g: usb_updater: clean up update protocol handling

In preparation of introducing new update protocol version this patch
cleans up the existing implementation.

The receive and transmit PDU headers are separated into their own
structures and are now shared between the server and client sides.

Some comments have been added to better explain different protocol
versions' details.

BRANCH=none
BUG=chrome-os-partner:55789
TEST=verified that it is still possible to update RW_A and RW_B on a
     Kevin CR50, works using both USB and SPI.

Change-Id: Ied65b2c2a7800bae045f1d2dd64e58dd5e793d27
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/368989
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>

1 files changed, 8 insertions, 19 deletions

diff --git a/chip/g/upgrade_fw.c b/chip/g/upgrade_fw.c
index c8ff5b80d5..ccb69dfb57 100644
--- a/chip/g/upgrade_fw.c
+++ b/chip/g/upgrade_fw.c
@@ -13,6 +13,7 @@
 #include "memory.h"
 #include "uart.h"
 
+#include "upgrade_fw.h"
 #include "cryptoc/sha.h"
 
 #define CPRINTF(format, args...) cprintf(CC_EXTENSION, format, ## args)
@@ -29,20 +30,6 @@ enum return_value {
 };
 
 /*
- * The payload of the upgrade command. (Integer values in network byte order).
- *
- * block digest: the first four bytes of the sha1 digest of the rest of the
- *               structure.
- * block_base:  address where this block needs to be written to.
- * block_body:  variable size data to written at address 'block_base'.
- */
-struct upgrade_command {
-	uint32_t  block_digest;
-	uint32_t  block_base;
-	uint8_t   block_body[0];
-} __packed;
-
-/*
  * This array defines two possibe sections available for the firmare update.
  * The section whcih does not map the current execting code is picked as the
  * valid update area. The values are offsets into the flash space.
@@ -91,6 +78,7 @@ void fw_upgrade_command_handler(void *body,
 				size_t *response_size)
 {
 	struct upgrade_command *cmd_body = body;
+	void *upgrade_data;
 	uint8_t *rv = body;
 	uint8_t sha1_digest[SHA_DIGEST_SIZE];
 	size_t body_size;
@@ -102,12 +90,12 @@ void fw_upgrade_command_handler(void *body,
 	 */
 	*response_size = sizeof(*rv);
 
-	if (cmd_size < offsetof(struct upgrade_command, block_body)) {
+	if (cmd_size < sizeof(struct upgrade_command)) {
 		CPRINTF("%s:%d\n", __func__, __LINE__);
 		*rv = UPGRADE_GEN_ERROR;
 		return;
 	}
-	body_size = cmd_size - offsetof(struct upgrade_command, block_body);
+	body_size = cmd_size - sizeof(struct upgrade_command);
 
 	if (!cmd_body->block_base && !body_size) {
 		/*
@@ -171,8 +159,9 @@ void fw_upgrade_command_handler(void *body,
 
 	CPRINTF("%s: programming at address 0x%x\n", __func__,
 		block_offset + CONFIG_PROGRAM_MEMORY_BASE);
-	if (flash_physical_write(block_offset, body_size,
-				 cmd_body->block_body) != EC_SUCCESS) {
+	upgrade_data = cmd_body + 1;
+	if (flash_physical_write(block_offset, body_size, upgrade_data)
+	    != EC_SUCCESS) {
 		*rv = UPGRADE_WRITE_FAILURE;
 		CPRINTF("%s:%d upgrade write error\n",
 			__func__, __LINE__);
@@ -180,7 +169,7 @@ void fw_upgrade_command_handler(void *body,
 	}
 
 	/* Werify that data was written properly. */
-	if (memcmp(cmd_body->block_body, (void *)
+	if (memcmp(upgrade_data, (void *)
 		   (block_offset + CONFIG_PROGRAM_MEMORY_BASE),
 		   body_size)) {
 		*rv = UPGRADE_VERIFY_ERROR;