From af8d9a859dce4da8e90700e8378aba78c9a5a015 Mon Sep 17 00:00:00 2001
From: Craig Hesling <hesling@chromium.org>
Date: Fri, 26 Jul 2019 18:58:12 -0700
Subject: chip/host: Add check for TEST_BUILD in trng.c

Due to the possibly unnoticeable security vulnerability
it would cause if the dummy host trng driver made it's way
into production (non-test) code, this change adds a small check
to ensure it is being used only in test or fuzz builds.
This isn't as much of a concern for other dummy host drivers.
For example, including a fake spi driver may simply manifest as
broken feature.

BRANCH=none
BUG=none
TEST=make buildall -j

Change-Id: I31138976566d39ed44d905bbb2c43c5f6decbaf4
Signed-off-by: Craig Hesling <hesling@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1722182
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
---
 chip/host/trng.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'chip/host')

diff --git a/chip/host/trng.c b/chip/host/trng.c
index e27dc9d607..d90415df71 100644
--- a/chip/host/trng.c
+++ b/chip/host/trng.c
@@ -10,6 +10,10 @@
  * as possible to allow reproducing unit tests and fuzzer crashes.
  */
 
+#ifndef TEST_BUILD
+#error "This fake trng driver must not be used in non-test builds."
+#endif
+
 #include <stdint.h>
 #include <stdlib.h> /* Only valid for host */
 
-- 
cgit v1.2.1