The nvmem_write() and nvmem_move() funcitons return an error
if the write or move operation would exceed the user buffer
boundary. However, the TPM2 functions which call these functions
do not check for errors. Instead TPM2 NvMem relies on the return
value of the nv_commit() function to determine if a TPM command
which modifies NvMem succeeds or fails.
This CL adds a nvmem_write_error flag which is set in cases where
an nvmem_write/nvmem_move returns an error. This error flag
is then checked in nvmem_commit() so that the commit operation can
be abandonded and the error returned back up the TPM2 stack.
Tested in full system for two cases.
Installed TPM certificates on the Cr50, then manually erased NvMem with
flasherase 0x7b000 0x5000 and rebooted system. Then on Kevin console
entered the command <trunks_client --own>
NV_MEMORY_SIZE = 9932
NVMEM_TPM_SIZE = 7168
Case 1 -> Without internal write error state, so commit() always
executes if called. In this case, the Kevin console reports
a TRUNKS_RC_WRITE_ERROR and there is a Cr50 reboot.
Kevin Console:
localhost ~ # trunks_client --own
[INFO:tpm_utility_impl.cc(1692)] CreateStorageRootKeys: Created RSA SRK.
[INFO:tpm_utility_impl.cc(1735)] CreateStorageRootKeys: Created ECC SRK.
[ 134.056217] tpm tpm0: Operation Timed out
[ERROR:tpm_utility_impl.cc(1987)] DoesPersistentKeyExist:
querying handles: TRUNKS_RC_WRITE_ERROR
[ERROR:tpm_utility_impl.cc(269)] TakeOwnership: Error creating salting
key: TRUNKS_RC_WRITE_ERROR
[ERROR:trunks_client.cc(98)] Error taking ownership: TRUNKS_RC_WRITE_ERROR
Cr50 Console:
> [131.501920 nv_commit()]
[142.494755 nv_wr: max off = 0x1250]
[142.496347 nv_wr: max off = 0x17b4]
[142.548296 nv_commit()]
[142.678001 nv_rd: max off = 0x1250]
[142.679350 nv_rd: max off = 0x1254]
[143.269614 Nv Wr: overflow stop: reqst = 0x1d1c, avail = 0x1c00]
[143.271460 Nv Wr: overflow stop: reqst = 0x1d20, avail = 0x1c00]
[143.273055 Wr Err = TRUE, Resetting error only, not returning]
[143.325073 nv_commit()]
--- UART initialized after reboot ---
[Reset cause: rtc-alarm]
[Image: RW_B, cr50_v1.1.5056-8e5dc99+ private-cr51:v0.0.69- 12:23:02]
[0.004349 Inits done]
[0.007150 Active NVram partition set to 0]
[0.008086 Debug Accessory connected]
[0.009076 USB PHY B]
Console is enabled; type HELP for help.
tpm_manufactured: manufactured
[1.155766 usb_reset]
[1.240155 usb_reset]
[1.311188 SETAD 0x6c (108)]
Case 2 -> Using internal error state to gate the commit() operation.
In this case, the attempted write overflow sets the internal error
state and the commit() following attempted overflow detection is not
exectued. It results in a different AP TPM error shown below as
Error encrypting salt. The other different behavior is that observed
is that if after failing on the RSA SRK, the ECC SRK write is still
attempted.
Kevin Console:
localhost ~ # trunks_client --own
[INFO:tpm_utility_impl.cc(1692)] CreateStorageRootKeys: Created RSA SRK.
[INFO:tpm_utility_impl.cc(1735)] CreateStorageRootKeys: Created ECC SRK.
[ERROR:session_manager_impl.cc(154)] Error fetching salting key public
info: Handle 1: TPM_RC_HANDLE
[ERROR:session_manager_impl.cc(94)] Error encrypting salt: Handle 1:
TPM_RC_HANDLE
[ERROR:tpm_utility_impl.cc(277)] TakeOwnership: Error initializing
AuthorizationSession: Handle 1: TPM_RC_HANDLE
[ERROR:trunks_client.cc(98)] Error taking ownership: Handle 1:
TPM_RC_HANDLE
Cr50 Console:
> [107.867473 nv_commit()]
[133.743522 nv_wr: max off = 0x123f]
[133.744908 nv_wr: max off = 0x1250]
[133.746159 nv_wr: max off = 0x17b4]
[133.798498 nv_commit()]
[133.900131 nv_rd: max off = 0x1250]
[133.901496 nv_rd: max off = 0x1254]
[134.507033 Nv Wr: overflow stop: reqst = 0x1d1c, avail = 0x1c00]
[134.508852 Nv Wr: overflow stop: reqst = 0x1d20, avail = 0x1c00]
[134.510440 Wr Err = TRUE, Aborting Commit!]
