rollback: Add support for entropy from RNG for rollbackaddent

If 'rollbackaddent' is called without any arguments we can add entropy
from RNG. This is useful for testing and debugging purposes.

BUG=b:277029648
BRANCH=none
TEST=Compile firmware or bloonchipper. Use 'rollbackaddent' command
     without any arguments to add randomness to rollback. Check if
     the secret was changed using 'rollbackinfo' command.
TEST=./test/run_device_tests.py -b bloonchipper -t rollback.*
     Test "rollback_region0": PASSED
     Test "rollback_region1": PASSED
     Test "rollback_entropy": PASSED

Change-Id: I0da2df8825d915eaf92364ec07f596b7638a64fd
Signed-off-by: Patryk Duda <pdk@semihalf.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4381923
Tested-by: Patryk Duda <patrykd@google.com>
Reviewed-by: Tom Hughes <tomhughes@chromium.org>
Commit-Queue: Patryk Duda <patrykd@google.com>

1 files changed, 17 insertions, 5 deletions

diff --git a/common/rollback.c b/common/rollback.c
index 23ac9df1d4..e2860f86f7 100644
--- a/common/rollback.c
+++ b/common/rollback.c
@@ -373,16 +373,28 @@ DECLARE_CONSOLE_COMMAND(rollbackupdate, command_rollback_update, "min_version",
 #ifdef CONFIG_ROLLBACK_SECRET_SIZE
 static int command_rollback_add_entropy(int argc, const char **argv)
 {
+	uint8_t rand[CONFIG_ROLLBACK_SECRET_SIZE];
+	const uint8_t *data;
 	int len;
 
-	if (argc < 2)
-		return EC_ERROR_PARAM_COUNT;
+	if (argc < 2) {
+		if (!IS_ENABLED(CONFIG_RNG))
+			return EC_ERROR_PARAM_COUNT;
 
-	len = strlen(argv[1]);
+		trng_init();
+		trng_rand_bytes(rand, sizeof(rand));
+		trng_exit();
+
+		data = rand;
+		len = sizeof(rand);
+	} else {
+		data = argv[1];
+		len = strlen(argv[1]);
+	}
 
-	return rollback_add_entropy(argv[1], len);
+	return rollback_add_entropy(data, len);
 }
-DECLARE_CONSOLE_COMMAND(rollbackaddent, command_rollback_add_entropy, "data",
+DECLARE_CONSOLE_COMMAND(rollbackaddent, command_rollback_add_entropy, "[data]",
 			"Add entropy to rollback block");
 
 #ifdef CONFIG_RNG