nvmem: make page header checksums different between prod and dev

When moving an H1 between prod and dev Cr50 images, it is important to
quickly determine that the NVMEM contents are not retrievable. The
first object verified by the initialization routine is the page
header, but since SHA value is used for integrity verification, it
does not change despite the fact that the mode (and encryption keys as
a result) changed.

Using encrypted header value for integrity verification guarantees
that when transition between prod and dev modes happen the
initialization function discovers it right away and reinitializes
NVMEM instead of trying to interpret corrupted objects.

The host/dcrypto stub used for unit tests and fuzzing needs to be
modified to ensure that page headers read from uninitialized flash do
not look valid (where encrypted value of 0xffffffff is 0xffffffff).

BRANCH=cr50, cr50-mp
BUG=b:129710256
TEST=make buildall -j successd, as well as migration of a Chrome OS
     device from legacy to new nvmem layout.

Change-Id: I613513cc67b14f553d2760919d6058f8dbed6e41
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1615423
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>

1 files changed, 1 insertions, 1 deletions

diff --git a/test/build.mk b/test/build.mk
index b668d1d06d..93ae9d405a 100644
--- a/test/build.mk
+++ b/test/build.mk
@@ -152,7 +152,7 @@ fp-y=fp.o
 x25519-y=x25519.o
 
 TPM2_ROOT := $(CROS_WORKON_SRCROOT)/src/third_party/tpm2
-$(out)/RO/common/new_nvmem.o: CFLAGS += -I$(TPM2_ROOT)
+$(out)/RO/common/new_nvmem.o: CFLAGS += -I$(TPM2_ROOT) -I chip/g
 $(out)/RO/test/nvmem.o: CFLAGS += -I$(TPM2_ROOT)
 $(out)/RO/test/nvmem_tpm2_mock.o: CFLAGS += -I$(TPM2_ROOT)