1
2
3
4
5
6
7
8#include <common.h>
9#include <cros_ec.h>
10#include <dm.h>
11#include <ec_commands.h>
12#include <errno.h>
13#include <hash.h>
14#include <malloc.h>
15#include <os.h>
16#include <u-boot/sha256.h>
17#include <spi.h>
18#include <asm/state.h>
19#include <asm/sdl.h>
20#include <linux/input.h>
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53#define KEYBOARD_ROWS 8
54#define KEYBOARD_COLS 13
55
56
57struct ec_keymatrix_entry {
58 int row;
59 int col;
60 int keycode;
61};
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76struct ec_state {
77 u8 vbnv_context[EC_VBNV_BLOCK_SIZE_V2];
78 struct fdt_cros_ec ec_config;
79 uint8_t *flash_data;
80 int flash_data_len;
81 enum ec_current_image current_image;
82 int matrix_count;
83 struct ec_keymatrix_entry *matrix;
84 uint8_t keyscan[KEYBOARD_COLS];
85 bool recovery_req;
86} s_state, *g_state;
87
88
89
90
91
92
93
94
95
96
97static int cros_ec_read_state(const void *blob, int node)
98{
99 struct ec_state *ec = &s_state;
100 const char *prop;
101 int len;
102
103
104 ec->current_image = EC_IMAGE_RO;
105 if (!blob)
106 return 0;
107
108
109 ec->current_image = fdtdec_get_int(blob, node, "current-image",
110 EC_IMAGE_RO);
111 prop = fdt_getprop(blob, node, "vbnv-context", &len);
112 if (prop && len == sizeof(ec->vbnv_context))
113 memcpy(ec->vbnv_context, prop, len);
114
115 prop = fdt_getprop(blob, node, "flash-data", &len);
116 if (prop) {
117 ec->flash_data_len = len;
118 ec->flash_data = os_malloc(len);
119 if (!ec->flash_data)
120 return -ENOMEM;
121 memcpy(ec->flash_data, prop, len);
122 debug("%s: Loaded EC flash data size %#x\n", __func__, len);
123 }
124
125 return 0;
126}
127
128
129
130
131
132
133
134
135
136
137static int cros_ec_write_state(void *blob, int node)
138{
139 struct ec_state *ec = g_state;
140
141
142 fdt_setprop_u32(blob, node, "current-image", ec->current_image);
143 fdt_setprop(blob, node, "vbnv-context", ec->vbnv_context,
144 sizeof(ec->vbnv_context));
145 return state_setprop(node, "flash-data", ec->flash_data,
146 ec->ec_config.flash.length);
147}
148
149SANDBOX_STATE_IO(cros_ec, "google,cros-ec", cros_ec_read_state,
150 cros_ec_write_state);
151
152
153
154
155
156
157
158
159
160
161
162
163
164static int get_image_used(struct ec_state *ec, struct fmap_entry *entry)
165{
166 int size;
167
168
169
170
171
172
173 for (size = entry->length - 1;
174 size > 0 && ec->flash_data[entry->offset + size] != 0xea;
175 size--)
176 ;
177
178 return size ? size + 1 : 0;
179}
180
181
182
183
184
185
186
187
188
189
190
191static int keyscan_read_fdt_matrix(struct ec_state *ec, ofnode node)
192{
193 const u32 *cell;
194 int upto;
195 int len;
196
197 cell = ofnode_get_property(node, "linux,keymap", &len);
198 ec->matrix_count = len / 4;
199 ec->matrix = calloc(ec->matrix_count, sizeof(*ec->matrix));
200 if (!ec->matrix) {
201 debug("%s: Out of memory for key matrix\n", __func__);
202 return -1;
203 }
204
205
206 for (upto = 0; upto < ec->matrix_count; upto++) {
207 struct ec_keymatrix_entry *matrix = &ec->matrix[upto];
208 u32 word;
209
210 word = fdt32_to_cpu(*cell++);
