rollback: Add option to store secret in rollback info

For pairing purpose, we want to store some secret random number in
the base. The most convenient location for this is the rollback
region.

Since the rollback region can now be updated without incrementing
rollback_min_version (when we add entropy to the secret), we need
to add an increasing id to tell the code which rollback region is
the latest.

We also add console commands to manually add entropy.

BRANCH=none
BUG=b:38486828
TEST=Flash hammer (with or without CONFIG_ROLLBACK_ENTROPY_SIZE set)
     rollbackinfo => 1 version 0 block, 1 empty block, RW verifies
           correctly.
     rollbackupdate 0; rollbackinfo => No change
     rollbackupdate 1; reboot => RO refuses to jump to RW
     only when CONFIG_ROLLBACK_ENTROPY_SIZE is set:
       rollbackinfo => Secret is [00..00] on both blocks (so the data
                     was copied correctly)
     rollbackupdate 2, 3, 4; rollbackinfo => Writes alternate
           between the 2 blocks.
     rollbackupdate 2 => Refuses to downgrade version
TEST=From blank secret [00..00], 'rollbackaddent Hello' updates it
         to [ba..fa], which matches the output of:
         (dd if=/dev/zero bs=1 count=32; echo -n Hello) | sha256sum

Change-Id: I79c3e790e56e21958cc1b4ba05bd4e5f359d3090
Reviewed-on: https://chromium-review.googlesource.com/511985
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>

1 files changed, 1 insertions, 1 deletions

diff --git a/common/rwsig.c b/common/rwsig.c
index 1471008122..4efca2cb20 100644
--- a/common/rwsig.c
+++ b/common/rwsig.c
@@ -204,7 +204,7 @@ int rwsig_check_signature(void)
 		 * This will fail if the rollback block is protected (RW image
 		 * will unprotect that block later on).
 		 */
-		int ret = rollback_update(rw_rollback_version);
+		int ret = rollback_update_version(rw_rollback_version);
 
 		if (ret == 0) {
 			CPRINTS("Rollback updated to %d",