocknoshortpp always
ccdlock
testlab open # access denied
testlab enable # access denied
ccdunlock baz
testlab open # access denied
testlab enable # access denied
ccdopen baz
testlab enable # requires short pp
ccdinfo # flags 1
ccdreset
ccdinfo # no password, flags=1, caps all default
ccdlock
testlab open
ccdinfo # opened
testlab disable # requires short pp; let it time out
ccdinfo # still opened, flags=1
ccdlock
ccdoops # backdoor in CR50_DEV images to force-reset CCD
ccdinfo # opened, flags=0, all defaults (yes, oops wipes out testlab)
ccdreset rma
ccdinfo # flags = 0x400000, everything but Cr50FullConsole always
ccdreset # back to flags=0, all default
Change-Id: I24e8d8f361874671e6e94f27492ae00db919bea9
Reviewed-on: https://chromium-review.googlesource.com/569439
Commit-Ready: Randall Spangler <rspangler@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
This will be used as part of case closed debugging configuration.
Currently, this only adds the state machine, and a test command which
is available when CR50_DEV=1. It also adds a new sleep mask flag for
physical presence detect, instead of oveloading FORCE_NO_DSLEEP.
The physical presence state machine supports both short (tap 5 times
in 15 seconds) and long (short, followed by 4 more taps 1-5 minutes
apart) sequences. It will call a callback function at the end of the
sequence, so that multiple things can each request physical presence
in turn. This will be used by ccdopen / ccdunlock / testlab commands
for CCD V1.
Eventually, CCD config will replace the unlock sequence handling in
wp.c. But for now, we don't touch that.
See go/cr50-ccd-wp for more information.
BUG=b:62537474
BRANCH=none
TEST=manual
Short sequence:
pp short
pp
pp
pp # See "Physical presence good"
Timeout
pp short
pp # 15 sec later, get timeout error
Long sequence:
pp long
pp
pp
pp
(wait 2 sec)
pp
(wait 2 sec)
pp # See "PP good"
Long sequence, presses too fast:
pp long
pp
pp
pp
pp # See "PP L too soon"
(wait 2 sec)
pp
(wait 2 sec)
pp # See "Physical presence good"
Abort:
pp short
pp abort # See "Physical presence aborted"
Change-Id: I09da81ad11d328e7d7740c3fe838a5f67d7b8708
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/568796
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Implement U2F (universal second factor authentication) feature
over TPM vendor commands.
The raw U2F APDU as defined by the FIDO Alliance 'U2F Raw Message Formats'
specification can be sent using the VENDOR_CC_U2F_APDU command.
So the vendor command is taking a ISO7816-4:2005 APDU format frame as input
as defined by the spec and returns another APDU using ISO7816-4 status
code.
The APDU is processed by the common U2F code using u2f_apdu_rcv(),
this hardware specific code provides:
- the user physical presence detection (done by the power button press)
returned by the pop_check_presence() callback.
- the connection to the cryptographic hardware to generate/derive the
keys used by the U2F and individual attestation functions.
This feature/vendor command has 3 modes:
- disabled
- U2F (only the commands/flags defined by the U2F specification)
- G2F (the U2F commands plus some extensions for individual attestation)
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=cr50
BUG=b:35545754
TEST=pass U2FTest and HIDTest.
Change-Id: Ic2591f369763fb4ba67926e2b4a0c2cd35330a18
Reviewed-on: https://chromium-review.googlesource.com/518139
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Enable permanently the power button interrupt and discard the unneeded
presses, rather than enabling the interrupt on demand.
This is a preparatory work for the U2F feature which is using the power
button as the user physical presence sensing. It will need to be able to
detect all the button touches.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=cr50
BUG=b:35545754
TEST=with follow-up CLs, run U2FTest on Eve.
Change-Id: Ifd90970932684d31ad7687db260bafa65a56e854
Reviewed-on: https://chromium-review.googlesource.com/518138
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
It needs to be possible to prevent unlocking of CCD on enterprise
enrolled devices, in particular to prevent users from moving into dev
mode.
