coreboot.git - my copy of coreboot

Age	Commit message (Collapse)	Author
2019-02-13	coreboot: check Cr50 PM mode on normal boot	Keith Short
	Under some scenarios the key ladder on the Cr50 can get disabled. If this state is detected, trigger a reboot of the Cr50 to restore full TPM functionality. BUG=b:121463033 BRANCH=none TEST=Built coreboot on sarien and grunt platforms. TEST=Ran 'gsctool -a -m disable' and reboot. Verified coreboot sends VENDOR_CC_IMMEDIATE_RESET command to Cr50 and that the Cr50 resets and then the platform boots normally. TEST=Performed Cr50 rollback to 0.0.22 which does not support the VENDOR_CC_TPM_MODE command, confirmed that platform boots normally and the coreboot log captures the unsupported command. Tested-by: Keith Short <keithshort@chromium.org> Change-Id: I70e012efaf1079d43890e909bc6b5015bef6835a Signed-off-by: Keith Short <keithshort@chromium.org> Reviewed-on: https://review.coreboot.org/c/31260 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-01-25	vendorcode/google/chromeos: Add mainboard hook before cr50 update	Duncan Laurie
	In order to allow the mainboard to configure the system before a cr50 initiated update reset add a weak function that the mainboard can override if necessary. This will allow a board that would otherwise be configured to stay off after an EC reset to instead power up after the reset and not end up in a shut down state after a cr50 update. BUG=b:121380403 TEST=update cr50 firmware on sarien and reboot Change-Id: I11f9e8c9bfe810f69b4eaa2c633252c25004cbd0 Signed-off-by: Duncan Laurie <dlaurie@google.com> Reviewed-on: https://review.coreboot.org/c/31057 Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-10-15	vc/google/chromeos/ec: remove EC hibernate in cr50 update path	Aaron Durbin
	More platforms are not able to hibernate under certain circumstances, such as when AC is plugged. This original path was conservatively put in to prevent potential damage when cr50-update-caused asynchronous resets occur. Julius' compelling argument that async resets from recovery mode requests should have enough coverage of the design over the course of project development. Remove the hibernate path and assume all is well going forward. Change-Id: I37121e75ff4e6abcb41d8534a1eccf0788ce2ea2 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/29076 Reviewed-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Jett Rink <jettrink@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-08-17	cr50: Allow boards to disable powering off EC on cr50 update	Daisuke Nojiri
	This patch allows boards to disable turning off EC on cr50 update. If CR50 resets the whole system, an EC reset is not required. BUG=b:112604277 BRANCH=none TEST=gsctool -a -u /media/removable/cr50.bin && reboot Verify EC reboots. AP prints 'Waiting for CR50 reset to pick up update' then reboots. Change-Id: I60a7aa50a549e7a5a1a114245fbf7b9646d813bb Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/28110 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-01-18	security/tpm: Change TPM naming for different layers.	Philipp Deppenwiese
	* Rename tlcl* to tss* as tpm software stack layer. * Fix inconsistent naming. Change-Id: I206dd6a32dbd303a6d4d987e424407ebf5c518fa Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22104 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2018-01-18	security/tpm: Move tpm TSS and TSPI layer to security section	Philipp Deppenwiese
	* Move code from src/lib and src/include into src/security/tpm * Split TPM TSS 1.2 and 2.0 * Fix header includes * Add a new directory structure with kconfig and makefile includes Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22103 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-12-08	cr50: Make EC clear AP_OFF before hibnernate	Daisuke Nojiri
	This patch makes AP send EC_REBOOT_HIBERNATE_CLEAR_AP_OFF, which makes EC clear AP_OFF flag then hibernate. This is needed to make Chromebox boot when cr50 toggles the EC's reset line after TURN_UPDATE_ON command. BUG=b:69721737 BRANCH=none CQ-DEPEND=CL:802632 TEST=Verify Fizz reboot after cr50 update. Change-Id: I5f590286393ac21382cab64afdccae92d3fc14ba Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/22657 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-12-04	security/vboot: Guard google_chromeec_reboot by if clause	Daisuke Nojiri
	794d222886 "cr50_enable_update: Add printk before EC hibernate" inserted printk and kicked out google_chromeec_reboot from the if-clause. This patch fixes it. BUG=none BRANCH=none TEST=none Change-Id: I058e929e2acd883d2265b2ab019743e3849cb3af Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/22668 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-10-22	security/vboot: Move vboot2 to security kconfig section	Philipp Deppenwiese
	This commit just moves the vboot sources into the security directory and fixes kconfig/makefile paths. Fix vboot2 headers Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22074 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2017-10-20	cr50_enable_update: Add printk before EC hibernate	Shelley Chen
	Add printout before EC hibernates during a cr50 update to clarify that failure is due to EC rather than cr50. Ran into a situation where DUT shut down during cr50 update and the EC was the culprit. BUG=None BRANCH=None TEST=None Change-Id: I54813fec123de69604d1da4dfc65eaeb77d1662e Signed-off-by: Shelley Chen <shchen@chromium.org> Reviewed-on: https://review.coreboot.org/22120 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-05-05	cr50: check if the new image needs to be enabled and act on it	Vadim Bendebury
	The AP sends the Cr50 a request to enable the new firmware image. If the new Cr50 image was found and enabled, the AP expects the Cr50 to reset the device in 1 second. While waiting for the Cr50 to reset, the AP logs a newly defined event and optionally shuts down the system. By default the x86 systems power off as shutting those systems down is not board specific. BRANCH=gru,reef BUG=b:35580805 TEST=built a reef image, observed that in case cr50 image is updated, after the next reboot the AP stops booting before loading depthcharge, reports upcoming reset and waits for it. Once the system is booted after that, the new event can be found in the log: localhost ~ # mosys eventlog list ... 7 \| 2017-03-23 18:42:12 \| Chrome OS Developer Mode 8 \| 2017-03-23 18:42:13 \| Unknown \| 0xac 9 \| 2017-03-23 18:42:21 \| System boot \| 46 ... Change-Id: I45fd6058c03f32ff8edccd56ca2aa5359d9b21b1 Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/18946 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>