[144.856751 Nv Wr: overflow stop: reqst = 0x1d1c, avail = 0x1c00]
[144.858611 Nv Wr: overflow stop: reqst = 0x1d20, avail = 0x1c00]
[144.860198 Wr Err = TRUE, Aborting Commit!]
BRANCH=none
BUG=chrome-os-partner:55910
TEST=manual Test in system as described above and
ran NVMEM unit tests and verified that when a write would overrun the
user buffer, the write fails and sets the error state. Then,
verified that the nv_commit() call returns an error and clears
the internal error state.
Change-Id: I376e17b273003ff3d75459b4e68ed69d42dc7415
Signed-off-by: Scott <scollyer@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/366757
Commit-Ready: Scott Collyer <scollyer@chromium.org>
Tested-by: Scott Collyer <scollyer@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
There seems to be flaky issue where the nvmem tests don't fully
complete. I need to spend some time to try and understand the
mechanism. It doesn't happen on every build attempt and never
happens when I just run this particular test.
In the meantime, I don't want the builder to fail due to this
issue so I am removing this test from the test-list-host while
I debug the issue.
BUG=chrome-os-partner:55854
BRANCH=none
TEST=manual
Execute the command 'make runtests' in /platform/ec and verified that
the nvmem test is no longer executed.
Change-Id: I9f0778fd9fa17cf8949292f7abe8b05ccab2bae2
Signed-off-by: Scott <scollyer@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/367302
Commit-Ready: Scott Collyer <scollyer@chromium.org>
Tested-by: Scott Collyer <scollyer@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
I keep thinking this refers to "Embedded Controller" instead of
"Elliptic Curve Cryptography". Make it clearer.
There's no functional change, I'm just renaming a constant.
BUG=none
BRANCH=none
TEST=make buildall; run tests on Cr50 dev board
make -C test/tpm_test && sudo ./test/tpm_test/tpmtest.py
Change-Id: Iaf2e2839e88fdbbcb1a712934be56a0dd47e4a70
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/366752
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
The chip revision and board version show up on the second line of
the returned string, immediately before the build info.
BRANCH=none
BUG=chrome-os-partner:55558
TEST=Queried version string using tpm_test
make -C test/tpm_test && sudo ./test/tpm_test/tpmtest.py
Starting MPSSE at 800 kHz
Connected to device vid:did:rid of 1ae0:0028:00
RO_A:* 0.0.2/d0c9abe3 RO_B: 0.0.2/13eda43f RW_A: cr50_ [...]
B2:0 cr50_v1.1.5013-ab0e228+ [...]
^^^^
Change-Id: Iaa1efe5dca441aca24f281f76c1f218e24c844be
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/365421
Reviewed-by: Vadim Bendebury <vbendeb@google.com>
The existing algorithm makes several assumptions for a particular
thermistor circuit. This patch introduces a more generic version
that can be used for multiple thermistors on a single board.
The idea is to approximate a curve produced by solving for voltage
measued by an ADC using the Steinhart-Hart equation. For a straight
line one only needs two data points. For a steady curve data
points can be distributed evenly. For the most part, though, data
points should be provided after a significant change in slope.
More data points give more accuracy at the expense of memory, and
we mostly only care about accuracy in the range between "warm"
and "too hot" so only a few data points should be used.
BUG=chrome-os-partner:54818
BRANCH=none
TEST=added unit test, needs real testing
Change-Id: I046e61dbfd1e8c26c2a533777f222f5413938556
Signed-off-by: David Hendricks <dhendrix@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/344781
Reviewed-by: Shawn N <shawnn@chromium.org>
The ancient native tests can't deal with board-specific
configurations, don't build them. We run generic changes with
host tests and board-specific cases by running on real hardware.