211 matrix->row = word >> 24;
212 matrix->col = (word >> 16) & 0xff;
213 matrix->keycode = word & 0xffff;
214
215
216 if (matrix->row >= KEYBOARD_ROWS ||
217 matrix->col >= KEYBOARD_COLS) {
218 debug("%s: Matrix pos out of range (%d,%d)\n",
219 __func__, matrix->row, matrix->col);
220 return -1;
221 }
222 }
223
224 if (upto != ec->matrix_count) {
225 debug("%s: Read mismatch from key matrix\n", __func__);
226 return -1;
227 }
228
229 return 0;
230}
231
232
233
234
235
236
237
238
239
240static int cros_ec_keyscan(struct ec_state *ec, uint8_t *scan)
241{
242 const struct ec_keymatrix_entry *matrix;
243 int bytes = KEYBOARD_COLS;
244 int key[8];
245 int count;
246 int i;
247
248 memset(ec->keyscan, '\0', bytes);
249 count = sandbox_sdl_scan_keys(key, ARRAY_SIZE(key));
250
251
252 for (i = 0, matrix = ec->matrix; i < ec->matrix_count; i++, matrix++) {
253 bool found;
254 int j;
255
256 for (found = false, j = 0; j < count; j++) {
257 if (matrix->keycode == key[j])
258 found = true;
259 }
260
261 if (found) {
262 debug("%d: %d,%d\n", matrix->keycode, matrix->row,
263 matrix->col);
264 ec->keyscan[matrix->col] |= 1 << matrix->row;
265 }
266 }
267
268 memcpy(scan, ec->keyscan, bytes);
269 return bytes;
270}
271
272
273
274
275
276
277
278
279
280
281
282static int process_cmd(struct ec_state *ec,
283 struct ec_host_request *req_hdr, const void *req_data,
284 struct ec_host_response *resp_hdr, void *resp_data)
285{
286 int len;
287
288
289 debug("EC command %#0x\n", req_hdr->command);
290
291 switch (req_hdr->command) {
292 case EC_CMD_HELLO: {
293 const struct ec_params_hello *req = req_data;
294 struct ec_response_hello *resp = resp_data;
295
296 resp->out_data = req->in_data + 0x01020304;
297 len = sizeof(*resp);
298 break;
299 }
300 case EC_CMD_GET_VERSION: {
301 struct ec_response_get_version *resp = resp_data;
302
303 strcpy(resp->version_string_ro, "sandbox_ro");
304 strcpy(resp->version_string_rw, "sandbox_rw");
305 resp->current_image = ec->current_image;
306 debug("Current image %d\n", resp->current_image);
307 len = sizeof(*resp);
308 break;
309 }
310 case EC_CMD_VBNV_CONTEXT: {
311 const struct ec_params_vbnvcontext *req = req_data;
312 struct ec_response_vbnvcontext *resp = resp_data;
313
314 switch (req->op) {
315 case EC_VBNV_CONTEXT_OP_READ:
316
317 memcpy(resp->block, ec->vbnv_context,
318 EC_VBNV_BLOCK_SIZE);
319 len = 16;
320 break;
321 case EC_VBNV_CONTEXT_OP_WRITE:
322
323 memcpy(ec->vbnv_context, req->block,
324 EC_VBNV_BLOCK_SIZE);
325 len = 0;
326 break;
327 default:
328 printf(" ** Unknown vbnv_context command %#02x\n",
329 req->op);
330 return -1;
331 }
332 break;
333 }
334 case EC_CMD_REBOOT_EC: {
335 const struct ec_params_reboot_ec *req = req_data;
336
337 printf("Request reboot type %d\n", req->cmd);
338 switch (req->cmd) {
339 case EC_REBOOT_DISABLE_JUMP:
340 len = 0;
341 break;
342 case EC_REBOOT_JUMP_RW:
343 ec->current_image = EC_IMAGE_RW;
344 len = 0;
345 break;
346 default:
347 puts(" ** Unknown type");
348 return -1;
349 }
350 break;
351 }
352 case EC_CMD_HOST_EVENT_GET_B: {
353 struct ec_response_host_event_mask *resp = resp_data;
