summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNicolas Boichat <drinkcat@google.com>2017-05-24 15:12:18 +0800
committerchrome-bot <chrome-bot@chromium.org>2017-05-25 18:58:47 -0700
commitba78fa41735f90ddab0f6a519e13f16d02187f1c (patch)
tree34cf32dec81ba4866b0d3775db91639d5a8c0da7
parentcb4ff83d5b14b1f845e0249159c41f44f51f40f1 (diff)
downloadchrome-ec-ba78fa41735f90ddab0f6a519e13f16d02187f1c.tar.gz
usb_update: Add support for INJECT_ENTROPY command
As part of the pairing process, AP needs to be able to inject some entropy into the base. Let's also define PAIR_CHALLENGE, which will be implemented in a later CL. BRANCH=none BUG=b:38487027 TEST=Flash hammer. On host, reboot hammer to RO: usb_updater2 -r; sleep 0.5; usb_updater2 -s usb_updater2 -e (adds entropy) EC console: check that rollbackinfo shows secret is updated Change-Id: I964bb578c6bfbb1ab5105a70b43682d51df4ed47 Reviewed-on: https://chromium-review.googlesource.com/513807 Commit-Ready: Nicolas Boichat <drinkcat@chromium.org> Tested-by: Nicolas Boichat <drinkcat@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat
-rw-r--r--common/usb_update.c24
-rw-r--r--include/update_fw.h2
2 files changed, 26 insertions, 0 deletions
diff --git a/common/usb_update.c b/common/usb_update.c
index 0c14d8dfbf..153411b5e0 100644
--- a/common/usb_update.c
+++ b/common/usb_update.c
@@ -11,6 +11,7 @@
#include "flash.h"
#include "queue_policies.h"
#include "host_command.h"
+#include "rollback.h"
#include "rwsig.h"
#include "system.h"
#include "update_fw.h"
@@ -201,7 +202,30 @@ static int try_vendor_command(struct consumer const *consumer, size_t count)
flash_set_protect(EC_FLASH_PROTECT_ROLLBACK_AT_BOOT, 0);
response = EC_RES_SUCCESS;
break;
+#ifdef CONFIG_ROLLBACK_SECRET_SIZE
+#ifdef CONFIG_ROLLBACK_UPDATE
+ case UPDATE_EXTRA_CMD_INJECT_ENTROPY: {
+ /*
+ * Check that we are provided enough data (header +
+ * 2 bytes subcommand + secret length).
+ */
+ int header_size = sizeof(*cmd_buffer) + 2;
+ int entropy_count = count-header_size;
+
+ if (entropy_count < CONFIG_ROLLBACK_SECRET_SIZE) {
+ CPRINTS("Entropy too short");
+ response = EC_RES_INVALID_PARAM;
+ break;
+ }
+
+ CPRINTS("Adding %db of entropy", entropy_count);
+ /* Add the whole buffer to entropy. */
+ rollback_add_entropy(buffer+header_size, entropy_count);
+ break;
+ }
#endif
+#endif /* CONFIG_ROLLBACK_SECRET_SIZE */
+#endif /* CONFIG_ROLLBACK */
default:
response = EC_RES_INVALID_COMMAND;
}
diff --git a/include/update_fw.h b/include/update_fw.h
index a5fb27ed22..72e278fcc6 100644
--- a/include/update_fw.h
+++ b/include/update_fw.h
@@ -162,6 +162,8 @@ enum update_extra_command {
UPDATE_EXTRA_CMD_STAY_IN_RO = 2,
UPDATE_EXTRA_CMD_UNLOCK_RW = 3,
UPDATE_EXTRA_CMD_UNLOCK_ROLLBACK = 4,
+ UPDATE_EXTRA_CMD_INJECT_ENTROPY = 5,
+ UPDATE_EXTRA_CMD_PAIR_CHALLENGE = 6,
};
void fw_update_command_handler(void *body,
View Lorry Controller Status