From f03e2415b2525bd2c5e24b60ca7df67b51a8e903 Mon Sep 17 00:00:00 2001 From: Joel Kitching Date: Tue, 6 Aug 2019 16:04:12 +0800 Subject: vboot/secdata: fix up error reporting in rollback_index.c Every failure case should output some debug information. BUG=b:124141368, chromium:972956 TEST=make clean && make runtests BRANCH=none Change-Id: I0f178fa72f7e227b3abc22ac1b0d2df5ed4a6dc8 Signed-off-by: Joel Kitching Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1738348 Reviewed-by: Joel Kitching Tested-by: Joel Kitching Commit-Queue: Joel Kitching --- firmware/lib/rollback_index.c | 58 +++++++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 16 deletions(-) diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c index 7a1c0405..fbb706e9 100644 --- a/firmware/lib/rollback_index.c +++ b/firmware/lib/rollback_index.c @@ -49,7 +49,7 @@ uint32_t WriteSpaceKernel(RollbackSpaceKernel *rsk); uint32_t TPMClearAndReenable(void) { - VB2_DEBUG("TPM: Clear and re-enable\n"); + VB2_DEBUG("TPM: clear and re-enable\n"); RETURN_ON_FAILURE(TlclForceClear()); RETURN_ON_FAILURE(TlclSetEnable()); RETURN_ON_FAILURE(TlclSetDeactivated(0)); @@ -74,14 +74,16 @@ uint32_t ReadSpaceFirmware(RollbackSpaceFirmware *rsf) uint32_t r; r = TlclRead(FIRMWARE_NV_INDEX, rsf, sizeof(RollbackSpaceFirmware)); - if (TPM_SUCCESS != r) + if (TPM_SUCCESS != r) { + VB2_DEBUG("TPM: read secdata returned 0x%x\n", r); return r; + } if (rsf->struct_version < ROLLBACK_SPACE_FIRMWARE_VERSION) return TPM_E_STRUCT_VERSION; if (rsf->crc8 != vb2_crc8(rsf, offsetof(RollbackSpaceFirmware, crc8))) { - VB2_DEBUG("TPM: bad CRC\n"); + VB2_DEBUG("TPM: bad secdata CRC\n"); return TPM_E_CORRUPTED_STATE; } @@ -90,16 +92,23 @@ uint32_t ReadSpaceFirmware(RollbackSpaceFirmware *rsf) uint32_t WriteSpaceFirmware(RollbackSpaceFirmware *rsf) { + uint32_t r; + rsf->crc8 = vb2_crc8(rsf, offsetof(RollbackSpaceFirmware, crc8)); - return SafeWrite(FIRMWARE_NV_INDEX, rsf, sizeof(RollbackSpaceFirmware)); + r = SafeWrite(FIRMWARE_NV_INDEX, rsf, sizeof(RollbackSpaceFirmware)); + if (TPM_SUCCESS != r) { + VB2_DEBUG("TPM: write secdata failure\n"); + return r; + } + + return TPM_SUCCESS; } vb2_error_t SetVirtualDevMode(int val) { RollbackSpaceFirmware rsf; - VB2_DEBUG("TPM: Entering\n"); if (TPM_SUCCESS != ReadSpaceFirmware(&rsf)) return VBERROR_TPM_FIRMWARE_SETUP; @@ -117,7 +126,6 @@ vb2_error_t SetVirtualDevMode(int val) if (TPM_SUCCESS != WriteSpaceFirmware(&rsf)) return VBERROR_TPM_SET_BOOT_MODE_STATE; - VB2_DEBUG("TPM: Leaving\n"); return VB2_SUCCESS; } @@ -126,14 +134,16 @@ uint32_t ReadSpaceKernel(RollbackSpaceKernel *rsk) uint32_t r; r = TlclRead(KERNEL_NV_INDEX, rsk, sizeof(RollbackSpaceKernel)); - if (TPM_SUCCESS != r) + if (TPM_SUCCESS != r) { + VB2_DEBUG("TPM: read secdatak returned 0x%x\n", r); return r; + } if (rsk->struct_version < ROLLBACK_SPACE_FIRMWARE_VERSION) return TPM_E_STRUCT_VERSION; if (rsk->crc8 != vb2_crc8(rsk, offsetof(RollbackSpaceKernel, crc8))) { - VB2_DEBUG("TPM: bad CRC\n"); + VB2_DEBUG("TPM: bad secdatak CRC\n"); return TPM_E_CORRUPTED_STATE; } @@ -142,9 +152,17 @@ uint32_t ReadSpaceKernel(RollbackSpaceKernel *rsk) uint32_t WriteSpaceKernel(RollbackSpaceKernel *rsk) { + uint32_t r; + rsk->crc8 = vb2_crc8(rsk, offsetof(RollbackSpaceKernel, crc8)); - return SafeWrite(KERNEL_NV_INDEX, rsk, sizeof(RollbackSpaceKernel)); + r = SafeWrite(KERNEL_NV_INDEX, rsk, sizeof(RollbackSpaceKernel)); + if (TPM_SUCCESS != r) { + VB2_DEBUG("TPM: write secdatak failure\n"); + return r; + } + + return TPM_SUCCESS; } #ifdef DISABLE_ROLLBACK_TPM @@ -203,7 +221,7 @@ uint32_t RollbackKernelRead(uint32_t* version) } #endif memcpy(version, &rsk.kernel_versions, sizeof(*version)); - VB2_DEBUG("TPM: RollbackKernelRead %x\n", (int)*version); + VB2_DEBUG("TPM: RollbackKernelRead 0x%x\n", (int)*version); return TPM_SUCCESS; } @@ -213,7 +231,7 @@ uint32_t RollbackKernelWrite(uint32_t version) uint32_t old_version; RETURN_ON_FAILURE(ReadSpaceKernel(&rsk)); memcpy(&old_version, &rsk.kernel_versions, sizeof(old_version)); - VB2_DEBUG("TPM: RollbackKernelWrite %x --> %x\n", + VB2_DEBUG("TPM: RollbackKernelWrite 0x%x --> 0x%x\n", (int)old_version, (int)version); memcpy(&rsk.kernel_versions, &version, sizeof(version)); return WriteSpaceKernel(&rsk); @@ -230,6 +248,8 @@ uint32_t RollbackKernelLock(int recovery_mode) r = TlclLockPhysicalPresence(); if (TPM_SUCCESS == r) kernel_locked = 1; + + VB2_DEBUG("TPM: lock secdatak returned 0x%x\n", r); return r; } @@ -256,7 +276,7 @@ uint32_t RollbackFwmpRead(struct RollbackSpaceFwmp *fwmp) VB2_DEBUG("TPM: no FWMP space\n"); return TPM_SUCCESS; } else if (TPM_SUCCESS != r) { - VB2_DEBUG("TPM: read returned 0x%x\n", r); + VB2_DEBUG("TPM: read FWMP returned 0x%x\n", r); return r; } @@ -265,8 +285,10 @@ uint32_t RollbackFwmpRead(struct RollbackSpaceFwmp *fwmp) * than our buffer size. */ if (u.fwmp.struct_size < sizeof(u.fwmp) || - u.fwmp.struct_size > sizeof(u.buf)) + u.fwmp.struct_size > sizeof(u.buf)) { + VB2_DEBUG("TPM: FWMP size invalid: 0x%x\n", u.fwmp.struct_size); return TPM_E_STRUCT_SIZE; + } /* * If space is bigger than we expect, re-read so we properly @@ -274,20 +296,24 @@ uint32_t RollbackFwmpRead(struct RollbackSpaceFwmp *fwmp) */ if (u.fwmp.struct_size > sizeof(u.fwmp)) { r = TlclRead(FWMP_NV_INDEX, u.buf, u.fwmp.struct_size); - if (TPM_SUCCESS != r) + if (TPM_SUCCESS != r) { + VB2_DEBUG("TPM: re-read FWMP returned 0x%x\n", r); return r; + } } /* Verify CRC */ if (u.fwmp.crc != vb2_crc8(u.buf + 2, u.fwmp.struct_size - 2)) { - VB2_DEBUG("TPM: bad CRC\n"); + VB2_DEBUG("TPM: bad FWMP CRC\n"); return TPM_E_CORRUPTED_STATE; } /* Verify major version is compatible */ if ((u.fwmp.struct_version >> 4) != - (ROLLBACK_SPACE_FWMP_VERSION >> 4)) + (ROLLBACK_SPACE_FWMP_VERSION >> 4)) { + VB2_DEBUG("TPM: FWMP major version incompatible\n"); return TPM_E_STRUCT_VERSION; + } /* * Copy to destination. Note that if the space is bigger than -- cgit v1.2.1