A bit in the FWMP structure flags field was allocated for the purposes
of preventing console unlock in those cases.
This patch adds code to read the FWMP structure from the TPM NVMEM,
verify it and determine if it should be possible to unlock the
console. The restriction is not honored by Cr50 DBG images.
The FWMP value is read only once per TPM reset, this means each time
the admin console changes the relevant flag bit, the Chrome OS device
has to be rebooted to pick up the new flag value.
BRANCH=cr50
BUG=b:35587387,b:35587053
TEST=verified that FWMP is properly read and acted upon.
Change-Id: I17e15ea2b2293a0c096858fba3ccc389452caede
Reviewed-on: https://chromium-review.googlesource.com/457824
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
There many TODOs sprinkled in the code, some of them have been
addressed or do not apply any mode. This patch removes them.
BRANCH=cr50
BUG=none
TEST=built and ran cr50 on reef
Change-Id: Ica6edb204e5cc0cc9dc7f0d43fd39e7ddaf56809
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/506496
Reviewed-by: Randall Spangler <rspangler@chromium.org>
When Cr50 resumes from hibernate, it should use the WP state that was
stored in the long life scratch registers. All other boots should
simply follow the state of the BATT_PRES_L pin.
BUG=b:36659750
BRANCH=master,cr50
TEST=Power on Cr50 via battery, verify that WP_L remains asserted.
Change-Id: I516d43b6540d7c543e7629f8709ce63515bb7f76
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-on: https://chromium-review.googlesource.com/464258
Commit-Ready: Aseda Aboagye <aaboagye@chromium.org>
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
This commit enables the use of the nvmem vars module. The console lock
state is migrated from using the long life scratch register, to nvmem
vars instead which will persist across power on reboots.
BUG=b:35586145
BRANCH=None
TEST=Flash a dev image. Lock the console. Remove all power from the
system. Power on system and verify that console is still locked.
Unlock the console, remove power from the system, power on the system,
verify that the console is now unlocked.
TEST=Repeat the above test, but using the nvtestvar console command
instead.
Change-Id: I03a2098bb0017cfca59889457a332eafb0e95db6
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-on: https://chromium-review.googlesource.com/445804
Commit-Ready: Aseda Aboagye <aaboagye@chromium.org>
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Currently, manually triggered reboots cause the retry counter to be
incremented. However, if the system is responsive enough to process the
reboot commands from either the console or TPM vendor command, we can
assume that the image is "ok". This commit changes the Cr50 behaviour
to decrement the retry counter when a reboot is issued on the console or
the TPM vendor command is received.
BUG=chrome-os-partner:62687
BRANCH=None
TEST=Flash cr50. Flash an older image in the other slot. Enter the
reboot command on the console over 10 times and verify that retry
counter never exceeds RW_BOOT_MAX_RETRY_COUNT and older image is never
executed.
CQ-DEPEND=CL:444264
Change-Id: Ic35bdc63c4141834584a00a7ecceab2abe8dfc21
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-on: https://chromium-review.googlesource.com/443330
Commit-Ready: Aseda Aboagye <aaboagye@chromium.org>
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
With this change, only DEV images will have the capability to unlock the
Cr50 console.
BUG=chrome-os-partner:62727
BRANCH=None
TEST=Build a prod image, flash Cr50, try to unlock the console. Verify
that access is denied and console remains locked.
TEST=Attempt to read EC and AP flash over ccd. Verify that it fails.
TEST=Remove AC and battery. Plug in AC. Verify that console is still
locked.
TEST=Plug in AC, unplug battery, verify that write protect is disabled.
Verify that console is still locked and cannot be unlocked.
TEST=Build a dev image, verify that console can be locked and unlocked.
