diff options
author | Mary Ruthven <mruthven@chromium.org> | 2020-10-13 08:27:31 +1100 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-11-18 22:23:16 +0000 |
commit | cf93e873604a4f81e1ac8e9285d1c67ff0d42c12 (patch) | |
tree | cb4b8d0dafb218da1b47f265950070ee7b81ef92 | |
parent | 6c1c62276e26d7043d7be7f1496d0041049e9f53 (diff) | |
download | chrome-ec-cf93e873604a4f81e1ac8e9285d1c67ff0d42c12.tar.gz |
gsctool: add support for GET_AP_RO_HASH vendor command
Add the gsctool support for the GET_AP_RO_HASH vendor command
BUG=b:168634745
TEST=gsctool -aA
Change-Id: I9c14446fbea22e428ca920341a8c1618b82722a3
Signed-off-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2547198
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
-rw-r--r-- | extra/usb_updater/gsctool.c | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/extra/usb_updater/gsctool.c b/extra/usb_updater/gsctool.c index 493cd4da67..c6c9efb136 100644 --- a/extra/usb_updater/gsctool.c +++ b/extra/usb_updater/gsctool.c @@ -34,6 +34,7 @@ #include "tpm_registers.h" #include "tpm_vendor_cmds.h" #include "upgrade_fw.h" +#include "u2f.h" #include "usb_descriptor.h" #include "verify_ro.h" @@ -247,6 +248,8 @@ static char *progname; */ static const struct option_container cmd_line_options[] = { /* name has_arg *flag val */ + {{"get_apro_hash", no_argument, NULL, 'A'}, + "get the stored ap ro hash"}, {{"any", no_argument, NULL, 'a'}, "Try any interfaces to find Cr50" " (-d, -s, -t are all ignored)"}, @@ -2065,6 +2068,45 @@ static void process_wp(struct transfer_descriptor *td, enum wp_options wp) "forced disabled"); } +static int process_get_apro_hash(struct transfer_descriptor *td) +{ + size_t response_size; + uint8_t response[SHA256_DIGEST_SIZE]; + const char * const desc = "getting apro hash"; + int rv = 0; + int i; + + response_size = sizeof(response); + + rv = send_vendor_command(td, VENDOR_CC_GET_AP_RO_HASH, NULL, 0, + &response, &response_size); + + if (response_size == 1) { + switch (response[0]) { + case ARCVE_NOT_PROGRAMMED: + printf("AP RO hash unprogrammed\n"); + return 0; + default: + fprintf(stderr, "unexpected error %d %s\n", response[0], + desc); + return update_error; + } + } else if (rv != VENDOR_RC_SUCCESS) { + fprintf(stderr, "Error %d %s\n", rv, desc); + return update_error; + } else if (response_size != SHA256_DIGEST_SIZE) { + fprintf(stderr, "Error in the size of response, %zu.\n", + response_size); + return update_error; + } + printf("digest: "); + for (i = 0; i < SHA256_DIGEST_SIZE; i++) + printf("%x", response[i]); + printf("\n"); + return 0; +} + + static int process_get_boot_mode(struct transfer_descriptor *td) { size_t response_size; @@ -2761,6 +2803,7 @@ int main(int argc, char *argv[]) int get_boot_mode = 0; int try_all_transfer = 0; int tpm_mode = 0; + int get_apro_hash = 0; bool show_machine_output = false; int tstamp = 0; const char *tstamp_arg = NULL; @@ -2826,6 +2869,9 @@ int main(int argc, char *argv[]) if (check_boolean(omap, i)) continue; switch (i) { + case 'A': + get_apro_hash = 1; + break; case 'a': if (td.ep_type) { errorcnt++; @@ -2984,6 +3030,7 @@ int main(int argc, char *argv[]) !ccd_open && !ccd_unlock && !corrupt_inactive_rw && + !get_apro_hash && !get_boot_mode && !get_flog && !get_endorsement_seed && @@ -3093,6 +3140,9 @@ int main(int argc, char *argv[]) if (sn_inc_rma) process_sn_inc_rma(&td, sn_inc_rma_arg); + if (get_apro_hash) + exit(process_get_apro_hash(&td)); + if (get_boot_mode) exit(process_get_boot_mode(&td)); |