BUG=chrome-os-partner:55705
BRANCH=none
TEST=make BOARD=cr50 tests; make buildall; test on Cr50 hardware
Change-Id: I5eb7229ca9df16293d6f0f84b474d4c992277baf
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/363942
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
The SoC looks for two RO images at reset, and is typically
configured for two RW images as well. This CL reports version
strings for all those images, as well as identifying the active
RO and RW copies.
Since the RO image doesn't contain a version string, we create
one using the epoch_, major_, minor_, and img_chk_ members of its
signed header.
BUG=chrome-os-partner:55558
BRANCH=none
TEST=make buildall; run on Cr50 hardware
The "version" command now includes information like this:
RO_A: * 0.0.2/a3c3d5ea
RO_B: 0.0.2/8895c9eb
RW_A: cr50_v1.1.4965-a6c1c73-dirty
RW_B: * cr50_v1.1.4959-2f49d5c
The '*' indicates the active image.
The test/tpm_test/tpmtest.py program has been updated to request
the version information at startup, and it also now reports
similar information, just all on one line:
RO_A:* 0.0.2/a3c3d5ea RO_B: 0.0.2/8895c9eb RW_A: cr50_v1.1 ...
The active images are marked with a '*' following the ':', so
that the same regexp can match either format:
($ro, $rw) = m/RO_[AB]:\s*\*\s+(\S+).*RW_[AB]:\s*\*\s+(\S+)/s;
Change-Id: Ic27e295d9122045b2ec5a638933924b65ecc8e43
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/362861
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
During initialization the NvMem module looks for either a valid
partition or that the NvMem area is fully erased. If neither of
these two conditions were found, then it was only returning an
error code and logging a message to the console.
This CL modifies nvmem_init() so that if the error case as described
above is detected, then it will call nvmem_setup() which will
create two valid partitions. In addition, the setup function
erases all of the existing data in the NvMem space.
Enhanced the unit test that deals with both partitions being
corrupted so that it verifies the version numbers are correct
and that all user buffer data is set to 0xff.
BUG=chrome-os-partner:55536
BRANCH=None
TEST=Manual
Executed make runtests TEST_LIST_HOST=nvmem and verifed that all
tests passed.
Change-Id: Ib932e02f15bd1aad7811032a12d826c76476e53f
Signed-off-by: Scott <scollyer@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/362448
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Scott Collyer <scollyer@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Currently, the matrix keyboard protocol does not have support for
handling non-matrixed keys. This commit adds support for buttons which
do not appear in the keyboard matrix as well as switches.
Additionally, the keyboard FIFO is now just a general MKBP events FIFO
which MKBP events are free to use. Now, buttons and switches wil join
the key matrix event.
BUG=chrome-os-partner:54988
BUG=chrome-os-partner:54976
BUG=chromium:626863
BRANCH=None
TEST=Flash kevin, and verify that keyboard is still functional.
TEST=make -j buildall
CQ-DEPEND=CL:358926
Change-Id: If4ada904cbd5d77823a0710d4671484b198c9d91
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-on: https://chromium-review.googlesource.com/358633
Commit-Ready: Aseda Aboagye <aaboagye@chromium.org>
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The fix for SPI bus base address missed the tpm test driver, this patch
fixes the issue.
BRANCH=none
BUG=chrome-os-partner:54720
TEST=tpmtest.py connects over ftdi & tests pass
Change-Id: I5a59a6e089aee5a7c25466e0d183f3647c67343a
Signed-off-by: nagendra modadugu <ngm@google.com>
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356556
Add a test that verifies RSA keygen from a fixed seed and
template from the TCG EK Credential Profile spec.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=tests under test/tpmtest pass
Change-Id: I2f1cfb8460a0497c93079b89b9ff4e031eaff358
Reviewed-on: https://chromium-review.googlesource.com/356561
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Not everything with a temperature sensor uses thermal throttling. This
change modifies the conditional build to enable building temp sensor
source without thermal throttling.
BUG=none
BRANCH=none
TEST=make buildall -j
Change-Id: I8c0753f12899e9f203c04477ae520bcda40d5fd8
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356484
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
Added mutex lock for nvmem write/move operations. In the
current implementation, there is no single entry point
for the platform specific NvMem calls. The mutex lock is
coupled with a task number so that the same task can attempt
to grab the lock without stalling itself.