Change-Id: Ic47aa34f42ee295e74ba3a40b709ac42c34a30b7
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-on: https://chromium-review.googlesource.com/439764
Commit-Ready: Aseda Aboagye <aaboagye@chromium.org>
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
This commit changes the Cr50 write protect behaviour to simply follow
the state of the battery present pin. The state can still be overridden
both ways by using the `wp` console command. A user can either force
write protect enabled or force write protect disabled. Additionally,
the behaviour can be reset to follow the state of the battery pin by
issuing `wp follow_batt_pres`. However, the ability to force the write
protect state requires an unlocked console.
BUG=chrome-os-partner:62726
BRANCH=None
TEST=Plug in battery, verify that WP is enabled. Plug in AC and unplug
battery, verify that WP is disabled.
TEST=Unplug battery, unplug AC, plug in AC, verify that WP is disabled.
TEST=Unplug battery, verify that WP is disabled. Use `wp' command to
enable WP, verify that it is enabled.
TEST=Plug in battery, disable WP using `wp` command, put cr50 into deep
sleep, wake it up, verify that WP is still disabled.
TEST=Plug in AC, plug in battery, disable WP using `wp` command, unplug
and plug battery connector, verify that WP is still disabled.
Change-Id: I83d9820067800801ddbde311eab0853c3c2216d3
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-on: https://chromium-review.googlesource.com/439485
Commit-Ready: Aseda Aboagye <aaboagye@chromium.org>
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
tpm_reset just requests a tpm reset it doesn't reset the tpm. Rename the
function to reflect that.
BUG=none
BRANCH=none
TEST=make buildall
Change-Id: I6f4763b5de578a8cf263b2fac98fad3af2c25d65
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/434245
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
After every reboot, we were resetting the write protect and console
lock states back to default. With this change the wp and lock states
will be preserved through deep sleep. They will still be reset on any
other type of reboot (like Power On reset or panic).
The states are also cleared if the system detects a rollback even when
booting from the deep sleep.
With this patch it is going to be impossible to remove hardware write
protection guarding writes into AP and EC firmware flash, unless the
cr50 console is unlocked.
Locking the console would reinstate hardware write protection
automatically even if it was disabled when the console was unlocked.
Two long life scratch register 1 bits are used to keep the console and
write protect states over resets. To make code cleaner bitmap
assignments of the long life scratch register is put in its own
include file.
BUG=chrome-os-partner:58961
BRANCH=none
TEST=manual
On prod/dev images verify that the default wp and console lock
states are still correct.
change the lock and write protect states from the default and
verify they are preserved through deep sleep.
reboot cr50 and make sure that they are reset.
unlock the console and enable flash writes, then set fallback
counter on cr50 to the value of 6 (rw 0x40000128 1; rw
0x4000012c 6) and put the AP into deep sleep by hitting
Alt-H-VolUp.
In five minutes press the power button on the device to bring
it back from s5. Observe cr50 fall back to an older image and
console lock and wp disabled.
Change-Id: Ie7e62cb0b2eda49b04a592ee1d0903e83246b045
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/420812
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Because the virtual dev-mode switch is stored in the TPM, when we erase
the TPM memory prior to unlocking the Cr50 console on reboot the system
reinitializes itself in normal mode. This is by design (Chromebooks
should fail into a more-secure state when possible), but it can be
unexpected.
This adds some extra caution to the unlock warning message, so that
owners who are fiddling with it for the first time aren't unpleasantly
surprised by losing all their work.
BUG=chrome-os-partner:57407
BRANCH=none
TEST=make buildall; test on Reef
From the Cr50 console, run
lock on
lock off
Observe the new, scarier warning.
Change-Id: I6fd1248a5a4c131fa107a902a4539fa73f2308f6
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/414387
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
When the console is unlocked, the function nvmem_wipe_or_reboot()
is called. This holds the EC in reset, clears nvmem, resets the
TPM task, then releases the EC. Nothing about that should cause
the Cr50 to reboot, but it was happening anyway.
This CL addresses several subtle problems.
First, holding the EC in reset invoked the sys_rst_asserted()
interrupt handler, triggering extra (and early) calls to
tpm_reset(). That should wait until after nvmem is cleared, and
only be called once.