354
355 resp->mask = 0;
356 if (ec->recovery_req) {
357 resp->mask |= EC_HOST_EVENT_MASK(
358 EC_HOST_EVENT_KEYBOARD_RECOVERY);
359 }
360
361 len = sizeof(*resp);
362 break;
363 }
364 case EC_CMD_VBOOT_HASH: {
365 const struct ec_params_vboot_hash *req = req_data;
366 struct ec_response_vboot_hash *resp = resp_data;
367 struct fmap_entry *entry;
368 int ret, size;
369
370 entry = &ec->ec_config.region[EC_FLASH_REGION_ACTIVE];
371
372 switch (req->cmd) {
373 case EC_VBOOT_HASH_RECALC:
374 case EC_VBOOT_HASH_GET:
375 size = SHA256_SUM_LEN;
376 len = get_image_used(ec, entry);
377 ret = hash_block("sha256",
378 ec->flash_data + entry->offset,
379 len, resp->hash_digest, &size);
380 if (ret) {
381 printf(" ** hash_block() failed\n");
382 return -1;
383 }
384 resp->status = EC_VBOOT_HASH_STATUS_DONE;
385 resp->hash_type = EC_VBOOT_HASH_TYPE_SHA256;
386 resp->digest_size = size;
387 resp->reserved0 = 0;
388 resp->offset = entry->offset;
389 resp->size = len;
390 len = sizeof(*resp);
391 break;
392 default:
393 printf(" ** EC_CMD_VBOOT_HASH: Unknown command %d\n",
394 req->cmd);
395 return -1;
396 }
397 break;
398 }
399 case EC_CMD_FLASH_PROTECT: {
400 const struct ec_params_flash_protect *req = req_data;
401 struct ec_response_flash_protect *resp = resp_data;
402 uint32_t expect = EC_FLASH_PROTECT_ALL_NOW |
403 EC_FLASH_PROTECT_ALL_AT_BOOT;
404
405 printf("mask=%#x, flags=%#x\n", req->mask, req->flags);
406 if (req->flags == expect || req->flags == 0) {
407 resp->flags = req->flags ? EC_FLASH_PROTECT_ALL_NOW :
408 0;
409 resp->valid_flags = EC_FLASH_PROTECT_ALL_NOW;
410 resp->writable_flags = 0;
411 len = sizeof(*resp);
412 } else {
413 puts(" ** unexpected flash protect request\n");
414 return -1;
415 }
416 break;
417 }
418 case EC_CMD_FLASH_REGION_INFO: {
419 const struct ec_params_flash_region_info *req = req_data;
420 struct ec_response_flash_region_info *resp = resp_data;
421 struct fmap_entry *entry;
422
423 switch (req->region) {
424 case EC_FLASH_REGION_RO:
425 case EC_FLASH_REGION_ACTIVE:
426 case EC_FLASH_REGION_WP_RO:
427 entry = &ec->ec_config.region[req->region];
428 resp->offset = entry->offset;
429 resp->size = entry->length;
430 len = sizeof(*resp);
431 printf("EC flash region %d: offset=%#x, size=%#x\n",
432 req->region, resp->offset, resp->size);
433 break;
434 default:
435 printf("** Unknown flash region %d\n", req->region);
436 return -1;
437 }
438 break;
439 }
440 case EC_CMD_FLASH_ERASE: {
441 const struct ec_params_flash_erase *req = req_data;
442
443 memset(ec->flash_data + req->offset,
444 ec->ec_config.flash_erase_value,
445 req->size);
446 len = 0;
447 break;
448 }
449 case EC_CMD_FLASH_WRITE: {
450 const struct ec_params_flash_write *req = req_data;
451
452 memcpy(ec->flash_data + req->offset, req + 1, req->size);
453 len = 0;
454 break;
455 }
456 case EC_CMD_MKBP_STATE:
457 len = cros_ec_keyscan(ec, resp_data);
458 break;
459 case EC_CMD_ENTERING_MODE:
460 len = 0;
461 break;
462 default:
463 printf(" ** Unknown EC command %#02x\n", req_hdr->command);
464 return -1;
465 }
466
467 return len;
468}
469