In addition to the mutex lock, changed where the cache.base_ptr
variable is updated. Previously, this was done prior to the
partition being copied from flash to the shared memory area.
Now, the variable is only updated after the copy so that read
operations will always read from the correctly from either
flash or from cache memory if a write operation has been
started.
BRANCH=none
BUG=chrome-os-partner:52520
TEST=Manual
make runtests TEST_LIST_HOST=nvmem and verify that all tests pass.
Tested with tcg_test utility to test reads/writes using the
command "build/test-tpm2/install/bin/compliance --ntpm
localhost:9883 --select CPCTPM_TC2_3_33_07_01".
Change-Id: Ib6f278ad889424f4df85e4a328da1f45c8d00730
Signed-off-by: Scott <scollyer@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/353026
Commit-Ready: Scott Collyer <scollyer@chromium.org>
Tested-by: Scott Collyer <scollyer@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Add a certificate verifier, so that endorsement
certificates may be verified upon installation.
Doing so allows for catching certificate errors early.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=all tests in test/tpm_test/tpmtest.py pass
Change-Id: I9339a6bc36e4d82ae875ce774e31848ae983fa1f
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/351031
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Add tests for RSA-1024, and created partner CRBUG/53893
to track issue discovered with 1024-bit modinv.
1024-bit RSA support being added in preparation
for a forthcoming hardware based implementation.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524,chrome-os-partner:53893
TEST=all tests in test/tpm_test/tpmtest.py pass
Change-Id: I6b5aaeffc9df1cbbe403535fd21cdd377b42c38e
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/348490
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Used #define CONFIG_FLASH_NVMEM to have functions in
/board/tpm2/NVMem.c utlitize on chip Nvmem functions.
On chip NV Memory availability is tied to an internal nvmem
error state which itself only depends on finding at least one
valid partition.
Added nvmem_is_different and nvmem_move functions which were
needed to complete the tpm2 platform interface. In addition,
added unit tests to support these two new functions.
BUG=chrome-os-partner:44745
BRANCH=none
TEST=manual
make runtests TEST_LIST_HOST=nvmem and verify that all tests pass.
Tested with tcg_test utility to test reads/writes using the
command "build/test-tpm2/install/bin/compliance --ntpm
localhost:9883 --select CPCTPM_TC2_3_33_07_01".
Change-Id: I475fdd1331e28ede00f9b674c7bee1536fa9ea48
Signed-off-by: Scott <scollyer@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/346236
Commit-Ready: Scott Collyer <scollyer@chromium.org>
Tested-by: Scott Collyer <scollyer@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Full implementation of NvMem read, write, and commit functions.
Includes partition definitions, shared memory allocation, and
initialization function.
Includes a set of unit tests located in ec/test/nvmem.c which
verify functionality.
This module is required by Cr50, however this CL does not
include any Cr50 specific code.
BUG=chrome-os-partner:44745
BRANCH=none
TEST=manual
make runtests TEST_LIST_HOST=nvmem and verify that all tests pass
Change-Id: I515b094f2179dbcb75dd11ab5b14434caad37edd
Signed-off-by: Scott <scollyer@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/345632
Commit-Ready: Scott Collyer <scollyer@chromium.org>
Tested-by: Scott Collyer <scollyer@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
The counter used for prime generation should be
incremented after each success / failure. Not doing
so results in duplicate primes being picked when
a label is explicitly specified.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=all tests in test/tpm_test/tpmtest.py pass
Change-Id: Ib2fd0e7fa6255b04946e6d2808e8c67a2199fb55
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/346056
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
When developing or tweaking tests, we almost always need to hack
the Makefiles so that "make runtests" doesn't run *EVERY* test
each time, but only the one we're playing with.
This CL just allows you to override the default test_list_host
values from the commandline. Of course, you shouldn't do this
except when testing the tests themselves.
BUG=none
BRANCH=none
TEST=manual
# build all boards and run all tests
make buildall -j14
# run all tests
make runtests
# run only the two specified tests
TEST_LIST_HOST="lightbar hooks" make runtests
Change-Id: Icd82c2c781a71a461a7d75bc4bd54944b0eaeed6
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/343003
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Prime generation uses a sieve to amortize division
with small primes. Otherwise this a standard
Miller-Rabin implementation.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=tests under test/tpm2 pass
Change-Id: I9f84d1f9c911f6146e4bd80296f75157a191552d
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/335222
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Implement _cpri__TestKeyRSA, which computes
the modulus and private exponent given a
pair of primes, or computes the second prime
and private exponent given the modulus and
one prime.