Second, the intentional call to tpm_reset() caused the current
(HOOKS) task to wait for the operation to finish, but it didn't
wait long enough (recreating the endorsement certs can take over
a second). When the task_wake_event() returned, a timeout was
indicated in addition to the completion event.
Third, because we checked for the timeout first, we reported an
error even though tpm_reset() completed successfully, just slower
than we expected. We didn't get the timeout event before it
completed because the TPM task runs at a higher priority.
This CL addresses all of these cases, and makes wiping nvmem the
responsibility of the TPM task as well, so that it can do it when it's
ready.
Note that the EC (and thus AP too) will be held in reset while nvmem is
erased.
BUG=chrome-os-partner:59902
BRANCH=none
TEST=make buildall, manual tests
From the Cr50 console, run the "lock on" and "lock off" commands.
Try it both with and without the battery present. Observe that
the Cr50 no longer reboots just because the console unlocks.
Change-Id: I65a342502718acc5b9bda8c6f28dcd27e8f027f7
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/411379
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
This allows custom TPM commands to be declared using the a
DECLARE_VENDOR_COMMAND macro instead of the original (and still
unchanged) DECLARE_EXTENSION_COMMAND macro.
The new commands are nearly identical, but they are encapsulated
using the vendor-specific protocols described in the TPMv2 spec.
Our original extensions use a non-standard command code, and
return a non-standard struct on completion, which can be
confusing to standard TPM drivers and tools.
Demonstrating the use of the new macros, this adds commands to
obtain the state of the Cr50 restricted console lock, or to set
the lock. There is intentionally no command to unlock the
console.
Note that this CL just adds the commands to the Cr50. We still
need to provide a nice userspace utility for the AP to use.
BUG=chrome-os-partner:58230
BUG=chrome-os-partner:57940
BRANCH=none
TEST=make buildall; load, boot, test, and update again on Reef
On Reef, I can use the trunks_send tool to send the raw TPM bytes
to invoke these commands:
Get the lock state:
# trunks_send 80 01 00 00 00 0C 20 00 00 00 00 10
80010000000D00000000001000
The last byte 00 indicates that the lock is NOT set, so set it:
# trunks_send 80 01 00 00 00 0C 20 00 00 00 00 10
80010000000C000000000011
Success. On the Cr50 console, I see it take effect:
[480.080444 The console is locked]
Query the state again:
# trunks_send 80 01 00 00 00 0C 20 00 00 00 00 10
80010000000D00000000001001
and now the last byte 01 indicates that the console is locked.
And of course the existing extension commands still work as
before. In addition to uploading firmware, I can use the
usb_updater from my build machine to query the running firmware
version:
$ ./extra/usb_updater/usb_updater -f
open_device 18d1:5014
found interface 4 endpoint 5, chunk_len 64
READY
-------
start
Target running protocol version 5
Offsets: backup RO at 0x40000, backup RW at 0x4000
Keyids: RO 0x3716ee6b, RW 0xb93d6539
Current versions:
RO 0.0.10
RW 0.0.9
$
Change-Id: I7fb1d888bf808c2ef0b2b07c782e926063cc2cc4
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/409692
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
This locks the Cr50 console by default, and makes the unlock
process take the full 5 minutes unless the battery is removed.
BUG=chrome-os-partner:57408
BRANCH=none
TEST=make buildall; test on Gru & Reef
Build the image with
make buildall
or
make BOARD=cr50
Put it on Gru & Reef, and confirm that the console is locked, by
running "lock" or "help". Try to unlock it with "lock off" and
observe that you have to poke the power button for five minutes
before it unlocks.
Remove the battery and confirm that "lock off" now only requires
a single power button press to take effect.
Build the image with
CR50_DEV=1 make BOARD=cr50
and now the behavior is back to the way it was before this CL.
Change-Id: I9f2cc67a1dd63f260221a8711a8591070018be3b
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/389238
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The assumption is that removing the cover and disconnecting the
battery is sufficiently obvious and time-consuming that it's not
necessary to sit there poking the power button repeatedly.
