diff options
author | Vadim Bendebury <vbendeb@chromium.org> | 2021-12-28 16:35:49 -0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-12-29 02:22:27 +0000 |
commit | 08d9e212d0086a1bff68e78251eedf6434b9245c (patch) | |
tree | 0ffdd38f2c10966d195193197251a6efce501c5c | |
parent | 82e0d4a58416975815a37f5e70e4df1a99a97d15 (diff) | |
download | chrome-ec-08d9e212d0086a1bff68e78251eedf6434b9245c.tar.gz |
ap_ro_verification: fix cached verification state
The apro_result variable saves the state reported by an attempted AP
RO verification, setting this variable to AP_RO_FAIL prevents
releasing of the EC reset on the following reboots.
In case verification could not be run because control structures have
not been found, and there is no evidence of a previously succeeding
verification, apro_result has to be set to
AP_RO_UNSUPPORTED_TRIGGERED.
BUG=b:211762871
TEST=verified various states of AP RO verification, in particular
confirmed that running verification on a device where it is not
supported does not prevent future reboots.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I74ad47a6fd92c6d906e723df6e7d37520ff92b27
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3360089
Reviewed-by: Andrey Pronin <apronin@chromium.org>
-rw-r--r-- | common/ap_ro_integrity_check.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/common/ap_ro_integrity_check.c b/common/ap_ro_integrity_check.c index 14fdb0f876..939a618c64 100644 --- a/common/ap_ro_integrity_check.c +++ b/common/ap_ro_integrity_check.c @@ -1447,21 +1447,24 @@ static uint8_t do_ap_ro_check(void) if (rv != ROV_SUCCEEDED) { /* Failure reason has already been reported. */ - apro_result = AP_RO_FAIL; ap_ro_add_flash_event(APROF_CHECK_FAILED); - /* - * Map failures into EC_ERROR_CRC, this will make sure that in - * case this was invoked by the operator keypress, the device - * will not continue booting. - * - * Both explicit failure to verify OR any error if cached - * descriptor was found should block the booting. - */ if ((rv == ROV_FAILED) || check_is_required()) { + apro_result = AP_RO_FAIL; keep_ec_in_reset(); + /* + * Map failures into EC_ERROR_CRC, this will make sure + * that in case this was invoked by the operator + * keypress, the device will not continue booting. + * + * Both explicit failure to verify OR any error if + * cached descriptor was found should block the + * booting. + */ return EC_ERROR_CRC; } + + apro_result = AP_RO_UNSUPPORTED_TRIGGERED; return EC_ERROR_UNIMPLEMENTED; } |