diff options
author | Hsuan Ting Chen <roccochen@chromium.org> | 2021-09-02 13:29:26 +0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-09-04 16:32:15 +0000 |
commit | ae48219ec49fdec3c084dc5ba1f49219e4bd7d60 (patch) | |
tree | ec449f7defe132b597315436e35878e603348ebe /tests | |
parent | b2ba574e1df0767cd2c6fc9dc854fb87f0e2a097 (diff) | |
download | vboot-ae48219ec49fdec3c084dc5ba1f49219e4bd7d60.tar.gz |
2lib/2ec_sync: Clear VB2_CONTEXT_EC_TRUSTED before jumping to RW
Currently the EC is trusted if any of the conditions are met:
* The ctx flag VB2_CONTEXT_EC_TRUSTED is set.
* vb2ex_ec_trusted() returns trusted.
With introducing the boot mode area in ctx, the vb2ex_ec_trusted will be
deprecated and the VB2_CONTEXT_EC_TRUSTED will become the only condition
to decide if EC is trusted.
This CL clears the flag while EC jumps to RW, which is the prerequisite
before landing the coreboot changes.
Also update the tests of ec_sync()
BRANCH=none
BUG=b:181931817
TEST=emerge-trogdor coreboot vboot_reference depthcharge
Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
Change-Id: I4711093353f5a92157c4c00c859c01f08fc3607f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3139538
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/vb2_ec_sync_tests.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/tests/vb2_ec_sync_tests.c b/tests/vb2_ec_sync_tests.c index ea0dbf11..16496e44 100644 --- a/tests/vb2_ec_sync_tests.c +++ b/tests/vb2_ec_sync_tests.c @@ -96,6 +96,13 @@ static void ResetMocks(void) memset(hmir, 0, sizeof(hmir)); hmir[0] = 42; vb2_secdata_kernel_set_ec_hash(ctx, hmir); + + /* + * This flag should not involve in the steps deciding whether EC is + * running RW. The only concern here is we need to clear this flag after + * attempting a jump to RW. + */ + ctx->flags |= VB2_CONTEXT_EC_TRUSTED; } /* Mock functions */ @@ -515,6 +522,8 @@ static void VbSoftwareSyncTest(void) TEST_EQ(ec_ro_protected, 1, "ec ro protected"); TEST_EQ(ec_rw_protected, 1, "ec rw protected"); TEST_EQ(ec_run_image, 1, "ec run image"); + TEST_FALSE(ctx->flags & VB2_CONTEXT_EC_TRUSTED, + " VB2_CONTEXT_EC_TRUSTED is cleared"); ResetMocks(); test_ssync(0, 0, "AP-RW, EC-RO -> EC-RW"); @@ -523,6 +532,8 @@ static void VbSoftwareSyncTest(void) TEST_EQ(ec_ro_protected, 1, " ec ro protected"); TEST_EQ(ec_rw_protected, 1, " ec rw protected"); TEST_EQ(ec_run_image, 1, " ec run image"); + TEST_FALSE(ctx->flags & VB2_CONTEXT_EC_TRUSTED, + " VB2_CONTEXT_EC_TRUSTED is cleared"); ResetMocks(); jump_retval = VB2_ERROR_MOCK; @@ -533,6 +544,8 @@ static void VbSoftwareSyncTest(void) TEST_EQ(ec_ro_protected, 0, " ec ro protected"); TEST_EQ(ec_rw_protected, 0, " ec rw protected"); TEST_EQ(ec_run_image, 0, " ec run image"); + TEST_FALSE(ctx->flags & VB2_CONTEXT_EC_TRUSTED, + " VB2_CONTEXT_EC_TRUSTED is cleared"); ResetMocks(); jump_retval = VB2_REQUEST_REBOOT_EC_TO_RO; @@ -543,6 +556,8 @@ static void VbSoftwareSyncTest(void) TEST_EQ(ec_ro_protected, 0, " ec ro protected"); TEST_EQ(ec_rw_protected, 0, " ec rw protected"); TEST_EQ(ec_run_image, 0, " ec run image"); + TEST_FALSE(ctx->flags & VB2_CONTEXT_EC_TRUSTED, + " VB2_CONTEXT_EC_TRUSTED is cleared"); ResetMocks(); protect_retval = VB2_ERROR_MOCK; @@ -552,6 +567,8 @@ static void VbSoftwareSyncTest(void) TEST_EQ(ec_ro_protected, 0, "ec ro protected"); TEST_EQ(ec_rw_protected, 0, "ec rw protected"); TEST_EQ(ec_run_image, 1, "ec run image"); + TEST_FALSE(ctx->flags & VB2_CONTEXT_EC_TRUSTED, + " VB2_CONTEXT_EC_TRUSTED is cleared"); /* No longer check for shutdown requested */ ResetMocks(); |