diff options
| -rw-r--r-- | futility/cmd_update.c | 18 | ||||
| -rwxr-xr-x | tests/futility/test_update.sh | 8 |
2 files changed, 20 insertions, 6 deletions
diff --git a/futility/cmd_update.c b/futility/cmd_update.c index 81fd8f41..c4897918 100644 --- a/futility/cmd_update.c +++ b/futility/cmd_update.c @@ -1400,10 +1400,20 @@ static int check_compatible_tpm_keys(struct updater_config *cfg, tpm_data_key_version = 0, tpm_firmware_version = 0, tpm_fwver = 0; + /* Fail if the given image does not look good. */ + if (get_key_versions(rw_image, FMAP_RW_VBLOCK_A, &data_key_version, + &firmware_version) != 0) + return -1; + tpm_fwver = get_system_property(SYS_PROP_TPM_FWVER, cfg); if (tpm_fwver <= 0) { - ERROR("Invalid tpm_fwver: %d.", tpm_fwver); - return -1; + ERROR("Invalid tpm_fwver: %#x (skipped checking).", tpm_fwver); + /* + * This is an error, but it may be common for early proto + * devices so we don't want to fail here. Just skip checking TPM + * if system tpm_fwver can't be fetched. + */ + return 0; } tpm_data_key_version = tpm_fwver >> 16; @@ -1411,10 +1421,6 @@ static int check_compatible_tpm_keys(struct updater_config *cfg, DEBUG("TPM: data_key_version = %d, firmware_version = %d", tpm_data_key_version, tpm_firmware_version); - if (get_key_versions(rw_image, FMAP_RW_VBLOCK_A, &data_key_version, - &firmware_version) != 0) - return -1; - if (tpm_data_key_version > data_key_version) { ERROR("Data key version rollback detected (%d->%d).", tpm_data_key_version, data_key_version); diff --git a/tests/futility/test_update.sh b/tests/futility/test_update.sh index b74c7ea9..8c5e0d56 100755 --- a/tests/futility/test_update.sh +++ b/tests/futility/test_update.sh @@ -158,6 +158,14 @@ test_update "Full update (TPM Anti-rollback: kernel key)" \ "${FROM_IMAGE}" "!Firmware version rollback detected (5->4)" \ -i "${TO_IMAGE}" --wp=0 --sys_props 1,0x10005,1 +test_update "Full update (Skip TPM check due to invalid tpm_fwver)" \ + "${FROM_IMAGE}" "${TMP}.expected.full" \ + -i "${TO_IMAGE}" --wp=0 --sys_props 0,0x0,1 + +test_update "Full update (Skip TPM check due to tpm_fwver error)" \ + "${FROM_IMAGE}" "${TMP}.expected.full" \ + -i "${TO_IMAGE}" --wp=0 --sys_props 0,-1,1 + # Test RW-only update. test_update "RW update" \ "${FROM_IMAGE}" "${TMP}.expected.rw" \ |