diff options
| author | Mary Ruthven <mruthven@chromium.org> | 2022-11-30 11:48:16 -0800 |
|---|---|---|
| committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-12-01 04:11:09 +0000 |
| commit | 0f42a18674ab8ffcc8f2022feceabc47e0dc4f10 (patch) | |
| tree | 3794c52a1ee6d6e87dd52938c0ef68194f1452f0 | |
| parent | 35adc7e3efd58ac1b96a0da22221c6461f61f392 (diff) | |
| download | chrome-ec-0f42a18674ab8ffcc8f2022feceabc47e0dc4f10.tar.gz | |
apro: check usb_spi_sha256_update return code
If usb_spi_sha256_update returns something other than EC_SUCCESS, fail
verification.
BUG=b:260878795
TEST=add a delay to make spi_hash timeout. Verify cr50 fails
verification.
Change-Id: I4ba750748eb131046828f642b9736ed62a781789
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4066233
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
| -rw-r--r-- | board/cr50/usb_spi.c | 4 | ||||
| -rw-r--r-- | common/ap_ro_integrity_check.c | 35 |
2 files changed, 28 insertions, 11 deletions
diff --git a/board/cr50/usb_spi.c b/board/cr50/usb_spi.c index a16c2df3e5..68533ed286 100644 --- a/board/cr50/usb_spi.c +++ b/board/cr50/usb_spi.c @@ -709,6 +709,10 @@ int usb_spi_sha256_update(struct sha256_ctx *ctx, uint32_t offset, { uint8_t data[SPI_HASH_CHUNK_SIZE]; + if (get_spi_bus_user() != SPI_BUS_USER_HASH) { + CPRINTS("%s: disabled", __func__); + return VENDOR_RC_NOT_ALLOWED; + } if (print_range) { CPRINTS("%s: %x:%x", __func__, offset, size); /* Make sure the message gets out before verification starts. */ diff --git a/common/ap_ro_integrity_check.c b/common/ap_ro_integrity_check.c index 0c8f16ad18..d714e1d12c 100644 --- a/common/ap_ro_integrity_check.c +++ b/common/ap_ro_integrity_check.c @@ -541,12 +541,16 @@ static bool is_in_range(const struct ro_range part_range, * @param ctx pointer to the sha256 context to update * @param full_range range to include in hash calculation * @param gbbd the descriptor with the gbb flag information. + * + * @return EC_SUCCESS if updating the hash succeeded or the error if reading + * the ap ro flash failed. */ -static void update_sha_with_gbb_range(struct sha256_ctx *ctx, - const struct ro_range full_range, - const struct gbb_descriptor *gbbd) +static int update_sha_with_gbb_range(struct sha256_ctx *ctx, + const struct ro_range full_range, + const struct gbb_descriptor *gbbd) { struct ro_range range; + int rv; /* Use the factory flags to calculate the hash. */ CPRINTS("Using %x for GBB flags.", gbbd->injected_flags); @@ -554,9 +558,13 @@ static void update_sha_with_gbb_range(struct sha256_ctx *ctx, range.flash_offset = full_range.flash_offset; range.range_size = gbbd->gbb_flags.flash_offset - full_range.flash_offset; - if (range.range_size > 0) - usb_spi_sha256_update(ctx, range.flash_offset, - range.range_size, 1); + if (range.range_size > 0) { + rv = usb_spi_sha256_update(ctx, range.flash_offset, + range.range_size, 1); + if (rv != EC_SUCCESS) + return rv; + + } /* Update hash with the injected gbb flags */ SHA256_update(ctx, &gbbd->injected_flags, @@ -568,8 +576,9 @@ static void update_sha_with_gbb_range(struct sha256_ctx *ctx, range.range_size = full_range.flash_offset + full_range.range_size - range.flash_offset; if (range.range_size > 0) - usb_spi_sha256_update(ctx, range.flash_offset, - range.range_size, 1); + return usb_spi_sha256_update(ctx, range.flash_offset, + range.range_size, 1); + return EC_SUCCESS; } /** @@ -610,11 +619,15 @@ enum ap_ro_check_result validate_ranges_sha(const struct ro_range *ranges, */ if (gbbd->status & GS_INJECT_FLAGS && is_in_range(gbbd->gbb_flags, ranges[i])) { - update_sha_with_gbb_range(&ctx, ranges[i], gbbd); + if (update_sha_with_gbb_range(&ctx, ranges[i], gbbd) != + EC_SUCCESS) + return ROV_FAILED; continue; } - usb_spi_sha256_update(&ctx, ranges[i].flash_offset, - ranges[i].range_size, true); + if (usb_spi_sha256_update(&ctx, ranges[i].flash_offset, + ranges[i].range_size, true) != + EC_SUCCESS) + return ROV_FAILED; } usb_spi_sha256_final(&ctx, digest, sizeof(digest)); |