diff options
author | Nicolas Boichat <drinkcat@google.com> | 2017-06-13 10:27:35 +0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-06-14 01:19:31 -0700 |
commit | b9b431557e0b5d4c97af56f640f627533296373c (patch) | |
tree | cefb5e669bcc5879dbca10c8ed094bfe1d02ae2b | |
parent | 43391ca4157d37d934aa7ec041ded311b96720c2 (diff) | |
download | chrome-ec-b9b431557e0b5d4c97af56f640f627533296373c.tar.gz |
rollback: Add function to fetch secret
BRANCH=none
BUG=b:38486828
TEST=Flash hammer
Change-Id: I50088a78e75d6ea8d62e439fdc8bf18d46319462
Reviewed-on: https://chromium-review.googlesource.com/532474
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
-rw-r--r-- | common/rollback.c | 26 | ||||
-rw-r--r-- | include/rollback.h | 10 |
2 files changed, 36 insertions, 0 deletions
diff --git a/common/rollback.c b/common/rollback.c index 840229c85d..e43bfe07b7 100644 --- a/common/rollback.c +++ b/common/rollback.c @@ -106,6 +106,32 @@ int32_t rollback_get_minimum_version(void) return data.rollback_min_version; } +#ifdef CONFIG_ROLLBACK_SECRET_SIZE +int rollback_get_secret(uint8_t *secret) +{ + struct rollback_data data; + uint8_t first; + int i = 0; + + if (get_latest_rollback(&data) < 0) + return EC_ERROR_UNKNOWN; + + /* Check that secret is not full of 0x00 or 0xff */ + first = data.secret[0]; + if (first == 0x00 || first == 0xff) { + for (i = 1; i < sizeof(data.secret); i++) { + if (data.secret[i] != first) + goto good; + } + return EC_ERROR_UNKNOWN; + } + +good: + memcpy(secret, data.secret, sizeof(data.secret)); + return EC_SUCCESS; +} +#endif + int rollback_lock(void) { int ret; diff --git a/include/rollback.h b/include/rollback.h index 51f945e089..e51d5c94a2 100644 --- a/include/rollback.h +++ b/include/rollback.h @@ -19,6 +19,16 @@ int rollback_get_minimum_version(void); /** + * Get device secret from rollback protection block. + * + * @param secret CONFIG_ROLLBACK_SECRET_SIZE-long buffer to copy the secret to. + * + * @return EC_SUCCESS on success, EC_ERROR_* on error (e.g. secret is not + * initialized) + */ +int rollback_get_secret(uint8_t *secret); + +/** * Update rollback protection block to the version passed as parameter. * * @param next_min_version Minimum version to write in rollback block. |