The _cpri__TestKeyRSA call is used to determine
whether the components of an RSA key match each other.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=tests in test/tpm/tpmtest.py pass
Change-Id: I2c68d844f4bab207588cbda5c962b09078519a1a
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/330466
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Previously calls to hook_call_deferred were passed the function to call,
which was then looked up in the .rodata.deferred section with a linear
search. This linear search can be replaced with a subtract by passing
the pointer to the deferred_data object created when DECLARE_DEFERRED
was invoked.
Signed-off-by: Anton Staaf <robotboy@chromium.org>
BRANCH=None
BUG=None
CQ-DEPEND=CL:*255812
TEST=make buildall -j
Change-Id: I951dd1541302875b102dd086154cf05591694440
Reviewed-on: https://chromium-review.googlesource.com/334315
Commit-Ready: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Add support for SHA256 based HKDF key
derivation as specified in RFC 5869. This
change includes test vectors from the RFC.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=tests under test/tpm2 pass
Change-Id: I7d0e4e92775b74c41643f45587fc08f56d8916aa
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/336091
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
The new debug board presents itself as a yet another USB device, it
uses interface 1 for SPI.
Add it to the table of devices we try to use.
BRANCH=none
BUG=none
TEST=./test/tpm_test/tpm_test.py now succeeds again.
Change-Id: Id14f17de6eff081bebed49d22ddc4b19cd39c2b0
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/338862
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
If the Cr50 is in deep sleep, it does a full warm boot when it
sees the SPS_CS_L assert. The master doesn't wait for it to
boot (because it doesn't know it has to) and starts clocking in
data bits right away. The Cr50 can't set up the SPS controller
quickly enough to capture those bits, so the first N bits/bytes
are lost and the master keeps clocking, waiting for the SPI
response which it will never get.
To be certain that the Cr50 is awake, this CL causes the
test (master) to assert SPS_CS_L briefly, then wait a little bit
for the Cr50 to wake up from deep sleep (50ms should be plenty),
and THEN it can send the rest of the SPI traffic.
The Cr50 won't enter deep sleep until it's been at least a second
since the last SPI activity, so we don't have to worry about it
going to sleep between SPI commands as long as they're not
terribly far apart.
The kernel driver will have to implement this same hack too,
since the SPI bus doesn't have a suspend/resume protocol like the
USB does. We've known this for some time. It would be nice if
this weren't needed, but it's a hardware constraint.
BUG=chrome-os-partner:49955, chrome-os-partner:52019, b:28018682
BRANCH=none
TEST=make buildall; test on Cr50
Ensure that the Cr50 invokes sleep or deep sleep when idle (refer
to previous commit messages for the setup required), then
cd test/tpm_test
make
./tpmtest.py
Before this CL, the test hung or failed because it couldn't get a
quick response from the Cr50. With this CL, the Cr50 wakes up and
the test passes.
Change-Id: I581475726313981a780beaaa37638e9c3b9ebec5
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/336837
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
NULL padding (aka vanilla RSA) support is required by
the TPM2 test suite (referred to as TPM_ALG_NULL in the
tpm2 source).
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=tests under test/tpm2 pass
Change-Id: I9848fad3b44add05a04810ecd178fbad20ae92cc
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/328830
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Nagendra Modadugu <ngm@google.com>
This adds USB support to Set and Get the Device Configuration.
These control transfers are standard device requests that need to
be added in order to behave properly for USB suspend/resume (and
in general). Before this CL, the Get command always failed and
the Set command had no effect internally. With this CL it works.
Note that this particular change only supports ONE configuration
for the Cr50. If/when we add additional configuration
descriptors, we'll need to update it again.
BUG=chrome-os-partner:50721
BRANCH=none
TEST=make buildall; manual tests on Cr50
This CL includes a test program. Connect the Cr50 to the build
host, and use that program to read and change the configuration.
cd test/usb_test
make
./device_configuration
./device_configuration 0
./device_configuration 1
./device_configuration 2
You may need to use sudo if your device permissions aren't sufficient.
