diff options
Diffstat (limited to 'common/ap_ro_integrity_check.c')
-rw-r--r-- | common/ap_ro_integrity_check.c | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/common/ap_ro_integrity_check.c b/common/ap_ro_integrity_check.c index 8465983eea..37e2a6311c 100644 --- a/common/ap_ro_integrity_check.c +++ b/common/ap_ro_integrity_check.c @@ -315,7 +315,7 @@ static const struct ap_ro_check *p_chk = * Track if the AP RO hash was validated this boot. Must be cleared every AP * reset. */ -static uint8_t validated_ap_ro_boot; +static enum ap_ro_status apro_result = AP_RO_NOT_RUN; /* * In dev signed Cr50 images this is the hash of @@ -488,9 +488,10 @@ static int verify_keyblock(const struct kb_container *kbc, /* Clear validate_ap_ro_boot state. */ void ap_ro_device_reset(void) { - if (validated_ap_ro_boot) - CPRINTS("%s: clear validated state", __func__); - validated_ap_ro_boot = 0; + if (apro_result == AP_RO_NOT_RUN) + return; + CPRINTS("%s: clear apro result", __func__); + apro_result = AP_RO_NOT_RUN; } /* Erase flash page containing the AP RO verification data hash. */ @@ -1361,8 +1362,10 @@ static uint8_t do_ap_ro_check(void) support_status = ap_ro_check_unsupported(true); if ((support_status == ARCVE_BOARD_ID_BLOCKED) || - (support_status == ARCVE_FLASH_READ_FAILED)) + (support_status == ARCVE_FLASH_READ_FAILED)) { + apro_result = AP_RO_UNSUPPORTED_TRIGGERED; return EC_ERROR_UNIMPLEMENTED; + } enable_ap_spi_hash_shortcut(); @@ -1398,6 +1401,7 @@ static uint8_t do_ap_ro_check(void) disable_ap_spi_hash_shortcut(); if (rv != EC_SUCCESS) { + apro_result = AP_RO_FAIL; /* Failure reason has already been reported. */ ap_ro_add_flash_event(APROF_CHECK_FAILED); @@ -1408,8 +1412,8 @@ static uint8_t do_ap_ro_check(void) */ rv = EC_ERROR_CRC; } else { + apro_result = AP_RO_PASS; ap_ro_add_flash_event(APROF_CHECK_SUCCEEDED); - validated_ap_ro_boot = 1; CPRINTS("AP RO verification SUCCEEDED!"); } @@ -1507,13 +1511,14 @@ static int ap_ro_info_cmd(int argc, char **argv) } #endif rv = ap_ro_check_unsupported(false); + ccprintf("result : %d\n", apro_result); + ccprintf("supported : %s\n", rv ? "no" : "yes"); if (rv == ARCVE_FLASH_READ_FAILED) return EC_ERROR_CRC; /* No verification possible. */ /* All other AP RO verificaiton unsupported reasons are fine */ if (rv) return EC_SUCCESS; - ccprintf("boot validated: %s\n", validated_ap_ro_boot ? "yes" : "no"); ccprintf("sha256 hash %ph\n", HEX_BUF(p_chk->payload.digest, sizeof(p_chk->payload.digest))); ccprintf("Covered ranges:\n"); @@ -1538,7 +1543,7 @@ static enum vendor_cmd_rc vc_get_ap_ro_status(enum vendor_cmd_cc code, void *buf, size_t input_size, size_t *response_size) { - uint8_t rv = AP_RO_NOT_RUN; + uint8_t rv = apro_result; uint8_t *response = buf; CPRINTS("Check AP RO status"); @@ -1547,12 +1552,9 @@ static enum vendor_cmd_rc vc_get_ap_ro_status(enum vendor_cmd_cc code, if (input_size) return VENDOR_RC_BOGUS_ARGS; - if (ap_ro_check_unsupported(false)) - rv = AP_RO_UNSUPPORTED; - else if (ec_rst_override()) - rv = AP_RO_FAIL; - else if (validated_ap_ro_boot) - rv = AP_RO_PASS; + if ((apro_result != AP_RO_UNSUPPORTED_TRIGGERED) && + (ap_ro_check_unsupported(false) != ARCVE_OK)) + rv = AP_RO_UNSUPPORTED_NOT_TRIGGERED; *response_size = 1; response[0] = rv; |