470int cros_ec_sandbox_packet(struct udevice *udev, int out_bytes, int in_bytes)
471{
472 struct cros_ec_dev *dev = dev_get_uclass_priv(udev);
473 struct ec_state *ec = dev_get_priv(dev->dev);
474 struct ec_host_request *req_hdr = (struct ec_host_request *)dev->dout;
475 const void *req_data = req_hdr + 1;
476 struct ec_host_response *resp_hdr = (struct ec_host_response *)dev->din;
477 void *resp_data = resp_hdr + 1;
478 int len;
479
480 len = process_cmd(ec, req_hdr, req_data, resp_hdr, resp_data);
481 if (len < 0)
482 return len;
483
484 resp_hdr->struct_version = 3;
485 resp_hdr->result = EC_RES_SUCCESS;
486 resp_hdr->data_len = len;
487 resp_hdr->reserved = 0;
488 len += sizeof(*resp_hdr);
489 resp_hdr->checksum = 0;
490 resp_hdr->checksum = (uint8_t)
491 -cros_ec_calc_checksum((const uint8_t *)resp_hdr, len);
492
493 return in_bytes;
494}
495
496void cros_ec_check_keyboard(struct udevice *dev)
497{
498 struct ec_state *ec = dev_get_priv(dev);
499 ulong start;
500
501 printf("Press keys for EC to detect on reset (ESC=recovery)...");
502 start = get_timer(0);
503 while (get_timer(start) < 1000)
504 ;
505 putc('\n');
506 if (!sandbox_sdl_key_pressed(KEY_ESC)) {
507 ec->recovery_req = true;
508 printf(" - EC requests recovery\n");
509 }
510}
511
512int cros_ec_probe(struct udevice *dev)
513{
514 struct ec_state *ec = dev->priv;
515 struct cros_ec_dev *cdev = dev->uclass_priv;
516 struct udevice *keyb_dev;
517 ofnode node;
518 int err;
519
520 memcpy(ec, &s_state, sizeof(*ec));
521 err = cros_ec_decode_ec_flash(dev, &ec->ec_config);
522 if (err) {
523 debug("%s: Cannot device EC flash\n", __func__);
524 return err;
525 }
526
527 node = ofnode_null();
528 for (device_find_first_child(dev, &keyb_dev);
529 keyb_dev;
530 device_find_next_child(&keyb_dev)) {
531 if (device_get_uclass_id(keyb_dev) == UCLASS_KEYBOARD) {
532 node = dev_ofnode(keyb_dev);
533 break;
534 }
535 }
536 if (!ofnode_valid(node)) {
537 debug("%s: No cros_ec keyboard found\n", __func__);
538 } else if (keyscan_read_fdt_matrix(ec, node)) {
539 debug("%s: Could not read key matrix\n", __func__);
540 return -1;
541 }
542
543
544 if (ec->flash_data &&
545 ec->flash_data_len != ec->ec_config.flash.length) {
546 printf("EC data length is %x, expected %x, discarding data\n",
547 ec->flash_data_len, ec->ec_config.flash.length);
548 os_free(ec->flash_data);
549 ec->flash_data = NULL;
550 }
551
552
553 if (!ec->flash_data) {
554 ec->flash_data_len = ec->ec_config.flash.length;
555 ec->flash_data = os_malloc(ec->flash_data_len);
556 if (!ec->flash_data)
557 return -ENOMEM;
558 }
559
560 cdev->dev = dev;
561 g_state = ec;
562 return cros_ec_register(dev);
563}
564
565struct dm_cros_ec_ops cros_ec_ops = {
566 .packet = cros_ec_sandbox_packet,
567};
568
569static const struct udevice_id cros_ec_ids[] = {
570 { .compatible = "google,cros-ec-sandbox" },
571 { }
572};
573
574U_BOOT_DRIVER(cros_ec_sandbox) = {
575 .name = "cros_ec_sandbox",
576 .id = UCLASS_CROS_EC,
577 .of_match = cros_ec_ids,
578 .probe = cros_ec_probe,
579 .priv_auto_alloc_size = sizeof(struct ec_state),
580 .ops = &cros_ec_ops,
581};
582