Change-Id: Id65e70265f0760b1b374005dfcddc88e66a933f6
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/335878
Reviewed-by: Scott Collyer <scollyer@chromium.org>
It was observed that the b1 test board falls into bootstrap mode once
the reset button is pressed after a firmware upgrade.
The reason turns out to be that the wrong lead was considered to be
the reset pin, the BIO4, responsible for bootstrapping, was used
instead of the reset pin.
Come to think of it, there is no need to reset the device each time
the FTDI SPI interface is initialized. Let's just drive the bootsrtap
pin to the correct level and not generate the reset pulse at all.
BRANCH=none
BUG=chrome-os-partner:37754
TEST=pressing the reset button on the b1 board now properly restarts
the device.
Change-Id: I123dad8043807c8ff01e12254f9efc2f0d1aaa13
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/328811
Reviewed-by: Marius Schilder <mschilder@chromium.org>
This extends the test harness with a test verifying firmware upgrade.
The test in fact just determines the area available for upgrade, picks
the appropriate image and sends it to the device, 1K at a time.
The test does not verify that the device in fact switched to the new
image, the test succeeds if the device accepts all update messages.
BRANCH=none
BUG=chrome-os-partner:37774
TEST=verified that all tests still pass:
$ ./test/tpm_test/tpmtest.py
Starting MPSSE at 800 kHz
Connected to device vid:did:rid of 1ae0:0028:00
SUCCESS: AES:ECB common
SUCCESS: AES:ECB128 1
SUCCESS: AES:ECB192 1
SUCCESS: AES:ECB256 1
SUCCESS: AES:ECB256 2
SUCCESS: AES:CTR128I 1
SUCCESS: AES:CTR256I 1
SUCCESS: EC-SIGN:NIST-P256:ECDSA
New max timeout: 1 s
SUCCESS: EC-KEYGEN:NIST-P256
SUCCESS: EC-KEYDERIVE:NIST-P256
SUCCESS: sha1:single:0
SUCCESS: sha256:single:0
SUCCESS: sha1:single:3
SUCCESS: sha256:single:3
SUCCESS: sha256:finish:1
SUCCESS: sha1:finish:3
SUCCESS: sha256:finish:2
-New max timeout: 3 s
SUCCESS: RSA-ENC:OAEP:SHA1:768
SUCCESS: RSA-ENC:OAEP:SHA256:768
SUCCESS: RSA-ENC:PKCS1-ES:NONE:768
New max timeout: 49 s
SUCCESS: RSA-ENC:PKCS1-ES:NONE:2048
SUCCESS: RSA-SIGN:PKCS1-SSA:SHA1:768
SUCCESS: RSA-SIGN:PKCS1-SSA:SHA256:768
SUCCESS: Firmware upgrade
Change-Id: I49052feb8e97a3e281bb20b7fddc359a55e96ae3
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/327416
Reviewed-by: Nagendra Modadugu <ngm@google.com>
The ultra debug board uses a different FTDI chip (vid:did 0403:6010),
which has two ports.
The SPI interface on this chip is hooked up to the second port, but
the code indiscriminately uses the first port when trying to open the
SPI channel, on all devices known to it.
Adding a new field in the supported_devices table allows to keep
default behavior, but use port B (the second port) when required.
Also, fix printout formatting problem.
BRANCH=none
BUG=chrome-os-partner:37754
TEST=tpmtest succeeds with the new board
Change-Id: I01f7937444c8df61d7439a66d9da89fb2cac5372
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/327232
Commit-Ready: Marius Schilder <mschilder@chromium.org>
Tested-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
There is no point in defining tpm test exception classes per test
type, one common class is enough, especially if the source module of
the exception is reported.
BRANCH=none
BUG=none
TEST=tried running the test without the USB FTDI cable plugged in, got
the following error message:
$ ./test/tpm_test/tpmtest.py
Starting MPSSE at 800 kHz
Error in tpmtest.py:54: Failed to connect
$
Change-Id: I5642aa70c8a581099887b58e3a436d7f8d7608a1
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/327300
Reviewed-by: Nagendra Modadugu <ngm@google.com>
For some reason the default linker does not find libftdi1 anymore.
Other Chrome OS packages linking to this library still build just
fine, it turns out they are using the default gcc for linking.
Let's do the same for building tpmtest library.
