diff options
| author | Mary Ruthven <mruthven@chromium.org> | 2022-10-12 13:21:45 -0500 |
|---|---|---|
| committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-11-02 23:47:01 +0000 |
| commit | 31925f9c56051a94057cc0ceb2ce9d5ea264f139 (patch) | |
| tree | 0e9eeaed3dbbba836ea3fffeb1c7faaf8f3ec2c6 | |
| parent | 26600812484d8baf5b713c33147cdf747bd1d0e4 (diff) | |
| download | chrome-ec-31925f9c56051a94057cc0ceb2ce9d5ea264f139.tar.gz | |
apro: define ap_ro_check_payload with the max number of ranges
A followup CL is going to add gbb data after the ap ro check payload.
Define ap_ro_check_payload with the maximum number of AP RO ranges, so
there is enough space between the AP RO check v1 data and the gbb
descriptor.
BUG=b:236844541
TEST=cr50 can validate existing AP RO data and save new data. Check one
range and 32 ranges.
Change-Id: I1faff319644b5c6aa531e500d3d60b4ce9c170ee
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3949615
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
| -rw-r--r-- | common/ap_ro_integrity_check.c | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/common/ap_ro_integrity_check.c b/common/ap_ro_integrity_check.c index 17abeacf70..d4b11d3f06 100644 --- a/common/ap_ro_integrity_check.c +++ b/common/ap_ro_integrity_check.c @@ -46,7 +46,7 @@ * to the number of ranges, so it's easier to debug and to make people consider * why they would need more than 32 ranges. */ -#define APRO_MAX_NUM_RANGES 32 +#define AP_RO_MAX_NUM_RANGES 32 /* Values used for validity check of the flash_range structure fields. */ #define MAX_SUPPORTED_FLASH_SIZE (32 * 1024 * 1024) #define MAX_SUPPORTED_RANGE_SIZE (4 * 1024 * 1024) @@ -66,11 +66,6 @@ struct ro_range { uint32_t range_size; }; -/* Maximum number of RO ranges this implementation supports. */ -struct ro_ranges { - struct ro_range ranges[APRO_MAX_NUM_RANGES]; -}; - /* * Payload of the vendor command communicating a variable number of flash * ranges to be checked and the total sha256. @@ -79,7 +74,8 @@ struct ro_ranges { */ struct ap_ro_check_payload { uint8_t digest[SHA256_DIGEST_SIZE]; - struct ro_range ranges[0]; + /* Maximum number of RO ranges this implementation supports. */ + struct ro_range ranges[AP_RO_MAX_NUM_RANGES]; } __packed; /* @@ -101,7 +97,7 @@ struct ap_ro_check_header { */ BUILD_ASSERT(AP_RO_DATA_SPACE_SIZE >= sizeof(struct ap_ro_check_header) + SHA256_DIGEST_SIZE + - APRO_MAX_NUM_RANGES * sizeof(struct ro_range)); + AP_RO_MAX_NUM_RANGES * sizeof(struct ro_range)); /* Format of the AP RO check information saved in the H1 flash page. */ struct ap_ro_check { struct ap_ro_check_header header; @@ -387,7 +383,7 @@ static enum vendor_cmd_rc vc_seed_ap_ro_check(enum vendor_cmd_cc code, vc_num_of_ranges = (input_size - SHA256_DIGEST_SIZE) / sizeof(struct ro_range); - if (vc_num_of_ranges > APRO_MAX_NUM_RANGES) { + if (vc_num_of_ranges > AP_RO_MAX_NUM_RANGES) { *response = ARCVE_TOO_MANY_RANGES; return VENDOR_RC_BOGUS_ARGS; } @@ -431,8 +427,8 @@ static int verify_ap_ro_check_space(void) return EC_ERROR_CRC; data_size = p_chk->header.num_ranges * sizeof(struct ro_range) + - sizeof(struct ap_ro_check_payload); - if (data_size > CONFIG_FLASH_BANK_SIZE) { + offsetof(struct ap_ro_check_payload, ranges); + if (p_chk->header.num_ranges > AP_RO_MAX_NUM_RANGES) { CPRINTS("%s: bogus number of ranges %d", __func__, p_chk->header.num_ranges); return EC_ERROR_CRC; |