We still erase the NVMEM completely before unlocking, of course.
BUG=chrome-os-partner:55322
BRANCH=none
TEST=make buildall; test on Gru
Toggle the Cr50 console with "lock on", then "lock off". Confirm
that the 5-minute process only requires one poke when the battery
cable is disconnected. Also confirm that both ways abort if you don't
press the button at all.
Change-Id: Iaa0f5eb102b914c95f3a34002438cbe80affcfb5
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/388879
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The Cr50 console provides access to all sorts of dangerous
commands. To protect user secrets, we must erase the persistent
storage before unlocking the console.
Note that this will not powerwash the AP, leaving you with the
impression that you've just forgotten your password. You'll have
to manually powerwash (Ctrl+Alt+Shift+R) afterwards. That will be
addressed in a future CL.
BUG=chrome-os-partner:55728
BRANCH=none
TEST=make buildall, test on Gru
Lock the console if it's not already ("lock enable"), then unlock
it with "lock disable". Confirm that the NVMEM region is erased
following a successful unlock process.
Change-Id: Iebcd69c9f757f5ab5d496218f065197d3f1f746c
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/382666
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Just a variable & comment renaming. No functional changes.
BUG=none
BRANCH=none
TEST=make buildall; test on Gru
At the console, try "lock on", "lock off". It works the same.
Change-Id: I65381d5550f68855be8d7961abbaa117dc97184b
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/389237
Reviewed-by: Randall Spangler <rspangler@chromium.org>
In order to disable the restricted console lock, the user has to
poke the power button repeatedly for some time. This CL
implements the logic to tell when this is happening, and whether
it is successful or not.
With this CL, unlocking only takes 10 seconds. This period will
be extended for production use. Right now we're just testing.
BUG=chrome-os-partner:55322
BUG=chrome-os-partner:55510
BRANCH=none
TEST=make buildall; test on cr50 hardware
At the console, run the "lock" command to see if it's already
disabled. If it is, run "lock enable" to lock it.
To unlock it, run "lock disable". A countdown will appear, after
which you will need to poke the Power button every 2 seconds for
10 seconds. If you do so, the console will be unlocked.
Change-Id: Ib5a94172080e627f3268d50d2587ec58bf8d9473
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/377621
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
This enables restricted console commands, meaning that only the
"help" command would be available when the Cr50 console is locked.
To get out of (or into) the locked state, this also adds a "lock"
command. Of course, it will be available in locked mode.
For now, the lock state is disabled, so all commands continue to
work as before. Even after enabling the lock, it's trivial to
disable it again. Future CLs will build on this framework.
BUG=chrome-os-partner:55322,chrome-os-partner:55510
BRANCH=none
TEST=make buildall, test on Cr50 hardware
Try these commands:
lock
help
gpioget
lock enable
help
gpioget
lock disable
help
gpioget
Change-Id: I42c9bd63e17612dcff78c9f45054e53d96adcd5b
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/376187
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Since pretty much always, we've declared console commands to take
a "longhelp" argument with detailed explanations of what the
command does. But since almost as long, we've never actually used
that argument for anything - we just silently throw it away in
the macro. There's only one command (usbchargemode) that even
thinks it defines that argument.
We're never going to use this, let's just get rid of it.
BUG=none
BRANCH=none
CQ-DEPEND=CL:*279060
CQ-DEPEND=CL:*279158
CQ-DEPEND=CL:*279037
TEST=make buildall; tested on Cr50 hardware
Everything builds. Since we never used this arg anyway, there had
better not be any difference in the result.
Change-Id: Id3f71a53d02e3dc625cfcc12aa71ecb50e35eb9f
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/374163
Reviewed-by: Myles Watson <mylesgw@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
BUG=chrome-os-partner:49959
BRANCH=none
TEST=manual
On the Cr50 console, use the "wp" command to get/set the desired
state. On the EC console, use "gpioget wp_l" to watch it change.
Change-Id: I5978e6116ad0a07a7a61a8356dc1daf79e2397d0
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/373618
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
