summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulius Werner <jwerner@chromium.org>2015-05-15 12:50:07 -0700
committerChromeOS Commit Bot <chromeos-commit-bot@chromium.org>2015-05-16 01:42:20 +0000
commitfb4e4080112d9005f83b57551ab19cbf478da36a (patch)
tree1d7f42ca5856dfc0bda6562c72f553f167df91db
parentdc49a6827670abc0f2dc45178c2623e070ff5961 (diff)
downloadvboot-fb4e4080112d9005f83b57551ab19cbf478da36a.tar.gz
vboot2: Support VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK
Looks like the DISABLE_FW_ROLLBACK_CHECK GBB flag (0x200) was forgotten in the vboot2 implementation. It's too late for Veyron now, but let's at least fix it for future devices. BRANCH=none BUG=None TEST=make runtests Change-Id: I867f7aada28be3897efda73a6bdc3b0848c23dca Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/271419 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat
-rw-r--r--firmware/2lib/include/2struct.h4
-rw-r--r--firmware/lib20/misc.c16
-rw-r--r--firmware/lib21/misc.c16
-rw-r--r--tests/vb20_misc_tests.c10
-rw-r--r--tests/vb21_misc_tests.c10
5 files changed, 48 insertions, 8 deletions
diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h
index cbf08901..ae01c5de 100644
--- a/firmware/2lib/include/2struct.h
+++ b/firmware/2lib/include/2struct.h
@@ -182,12 +182,16 @@ enum vb2_gbb_flag {
* enable this ourselves because it executes non-verified code, but if
* a customer wants to void their warranty and set this flag in the
* read-only flash, they should be able to do so.
+ *
+ * (TODO: Currently not supported. Mark as deprecated/unused?)
*/
VB2_GBB_FLAG_LOAD_OPTION_ROMS = (1 << 1),
/*
* The factory flow may need the BIOS to boot a non-ChromeOS kernel if
* the dev-switch is on. This flag allows that.
+ *
+ * (TODO: Currently not supported. Mark as deprecated/unused?)
*/
VB2_GBB_FLAG_ENABLE_ALTERNATE_OS = (1 << 2),
diff --git a/firmware/lib20/misc.c b/firmware/lib20/misc.c
index 0e61e858..83232b07 100644
--- a/firmware/lib20/misc.c
+++ b/firmware/lib20/misc.c
@@ -126,8 +126,12 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx)
/* Key version is the upper 16 bits of the composite firmware version */
if (kb->data_key.key_version > 0xffff)
rv = VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE;
- if (!rv && kb->data_key.key_version < (sd->fw_version_secdata >> 16))
- rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK;
+ if (!rv && kb->data_key.key_version < (sd->fw_version_secdata >> 16)) {
+ if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK)
+ VB2_DEBUG("Ignoring FW key rollback due to GBB flag\n");
+ else
+ rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK;
+ }
if (rv) {
vb2_fail(ctx, VB2_RECOVERY_FW_KEY_ROLLBACK, rv);
return rv;
@@ -238,8 +242,12 @@ int vb2_load_fw_preamble(struct vb2_context *ctx)
rv = VB2_ERROR_FW_PREAMBLE_VERSION_RANGE;
/* Combine with the key version from vb2_load_fw_keyblock() */
sd->fw_version |= pre->firmware_version;
- if (!rv && sd->fw_version < sd->fw_version_secdata)
- rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK;
+ if (!rv && sd->fw_version < sd->fw_version_secdata) {
+ if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK)
+ VB2_DEBUG("Ignoring FW rollback due to GBB flag\n");
+ else
+ rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK;
+ }
if (rv) {
vb2_fail(ctx, VB2_RECOVERY_FW_ROLLBACK, rv);
return rv;
diff --git a/firmware/lib21/misc.c b/firmware/lib21/misc.c
index 92322a9c..c0143c04 100644