BRANCH=none
BUG=none
TEST=the following sequence now works fine:
cd test/tmp_test
touch *
make
and the resulting library allows to successfully run TPM tests on
the b1 board.
Change-Id: I10fe51a4747a3527b500d3255d8347e6a689c345
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/327065
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
The implementation for sha256_hash() copied
and incorrect number of bytes to the output.
This change provides a fix and a test.
TEST=added test case
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
Change-Id: I74e98c6f5005a14dd5c0ca19ea7540622dd6c7d7
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/324391
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Previously the flash test used the GPIO string name to identify the
write protect GPIO. Change to use the GPIO signal enum. This is faster
and removes a use of gpio_list.
Signed-off-by: Anton Staaf <robotboy@chromium.org>
BRANCH=None
BUG=None
TEST=make buildall -j
Change-Id: I4203c33cfa6d2b25d73d886b5248857a0c271565
Reviewed-on: https://chromium-review.googlesource.com/321913
Commit-Ready: Anton Staaf <robotboy@chromium.org>
Tested-by: Anton Staaf <robotboy@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Includes support for encrypt / decrypt,
and sign / verify; padding schemes OAEP /
PKCS1; supporting bignum library.
RSA key sizes must be a multiple of 32-bits
(with the top bit set). Keying material,
input and output buffers are required to be
word-aligned.
BRANCH=none
TEST=added encrypt/decrypt sign/verify tests, compatibility with openssl tested
BUG=chrome-os-partner:43025,chrome-os-partner:47524
Change-Id: I6bc324c651e3178bb45bb75ab5935d9bc07efbce
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/316942
Commit-Ready: Marius Schilder <mschilder@chromium.org>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
For TCPMs with an off chip TCPC, PD MCU host event status can be handled
in a common way. When a status flag is updated (ex. from
charge_manager), notify the AP through the host event, and save the
status flag for later retrieval.
BUG=chrome-os-partner:49124
BRANCH=None
TEST=Verify `cat /sys/class/power_supply/CROS_USB_PD_CHARGER1/online` on
chell reflects the actual online status of the charger. Also verify UI
charge icon tracks the online status correctly.
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Change-Id: I63bc70205627474590e38ffd282faedaea3bcc66
Reviewed-on: https://chromium-review.googlesource.com/320796
Commit-Ready: Shawn N <shawnn@chromium.org>
Tested-by: Shawn N <shawnn@chromium.org>
Reviewed-by: Benson Leung <bleung@chromium.org>
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
The new module generates hash test extension subcommands, driven by
the 'test_inputs' table.
Each table entry is a tuple, including the test name and the data to
be hashed. The test name determines the hash type (sha1 or sha256) and
the test mode (single or spread over several messages). The last
element of the name is the context number (ignored in single message
mode).
The hash extended command payload looks as follows:
field | size | note
===================================================================
hash_cmd | 1 | 0 - start, 1 - cont., 2 - finish, 4 - single
hash_mode | 1 | 0 - sha1, 1 - sha256
handle | 1 | session handle, ignored in 'single' mode
text_len | 2 | size of the text to process, big endian
text | text_len | text to hash
BRANCH=none
BUG=chrome-os-partner:43025
TEST=currently failing, a couple of hash code tweaks needed, see
upcoming patches.
Change-Id: Ie992bf01cae3c5278110357b482370b2fc11c70f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/314693
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This is a no-op change moving some common code out of tpmtest.py,
preparing it to support different testing modes.
BRANCH=none
BUG=chrome-os-partner:43025
TEST=the AES test still succeeds:
$ test/tpm_test/tpmtest.py
Starting MPSSE at 800 kHz
Connected to device vid:did:rid of 1ae0:0028:00
SUCCESS: AES:ECB common
SUCCESS: AES:ECB128 1
SUCCESS: AES:ECB192 1
SUCCESS: AES:ECB256 1
SUCCESS: AES:ECB256 2
SUCCESS: AES:CTR128I 1
SUCCESS: AES:CTR256I 1
Change-Id: Ia6e0e3e89f99875297da0a4f6137de5901c8ca08
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/314691
Reviewed-by: Randall Spangler <rspangler@chromium.org>
The extended command code is fixed, there is no need to pass it as a
parameter when calling functions wrapping and unwrapping extended
commands.
