3 files changed, 27 insertions, 5 deletions

diff --git a/firmware/include/vboot_api.h b/firmware/include/vboot_api.h
index 3f0a7faf..9aa7f0ad 100644
--- a/firmware/include/vboot_api.h
+++ b/firmware/include/vboot_api.h
@@ -638,8 +638,8 @@ VbError_t VbExEcHashRW(const uint8_t **hash, int *hash_size);
 
 /* Get the expected contents of the EC image associated with the main firmware
  * specified by the "select" argument. */
-VbError_t VbExEcGetExpectedRW(enum VbSelectFirmware_t select, uint8_t **image,
-                              int *image_size);
+VbError_t VbExEcGetExpectedRW(enum VbSelectFirmware_t select,
+                              const uint8_t **image, int *image_size);
 
 /* Update the EC rewritable image. */
 VbError_t VbExEcUpdateRW(const uint8_t *image, int image_size);
diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
index a17c0243..1a99ecbe 100644
--- a/firmware/lib/vboot_api_kernel.c
+++ b/firmware/lib/vboot_api_kernel.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
@@ -351,6 +351,10 @@ VbError_t VbBootRecovery(VbCommonParams* cparams, LoadKernelParams* p) {
 VbError_t VbEcSoftwareSync(VbSharedDataHeader *shared) {
   int in_rw = 0;
   int rv = VbExEcRunningRW(&in_rw);
+  const uint8_t *ec_hash;
+  int ec_hash_size;
+  const uint8_t *expected;
+  int expected_size;
 
   if (shared->recovery_reason) {
     /* Recovery mode; just verify the EC is in RO code */
@@ -409,6 +413,24 @@ VbError_t VbEcSoftwareSync(VbSharedDataHeader *shared) {
     return VBERROR_SUCCESS;
   }
 
+  /* Get hash of EC-RW */
+  rv = VbExEcHashRW(&ec_hash, &ec_hash_size);
+  if (rv) {
+      VBDEBUG(("VbEcSoftwareSync() - VbExEcHashRW() returned %d\n", rv));
+      VbSetRecoveryRequest(VBNV_RECOVERY_EC_SOFTWARE_SYNC);
+      return VBERROR_EC_REBOOT_TO_RO_REQUIRED;
+  }
+  VBDEBUG(("VbEcSoftwareSync() - hash len = %d\n", ec_hash_size));
+
+  /* Get expected EC-RW code */
+  rv = VbExEcGetExpectedRW(shared->firmware_index, &expected, &expected_size);
+  if (rv) {
+      VBDEBUG(("VbEcSoftwareSync() - VbExEcGetExpectedRW() returned %d\n", rv));
+      VbSetRecoveryRequest(VBNV_RECOVERY_EC_SOFTWARE_SYNC);
+      return VBERROR_EC_REBOOT_TO_RO_REQUIRED;
+  }
+  VBDEBUG(("VbEcSoftwareSync() - expected len = %d\n", expected_size));
+
   /* TODO: verify EC-RW hash vs. expected code */
 
   if (in_rw) {
diff --git a/firmware/stub/vboot_api_stub.c b/firmware/stub/vboot_api_stub.c
index f41d8d95..53a49d26 100644
--- a/firmware/stub/vboot_api_stub.c
+++ b/firmware/stub/vboot_api_stub.c
@@ -173,8 +173,8 @@ VbError_t VbExEcHashRW(const uint8_t **hash, int *hash_size) {
   return VBERROR_SUCCESS;
 }
 
-VbError_t VbExEcGetExpectedRW(enum VbSelectFirmware_t select, uint8_t **image,
-                              int *image_size) {
+VbError_t VbExEcGetExpectedRW(enum VbSelectFirmware_t select,
+                              const uint8_t **image, int *image_size) {
   static uint8_t fake_image[64] = {5, 6, 7, 8};
   *image = fake_image;
   *image_size = sizeof(fake_image);