From 29ef57b1bc1b5dd7713f6ab42edb4646f2be756d Mon Sep 17 00:00:00 2001
From: Ting Shen <phoenixshen@google.com>
Date: Wed, 18 Dec 2019 17:37:37 +0800
Subject: virtual_battery: return errors on bad battery flags

Stop virtual_battery_handler from sending random values to host and
make userland programs panic.

BUG=b:144195782
TEST=UI never shows incorrect battery level.
BRANCH=kukui

Change-Id: Ia1ce4d6806db70cd3b189acdf1df4f865e5f8076
Signed-off-by: Ting Shen <phoenixshen@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1972161
Reviewed-by: Eric Yilun Lin <yllin@chromium.org>
Commit-Queue: Ting Shen <phoenixshen@chromium.org>
Tested-by: Ting Shen <phoenixshen@chromium.org>
---
 common/virtual_battery.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/common/virtual_battery.c b/common/virtual_battery.c
index 7fdd92de1a..e9d1c2811d 100644
--- a/common/virtual_battery.c
+++ b/common/virtual_battery.c
@@ -224,24 +224,37 @@ int virtual_battery_operation(const uint8_t *batt_cmd_head,
 		memcpy(dest, &val, bounded_read_len);
 		break;
 	case SB_VOLTAGE:
+		if (curr_batt->flags & BATT_FLAG_BAD_VOLTAGE)
+			return EC_ERROR_BUSY;
 		memcpy(dest, &(curr_batt->voltage), bounded_read_len);
 		break;
 	case SB_RELATIVE_STATE_OF_CHARGE:
+		if (curr_batt->flags & BATT_FLAG_BAD_STATE_OF_CHARGE)
+			return EC_ERROR_BUSY;
 		memcpy(dest, &(curr_batt->state_of_charge), bounded_read_len);
 		break;
 	case SB_TEMPERATURE:
+		if (curr_batt->flags & BATT_FLAG_BAD_TEMPERATURE)
+			return EC_ERROR_BUSY;
 		memcpy(dest, &(curr_batt->temperature), bounded_read_len);
 		break;
 	case SB_CURRENT:
+		if (curr_batt->flags & BATT_FLAG_BAD_CURRENT)
+			return EC_ERROR_BUSY;
 		memcpy(dest, &(curr_batt->current), bounded_read_len);
 		break;
 	case SB_FULL_CHARGE_CAPACITY:
+		if (curr_batt->flags & BATT_FLAG_BAD_FULL_CAPACITY ||
+				curr_batt->flags & BATT_FLAG_BAD_VOLTAGE)
+			return EC_ERROR_BUSY;
 		val = curr_batt->full_capacity;
 		if (batt_mode_cache & MODE_CAPACITY)
 			val = val * curr_batt->voltage / 10000;
 		memcpy(dest, &val, bounded_read_len);
 		break;
 	case SB_BATTERY_STATUS:
+		if (curr_batt->flags & BATT_FLAG_BAD_STATUS)
+			return EC_ERROR_BUSY;
 		memcpy(dest, &(curr_batt->status), bounded_read_len);
 		break;
 	case SB_CYCLE_COUNT:
@@ -249,6 +262,8 @@ int virtual_battery_operation(const uint8_t *batt_cmd_head,
 		       bounded_read_len);
 		break;
 	case SB_DESIGN_CAPACITY:
+		if (curr_batt->flags & BATT_FLAG_BAD_VOLTAGE)
+			return EC_ERROR_BUSY;
 		val = *(int *)host_get_memmap(EC_MEMMAP_BATT_DCAP);
 		if (batt_mode_cache & MODE_CAPACITY)
 			val = val * curr_batt->voltage / 10000;
@@ -259,6 +274,9 @@ int virtual_battery_operation(const uint8_t *batt_cmd_head,
 		       bounded_read_len);
 		break;
 	case SB_REMAINING_CAPACITY:
+		if (curr_batt->flags & BATT_FLAG_BAD_REMAINING_CAPACITY ||
+				curr_batt->flags & BATT_FLAG_BAD_VOLTAGE)
+			return EC_ERROR_BUSY;
 		val = curr_batt->remaining_capacity;
 		if (batt_mode_cache & MODE_CAPACITY)
 			val = val * curr_batt->voltage / 10000;
-- 
cgit v1.2.1