diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2018-03-01 18:25:47 -0800 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2018-03-14 01:19:55 +0000 |
| commit | 65af6259f3c333dad0eff6678a4c6af04fcdad68 (patch) | |
| tree | c169b8114c13fb635f048e58e0e34e312b0bf7d6 | |
| parent | 41c7266a025cdc97085ae9cef19b9bc682e58e92 (diff) | |
| download | chrome-ec-65af6259f3c333dad0eff6678a4c6af04fcdad68.tar.gz | |
cr50: fix console command RMA authentication code check
When checking the RMA authentication code the code currently just
verifies the value, but does not act on it.
This patch directs the user input through the same vendor command path
which is used when the RMA operation is controlled using gsctool.
BRANCH=cr50, cr50-mp
BUG=b:74080723
TEST=verified that issuing 'rma_auth <code>' on the Cr50 console now
trigger CCD open and reboot.
Change-Id: Ib3fab131b6a24b65618f0b1f2504638f8df11a4b
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/945311
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit f6b72676a0e4794805b14ab3452db7c82b989518)
Reviewed-on: https://chromium-review.googlesource.com/961615
| -rw-r--r-- | common/rma_auth.c | 41 |
1 files changed, 30 insertions, 11 deletions
diff --git a/common/rma_auth.c b/common/rma_auth.c index 2bb5550e9d..1c361622b8 100644 --- a/common/rma_auth.c +++ b/common/rma_auth.c @@ -370,25 +370,44 @@ static int rma_auth_cmd(int argc, char **argv) return EC_ERROR_PARAM_COUNT; } - if (argc == 2) { - if (rma_try_authcode(argv[1]) != EC_SUCCESS) { - ccprintf("Auth code does not match.\n"); - return EC_ERROR_PARAM1; - } - ccprintf("Auth code match!\n"); - return EC_SUCCESS; - } - rv = shared_mem_acquire(RMA_CMD_BUF_SIZE, (char **)&tpmh); if (rv != EC_SUCCESS) return rv; - /* Build the extension command to request RMA AUTH challenge. */ + /* Common fields of the RMA AUTH challenge/response vendor command. */ tpmh->tag = htobe16(0x8001); /* TPM_ST_NO_SESSIONS */ - tpmh->size = htobe32(sizeof(struct tpm_cmd_header)); tpmh->command_code = htobe32(TPM_CC_VENDOR_BIT_MASK); tpmh->subcommand_code = htobe16(VENDOR_CC_RMA_CHALLENGE_RESPONSE); + if (argc == 2) { + /* + * The user entered a value, must be the auth code, build and + * send vendor command to check it. + */ + const char *authcode = argv[1]; + + if (strlen(authcode) != RMA_AUTHCODE_CHARS) { + ccprintf("Wrong auth code size.\n"); + return EC_ERROR_PARAM1; + } + + tpmh->size = htobe32(sizeof(struct tpm_cmd_header) + + RMA_AUTHCODE_CHARS); + + memcpy(tpmh + 1, authcode, RMA_AUTHCODE_CHARS); + + tpm_alt_extension(tpmh, RMA_CMD_BUF_SIZE); + + if (tpmh->command_code) { + ccprintf("Auth code does not match.\n"); + return EC_ERROR_PARAM1; + } + ccprintf("Auth code match, reboot might be coming!\n"); + return EC_SUCCESS; + } + + /* Prepare and send the request to get RMA auth challenge. */ + tpmh->size = htobe32(sizeof(struct tpm_cmd_header)); tpm_alt_extension(tpmh, RMA_CMD_BUF_SIZE); /* Return status in the command code field now. */ |