--- a/firmware/lib21/misc.c
+++ b/firmware/lib21/misc.c
@@ -117,8 +117,12 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx)
/* Key version is the upper 16 bits of the composite firmware version */
if (packed_key->key_version > 0xffff)
rv = VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE;
- if (!rv && packed_key->key_version < (sd->fw_version_secdata >> 16))
- rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK;
+ if (!rv && packed_key->key_version < (sd->fw_version_secdata >> 16)) {
+ if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK)
+ VB2_DEBUG("Ignoring FW key rollback due to GBB flag\n");
+ else
+ rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK;
+ }
if (rv) {
vb2_fail(ctx, VB2_RECOVERY_FW_KEY_ROLLBACK, rv);
return rv;
@@ -205,8 +209,12 @@ int vb2_load_fw_preamble(struct vb2_context *ctx)
rv = VB2_ERROR_FW_PREAMBLE_VERSION_RANGE;
/* Combine with the key version from vb2_load_fw_keyblock() */
sd->fw_version |= pre->fw_version;
- if (!rv && sd->fw_version < sd->fw_version_secdata)
- rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK;
+ if (!rv && sd->fw_version < sd->fw_version_secdata) {
+ if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK)
+ VB2_DEBUG("Ignoring FW rollback due to GBB flag\n");
+ else
+ rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK;
+ }
if (rv) {
vb2_fail(ctx, VB2_RECOVERY_FW_ROLLBACK, rv);
return rv;
diff --git a/tests/vb20_misc_tests.c b/tests/vb20_misc_tests.c
index 8021888c..e3a5123f 100644
--- a/tests/vb20_misc_tests.c
+++ b/tests/vb20_misc_tests.c
@@ -268,6 +268,11 @@ static void verify_keyblock_tests(void)
TEST_EQ(vb2_load_fw_keyblock(&cc),
VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK,
"keyblock rollback");
+
+ reset_common_data(FOR_KEYBLOCK);
+ kb->data_key.key_version = 1;
+ sd->gbb_flags |= VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK;
+ TEST_SUCC(vb2_load_fw_keyblock(&cc), "keyblock rollback with GBB flag");
}
static void verify_preamble_tests(void)
@@ -346,6 +351,11 @@ static void verify_preamble_tests(void)
"preamble version rollback");
reset_common_data(FOR_PREAMBLE);
+ pre->firmware_version = 1;
+ sd->gbb_flags |= VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK;
+ TEST_SUCC(vb2_load_fw_preamble(&cc), "version rollback with GBB flag");
+
+ reset_common_data(FOR_PREAMBLE);
pre->firmware_version = 3;
TEST_SUCC(vb2_load_fw_preamble(&cc),
"preamble version roll forward");
diff --git a/tests/vb21_misc_tests.c b/tests/vb21_misc_tests.c
index 826c3fb1..d70cabd5 100644
--- a/tests/vb21_misc_tests.c
+++ b/tests/vb21_misc_tests.c
@@ -274,6 +274,11 @@ static void load_keyblock_tests(void)
TEST_EQ(vb2_load_fw_keyblock(&ctx),
VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK,
"keyblock rollback");
+
+ reset_common_data(FOR_KEYBLOCK);
+ dk->key_version = 1;
+ sd->gbb_flags |= VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK;
+ TEST_SUCC(vb2_load_fw_keyblock(&ctx), "keyblock rollback + GBB flag");
}
static void load_preamble_tests(void)
@@ -353,6 +358,11 @@ static void load_preamble_tests(void)
"preamble version rollback");
reset_common_data(FOR_PREAMBLE);
+ pre->fw_version = 1;
+ sd->gbb_flags |= VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK;
+ TEST_SUCC(vb2_load_fw_preamble(&ctx), "version rollback with GBB flag");
+
+ reset_common_data(FOR_PREAMBLE);
pre->fw_version = 3;
TEST_SUCC(vb2_load_fw_preamble(&ctx),
"preamble version roll forward");
View Lorry Controller Status