From 11d913d95e9efa5a27a89830e05d87987f7ebfd3 Mon Sep 17 00:00:00 2001 From: Mary Ruthven Date: Wed, 30 Oct 2019 16:19:57 -0700 Subject: board_id: ignore erased bid type when checking headers We will be able to set the board id flags without setting the type. If only flags are set, then check the flags. If the type is set, also check the type. BUG=b:143649068 BRANCH=cr50 TEST=set flags to 0x3f80. Try to update to a ZZAF:0:0:0 image. Make sure it isn't rejected with board id type mismatch. Try to update to a prepvt image. Make sure it's rejected. Change-Id: Ie0efdd7b1b6d76f385688f75c0765c08cab3755c Signed-off-by: Mary Ruthven Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1892117 Reviewed-by: Vadim Bendebury (cherry picked from commit 69fef6d57b29e74839885b20b1f83f1a925f8104) Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1920401 Tested-by: Vadim Bendebury Commit-Queue: Vadim Bendebury (cherry picked from commit 5e9c6b4118fe8d2ecbd5fbbf02056319487ddf3d) Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1959317 --- chip/g/board_id.c | 34 +++++++++++++++++++++++----------- chip/g/board_id.h | 6 +++++- 2 files changed, 28 insertions(+), 12 deletions(-) (limited to 'chip/g') diff --git a/chip/g/board_id.c b/chip/g/board_id.c index 8052f4dda4..aa721b676f 100644 --- a/chip/g/board_id.c +++ b/chip/g/board_id.c @@ -14,6 +14,8 @@ #define CPRINTS(format, args...) cprints(CC_SYSTEM, format, ## args) #define CPRINTF(format, args...) cprintf(CC_SYSTEM, format, ## args) +#define BLANK_FIELD 0xffffffff + /** * Return the image header for the current image copy */ @@ -23,9 +25,19 @@ const struct SignedHeader *get_current_image_header(void) get_program_memory_addr(system_get_image_copy()); } +static int board_id_type_is_blank(const struct board_id *id) +{ + return (id->type & id->type_inv) == BLANK_FIELD; +} + +static int board_id_flags_are_blank(const struct board_id *id) +{ + return id->flags == BLANK_FIELD; +} + int board_id_is_blank(const struct board_id *id) { - return ~(id->type & id->type_inv & id->flags) == 0; + return board_id_type_is_blank(id) && board_id_flags_are_blank(id); } uint32_t check_board_id_vs_header(const struct board_id *id, @@ -44,21 +56,21 @@ uint32_t check_board_id_vs_header(const struct board_id *id, header_board_id_mask = SIGNED_HEADER_PADDING ^ h->board_id_type_mask; header_board_id_flags = SIGNED_HEADER_PADDING ^ h->board_id_flags; - /* - * Masked bits in header Board ID type must match type and inverse from - * flash. - */ - mismatch = header_board_id_type ^ id->type; - mismatch |= header_board_id_type ^ ~id->type_inv; - mismatch &= header_board_id_mask; - /* * All 1-bits in header Board ID flags must be present in flags from * flash */ - mismatch |= + mismatch = ((header_board_id_flags & id->flags) != header_board_id_flags); - + /* + * Masked bits in header Board ID type must match type and inverse from + * flash. + */ + if (!mismatch && !board_id_type_is_blank(id)) { + mismatch = header_board_id_type ^ id->type; + mismatch |= header_board_id_type ^ ~id->type_inv; + mismatch &= header_board_id_mask; + } return mismatch; } diff --git a/chip/g/board_id.h b/chip/g/board_id.h index 2c000000dc..f06f23190b 100644 --- a/chip/g/board_id.h +++ b/chip/g/board_id.h @@ -41,7 +41,11 @@ const struct SignedHeader *get_current_image_header(void); * Check if board ID in the image matches board ID field in the INFO1. * * Pass the pointer to the image header to check. If the pointer is set to - * NULL, check board ID against the currently running image's header. + * NULL, check board ID against the currently running image's header. All 1 + * bits in header Board ID flags must be present in the board id from flash. + * + * If the board id from flash is blank, board_id_type field from the header is + * ignored and only board_if_flags field is verified to match. * * Return true if there is a mismatch (the code should not run). */ -- cgit v1.2.1