diff options
Diffstat (limited to 'common/ap_ro_integrity_check.c')
-rw-r--r-- | common/ap_ro_integrity_check.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/common/ap_ro_integrity_check.c b/common/ap_ro_integrity_check.c index bb02f306db..fbf5bef488 100644 --- a/common/ap_ro_integrity_check.c +++ b/common/ap_ro_integrity_check.c @@ -5,6 +5,7 @@ * Code supporting AP RO verification. */ +#include "ap_ro_integrity_check.h" #include "console.h" #include "crypto_api.h" #include "extension.h" @@ -176,12 +177,15 @@ int validate_ap_ro(void) if (p_chk->header.num_ranges == (uint16_t)~0) { CPRINTS("%s: RO verification not programmed", __func__); + ap_ro_add_flash_event(APROF_SPACE_NOT_PROGRAMMED); return EC_ERROR_INVAL; } /* Is the contents intact? */ - if (verify_ap_ro_check_space() != EC_SUCCESS) + if (verify_ap_ro_check_space() != EC_SUCCESS) { + ap_ro_add_flash_event(APROF_SPACE_INVALID); return EC_ERROR_INVAL; /* No verification possible. */ + } enable_ap_spi_hash_shortcut(); usb_spi_sha256_start(&ctx); @@ -204,8 +208,10 @@ int validate_ap_ro(void) CPRINTS("Stored digest %ph", HEX_BUF(p_chk->payload.digest, sizeof(p_chk->payload.digest))); + ap_ro_add_flash_event(APROF_CHECK_FAILED); rv = EC_ERROR_CRC; } else { + ap_ro_add_flash_event(APROF_CHECK_SUCCEEDED); rv = EC_SUCCESS; CPRINTS("AP RO verification SUCCEEDED!"); } @@ -214,6 +220,14 @@ int validate_ap_ro(void) return rv; } +void ap_ro_add_flash_event(enum ap_ro_verification_ev event) +{ + struct ap_ro_entry_payload ev; + + ev.event = event; + flash_log_add_event(FE_LOG_AP_RO_VERIFICATION, sizeof(ev), &ev); +} + static int ap_ro_info_cmd(int argc, char **argv) { int rv; |