BRANCH=none
BUG=chrome-os-partner:43025
TEST=AES tests still pass:
$ ./test/tpm_test/tpmtest.py
Starting MPSSE at 800 kHz
Connected to device vid:did:rid of 1ae0:0028:00
SUCCESS: AES:ECB common
SUCCESS: AES:ECB128 1
SUCCESS: AES:ECB192 1
SUCCESS: AES:ECB256 1
SUCCESS: AES:ECB256 2
SUCCESS: AES:CTR128I 1
-New max timeout: 1 s
SUCCESS: AES:CTR256I 1
Change-Id: Ic0c9d7983755de8380b57e841891fd638ef2c62a
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/314690
Reviewed-by: Nagendra Modadugu <ngm@google.com>
The utility builds on the extended command protocol recently
introduced in the EC and allows to test implementation of various
cryptographic primitives available on CR50.
This patch brings in the ftdi_spi_tpm.c and mpsse.c from the AOSP
trunksd package. mpsse.c has been modified to limit its feature set
(no i2c or bigbang support, only SPI0 mode), and ftdit_spi_tpm.c has
been modified to properly present binary strings to the Python swig
wrapper.
The crypro_test.xml file includes descriptions of the tests to perform
on the target. Most of its contents other than the first crypto_test
element are borrowed from NIST AES test vectors set. See file header
for description of the contents format.
The actual test command is the tpmtest.py. When started it establishes
connection with the device, and then reads test vectors from
crypto_test.xml and executes them one at a time.
Starting the test program with the -d command line argument enables
debug output sent to the console.
There are some other programs in ./extras which use the mpsse.c from
AOSP, they will have to be modified to use the local copy.
BRANCH=none
BUG=chrome-os-partner:43025
TEST=ran the following in the directory:
$ make # output suppressed
$ ./tpmtest.py
Starting MPSSE at 800 kHz
Connected to device vid:did:rid of 1ae0:0028:00
\New max timeout: 1 s
SUCCESS: AES:ECB common
SUCCESS: AES:ECB128 1
SUCCESS: AES:ECB192 1
SUCCESS: AES:ECB256 1
SUCCESS: AES:ECB256 2
SUCCESS: AES:CTR128I 1
SUCCESS: AES:CTR256I 1
- temporarily corrupted the contents of the clear_text element of 'AES:ECB common':
$ ./tpmtest.py
Starting MPSSE at 800 kHz
Connected to device vid:did:rid of 1ae0:0028:00
|
Out text mismatch in node AES:ECB common, operation 1:
In text:
74 68 69 73 20 20 69 73 20 74 68 65 20 74 65 78
74 20 77 68 69 63 68 20 77 69 6c 6c 20 62 65 20
65 6e 63 72 79 70 74 65 64 20 69 66 20 65 76 65
72 79 74 68 69 6e 67 20 69 73 20 67 6f 69 6e 67
20 66 69 6e 65 2e 20
Expected out text:
3d e2 0f f9 ee d9 62 ce f0 8a 17 57 c6 04 86 d0
3d ec 44 72 d8 79 18 87 3f 31 81 6d 66 4c bb 10
da 8d e0 9f 63 67 b3 cc 64 b4 e8 bd 12 b0 a9 c9
09 6d f0 9f a4 e2 ae fb 0d fe 1c 90 6c e2 fe f0
68 8f b5 34 07 76 e2 a9 72 8e dd 7b 8b 52 2b 8b
Real out text:
f9 50 fe 93 c9 3f cb e5 9e e0 a4 7e 51 1a bb a0
36 2f d1 d6 5f a8 1d 22 5a 1a bb f7 e6 65 89 55
ad e8 f5 8f 1a 20 ff a5 c4 de 76 3e b8 ef cc 8d
9d 94 b8 89 22 1c c9 2a 43 58 c3 8c 75 9f 9f 56
ab 2f 89 1a f6 a0 36 8b 95 23 91 d6 23 47 77 36
Change-Id: I2687ac03236b528e71b92df7cb35606e473ab2c5
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/313443
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
To ease finer calculation of ec rate change units from
ms to us.
BRANCH=smaug
BUG=b:24367625
TEST=compile
Change-Id: I52057c8ca1b1180a64b58d1ba0af9ec53f40b026
Signed-off-by: Gwendal Grignou <gwendal@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/312984
