summaryrefslogtreecommitdiff
path: root/payloads/libpayload
diff options
context:
space:
mode:
authorMatt Delco <delco@chromium.org>2019-04-22 13:38:13 -0700
committerPatrick Georgi <pgeorgi@google.com>2019-05-13 09:20:25 +0000
commita20e59da157231f0a0e41774af80f6bccde1b280 (patch)
treeb367fa7ab1e35b39d8161f241a1e088fcf78b4d4 /payloads/libpayload
parentf2d173a554b82b731fceeecd00095f6c6433c7ba (diff)
downloadcoreboot-a20e59da157231f0a0e41774af80f6bccde1b280.tar.xz
libpayload: classify all keyboards
Depthcharge uses the keyboard type to help determine whether it can trust the keyboard for security-sensitive confirmations. Currently it trusts anything except usb, but now there's a need to distrust ec-based ps/2 keyboards that are associated with untrusted ECs. To help facilitate this, coreboot needs to report more details about non-usb keyboards, so this change replaces the current instances of unknown with enum values that distinguish uart and gpio from ec-based keyboards. BUG=b:129471321 BRANCH=None TEST=Local compile and flash to systems with trusted and non-trusted ECs. Confirmed that security confirmation can't be performed via keyboard on a system with an untrusted EC but can still be performed on a system with a trusted EC. Change-Id: Iee6295dafadf7cb3da98b62f43b0e184b2b69b1e Signed-off-by: Matt Delco <delco@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/32717 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'payloads/libpayload')
-rw-r--r--payloads/libpayload/drivers/i8042/keyboard.c3
-rw-r--r--payloads/libpayload/drivers/serial/8250.c3
-rw-r--r--payloads/libpayload/drivers/serial/ipq40xx.c1
-rw-r--r--payloads/libpayload/drivers/serial/ipq806x.c1
-rw-r--r--payloads/libpayload/drivers/serial/s5p.c3
-rw-r--r--payloads/libpayload/include/libpayload.h3
6 files changed, 11 insertions, 3 deletions
diff --git a/payloads/libpayload/drivers/i8042/keyboard.c b/payloads/libpayload/drivers/i8042/keyboard.c
index 1035bf2791..42431c3689 100644
--- a/payloads/libpayload/drivers/i8042/keyboard.c
+++ b/payloads/libpayload/drivers/i8042/keyboard.c
@@ -296,7 +296,8 @@ int keyboard_set_layout(char *country)
static struct console_input_driver cons = {
.havekey = keyboard_havechar,
- .getchar = keyboard_getchar
+ .getchar = keyboard_getchar,
+ .input_type = CONSOLE_INPUT_TYPE_EC,
};
void keyboard_init(void)
diff --git a/payloads/libpayload/drivers/serial/8250.c b/payloads/libpayload/drivers/serial/8250.c
index f503bdb124..9502d4b147 100644
--- a/payloads/libpayload/drivers/serial/8250.c
+++ b/payloads/libpayload/drivers/serial/8250.c
@@ -98,7 +98,8 @@ static void serial_hardware_init(int speed, int word_bits,
static struct console_input_driver consin = {
.havekey = &serial_havechar,
- .getchar = &serial_getchar
+ .getchar = &serial_getchar,
+ .input_type = CONSOLE_INPUT_TYPE_UART,
};
static struct console_output_driver consout = {
diff --git a/payloads/libpayload/drivers/serial/ipq40xx.c b/payloads/libpayload/drivers/serial/ipq40xx.c
index 52d71b8ac8..7656ad73e0 100644
--- a/payloads/libpayload/drivers/serial/ipq40xx.c
+++ b/payloads/libpayload/drivers/serial/ipq40xx.c
@@ -560,6 +560,7 @@ void serial_console_init(void)
consin.havekey = serial_havechar;
consin.getchar = serial_getchar;
+ consin.input_type = CONSOLE_INPUT_TYPE_UART;
consout.putchar = serial_putchar;
diff --git a/payloads/libpayload/drivers/serial/ipq806x.c b/payloads/libpayload/drivers/serial/ipq806x.c
index 912893d7e2..183ada6563 100644
--- a/payloads/libpayload/drivers/serial/ipq806x.c
+++ b/payloads/libpayload/drivers/serial/ipq806x.c
@@ -352,6 +352,7 @@ void serial_console_init(void)
consin.havekey = serial_havechar;
consin.getchar = serial_getchar;
+ consin.input_type = CONSOLE_INPUT_TYPE_UART;
consout.putchar = serial_putchar;
diff --git a/payloads/libpayload/drivers/serial/s5p.c b/payloads/libpayload/drivers/serial/s5p.c
index 1d23352ec4..6ca5dc4717 100644
--- a/payloads/libpayload/drivers/serial/s5p.c
+++ b/payloads/libpayload/drivers/serial/s5p.c
@@ -84,7 +84,8 @@ static struct console_output_driver s5p_serial_output =
static struct console_input_driver s5p_serial_input =
{
.havekey = &serial_havechar,
- .getchar = &serial_getchar
+ .getchar = &serial_getchar,
+ .input_type = CONSOLE_INPUT_TYPE_UART,
};
void serial_init(void)
diff --git a/payloads/libpayload/include/libpayload.h b/payloads/libpayload/include/libpayload.h
index 3a84b3b038..a578d41f28 100644
--- a/payloads/libpayload/include/libpayload.h
+++ b/payloads/libpayload/include/libpayload.h
@@ -350,6 +350,9 @@ int set_option_from_string(const struct nvram_accessor *nvram, struct cb_cmos_op
typedef enum {
CONSOLE_INPUT_TYPE_UNKNOWN = 0,
CONSOLE_INPUT_TYPE_USB,
+ CONSOLE_INPUT_TYPE_EC,
+ CONSOLE_INPUT_TYPE_UART,
+ CONSOLE_INPUT_TYPE_GPIO,
} console_input_type;
void console_init(void);