GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libpayload: classify all keyboards 

Depthcharge uses the keyboard type to help determine whether
it can trust the keyboard for security-sensitive confirmations.
Currently it trusts anything except usb, but now there's a need
to distrust ec-based ps/2 keyboards that are associated with untrusted
ECs.  To help facilitate this, coreboot needs to report more
details about non-usb keyboards, so this change replaces the current
instances of unknown with enum values that distinguish uart and gpio
from ec-based keyboards.

BUG=b:129471321
BRANCH=None
TEST=Local compile and flash to systems with trusted and non-trusted
ECs.  Confirmed that security confirmation can't be performed via
keyboard on a system with an untrusted EC but can still be performed
on a system with a trusted EC.

Change-Id: Iee6295dafadf7cb3da98b62f43b0e184b2b69b1e
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32717
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This commit is contained in:
Matt Delco 2019-04-22 13:38:13 -07:00 committed by Patrick Georgi
parent f2d173a554
commit a20e59da15
6 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
payloads/libpayload/drivers/i8042/keyboard.c
View File

@ -296,7 +296,8 @@ int keyboard_set_layout(char *country)
static struct console_input_driver cons = { static struct console_input_driver cons = {
.havekey = keyboard_havechar, .havekey = keyboard_havechar,
.getchar = keyboard_getchar .getchar = keyboard_getchar,
.input_type = CONSOLE_INPUT_TYPE_EC,
}; };
void keyboard_init(void) void keyboard_init(void)

3
payloads/libpayload/drivers/serial/8250.c
View File

@ -98,7 +98,8 @@ static void serial_hardware_init(int speed, int word_bits,
static struct console_input_driver consin = { static struct console_input_driver consin = {
.havekey = &serial_havechar, .havekey = &serial_havechar,
.getchar = &serial_getchar .getchar = &serial_getchar,
.input_type = CONSOLE_INPUT_TYPE_UART,
}; };
static struct console_output_driver consout = { static struct console_output_driver consout = {

1
payloads/libpayload/drivers/serial/ipq40xx.c
View File

@ -560,6 +560,7 @@ void serial_console_init(void)
consin.havekey = serial_havechar; consin.havekey = serial_havechar;
consin.getchar = serial_getchar; consin.getchar = serial_getchar;
consin.input_type = CONSOLE_INPUT_TYPE_UART;
consout.putchar = serial_putchar; consout.putchar = serial_putchar;

1
payloads/libpayload/drivers/serial/ipq806x.c
View File

@ -352,6 +352,7 @@ void serial_console_init(void)
consin.havekey = serial_havechar; consin.havekey = serial_havechar;
consin.getchar = serial_getchar; consin.getchar = serial_getchar;
consin.input_type = CONSOLE_INPUT_TYPE_UART;
consout.putchar = serial_putchar; consout.putchar = serial_putchar;

3
payloads/libpayload/drivers/serial/s5p.c
View File

@ -84,7 +84,8 @@ static struct console_output_driver s5p_serial_output =
static struct console_input_driver s5p_serial_input = static struct console_input_driver s5p_serial_input =
{ {
.havekey = &serial_havechar, .havekey = &serial_havechar,
.getchar = &serial_getchar .getchar = &serial_getchar,
.input_type = CONSOLE_INPUT_TYPE_UART,
}; };
void serial_init(void) void serial_init(void)

3
payloads/libpayload/include/libpayload.h
View File

@ -350,6 +350,9 @@ int set_option_from_string(const struct nvram_accessor *nvram, struct cb_cmos_op
typedef enum { typedef enum {
CONSOLE_INPUT_TYPE_UNKNOWN = 0, CONSOLE_INPUT_TYPE_UNKNOWN = 0,
CONSOLE_INPUT_TYPE_USB, CONSOLE_INPUT_TYPE_USB,
CONSOLE_INPUT_TYPE_EC,
CONSOLE_INPUT_TYPE_UART,
CONSOLE_INPUT_TYPE_GPIO,
} console_input_type; } console_input_type;
void console_init(void); void console_init(void);