scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2026-01-10 17:41:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
406302ffb09ecd0fa300b8faafea8e5cdcc1db07
OpenCellular/include/tpm_vendor_cmds.h
Aseda Aboagye c191bf9f4d cr50: Add vendor cmd to query rec btn state. 
In order to test certain devices in the test lab using cased closed
debugging (CCD), we need a mechanism to programmatically "press" the
recovery button.  Even though this signal is being buffered through the
EC to the AP, and the EC could theoretically set it if needed, we cannot
trust the EC in its RO image since it may speak to the outside world
over USB PD.

Instead, this commit introduces a console command on cr50 that can be
used to force the recovery button state to be pressed.  However, it is
gated behind the CCD capabilities defaulting to the IfOpened state.
Additionally, a new vendor command is added to query the trusted state
of the recovery button.  The AP should use this command instead of
trusting the GPIO connected to it.

BUG=b:37751915, b:64146626
BRANCH=cr50
TEST=Flash cr50.  Press KEY0, verify that reported rec btn follows the
state of the button.
TEST=`recbtnforce enable` causes the button to be reported as pressed.
Physical presses of the button do not alter the reported state.
TEST=`recbtnforce disable` causes the reported state to follow that of
the physical button.
TEST=The `recbtnforce` command is set to the IfOpened capability by
default.
TEST=CCD locking the DUT and attempting to force the recovery button
results in an error of access denied.  The physical state is reported.
TEST=From the AP, issue the vendor command to retrieve the button state
and verify that it behaves as expected.

Change-Id: Ib8c2928e75e5f9a1a83c5361664efc3fa0ae2ddb
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-on: https://chromium-review.googlesource.com/635955
Commit-Ready: Aseda Aboagye <aaboagye@chromium.org>
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
2017-08-29 22:08:19 -07:00

100 lines
2.9 KiB
C
Raw Blame History

/* Copyright 2016 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*/
#ifndef __INCLUDE_TPM_VENDOR_CMDS_H
#define __INCLUDE_TPM_VENDOR_CMDS_H
/*
* This file includes definitions of extended/vendor TPM2 commands and their
* return codes. The definitions are shared between the embedded code and the
* usb_updater utility running on the host.
*/
/* Extension and vendor commands. */
enum vendor_cmd_cc {
/* Original extension commands */
EXTENSION_AES = 0,
EXTENSION_HASH = 1,
EXTENSION_RSA = 2,
EXTENSION_ECC = 3,
EXTENSION_FW_UPGRADE = 4,
EXTENSION_HKDF = 5,
EXTENSION_ECIES = 6,
EXTENSION_POST_RESET = 7,
LAST_EXTENSION_COMMAND = 15,
/* Our TPMv2 vendor-specific command codes. 16 bits available. */
VENDOR_CC_GET_LOCK = 16,
VENDOR_CC_SET_LOCK = 17,
VENDOR_CC_SYSINFO = 18,
VENDOR_CC_IMMEDIATE_RESET = 19,
VENDOR_CC_INVALIDATE_INACTIVE_RW = 20,
VENDOR_CC_COMMIT_NVMEM = 21,
/* A gap left for the deep sleep control command. */
VENDOR_CC_REPORT_TPM_STATE = 23,
VENDOR_CC_TURN_UPDATE_ON = 24,
VENDOR_CC_GET_BOARD_ID = 25,
VENDOR_CC_SET_BOARD_ID = 26,
VENDOR_CC_U2F_APDU = 27,
VENDOR_CC_POP_LOG_ENTRY = 28,
VENDOR_CC_GET_REC_BTN = 29,
LAST_VENDOR_COMMAND = 65535,
};
/* Error codes reported by extension and vendor commands. */
enum vendor_cmd_rc {
/* EXTENSION_HASH error codes */
/* Attempt to start a session on an active handle. */
EXC_HASH_DUPLICATED_HANDLE = 1,
EXC_HASH_TOO_MANY_HANDLES = 2, /* No room to allocate a new context. */
/* Continuation/finish on unknown context. */
EXC_HASH_UNKNOWN_CONTEXT = 3,
/* Our TPMv2 vendor-specific response codes. */
VENDOR_RC_SUCCESS = 0,
VENDOR_RC_BOGUS_ARGS = 1,
VENDOR_RC_READ_FLASH_FAIL = 2,
VENDOR_RC_WRITE_FLASH_FAIL = 3,
VENDOR_RC_REQUEST_TOO_BIG = 4,
VENDOR_RC_RESPONSE_TOO_BIG = 5,
VENDOR_RC_INTERNAL_ERROR = 6,
/* Only 7 bits available; max is 127 */
VENDOR_RC_NO_SUCH_COMMAND = 127,
};
/*
* The TPMv2 Spec mandates that vendor-specific command codes have bit 29 set,
* while bits 15-0 indicate the command. All other bits should be zero.
* We will define one of those 16-bit command values for Cr50 purposes, and use
* the subcommand_code in struct tpm_cmd_header to further distinguish the
* desired operation.
*/
#define TPM_CC_VENDOR_BIT_MASK 0x20000000
#define VENDOR_CC_MASK 0x0000ffff
/* Our vendor-specific command codes go here */
#define TPM_CC_VENDOR_CR50 0x0000
/*
* The TPM response code is all zero for success.
* Errors are a little complicated:
*
* Bits 31:12 must be zero.
*
* Bit 11 S=0 Error
* Bit 10 T=1 Vendor defined response code
* Bit 9 r=0 reserved
* Bit 8 V=1 Conforms to TPMv2 spec
* Bit 7 F=0 Confirms to Table 14, Format-Zero Response Codes
* Bits 6:0 num 128 possible failure reasons
*/
#define VENDOR_RC_ERR 0x00000500
#endif /* __INCLUDE_TPM_VENDOR_CMDS_H */
Reference in New Issue View Git Blame Copy Permalink