From 0474fd10cc2113df9fb7757463d50751ca66ce88 Mon Sep 17 00:00:00 2001 From: Vadim Bendebury Date: Tue, 20 Dec 2016 15:47:44 -0800 Subject: [PATCH] cr50: do not invoke fw_upgrade_complete() if there was no data transfer With expanding USB interface to processing vendor commands and to query current version running on the chip, there are now occurrences of fw_upgrade_complete() invoked at the device startup without actual data transfer. This causes clearing rollback counter before it is actually examined. Let's not invoke fw_upgrade_complete() unless there was actual data transferred for flash programming. BRANCH=none BUG=none TEST=verified on chromebook reboots that the counter value is not changed until the rollback condition is checked. Change-Id: I50bf450882b001ba1c2f38657d27f87f8596b3e2 Signed-off-by: Vadim Bendebury Reviewed-on: https://chromium-review.googlesource.com/422454 Reviewed-by: Bill Richardson --- chip/g/usb_upgrade.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/chip/g/usb_upgrade.c b/chip/g/usb_upgrade.c index 0dee949fa3..82a9cadf21 100644 --- a/chip/g/usb_upgrade.c +++ b/chip/g/usb_upgrade.c @@ -171,6 +171,12 @@ static int try_vendor_command(struct consumer const *consumer, size_t count) */ static uint64_t prev_activity_timestamp; +/* + * A flag indicating that at least one valid PDU containing flash update block + * has been received in the current transfer session. + */ +static uint8_t data_was_transferred; + /* Called to deal with data from the host */ static void upgrade_out_handler(struct consumer const *consumer, size_t count) { @@ -235,8 +241,10 @@ static void upgrade_out_handler(struct consumer const *consumer, size_t count) cmd), &resp_size); - if (!u.startup_resp.return_value) + if (!u.startup_resp.return_value) { rx_state_ = rx_outside_block; /* We're in business. */ + data_was_transferred = 0; /* No data received yet. */ + } /* Let the host know what upgrader had to say. */ QUEUE_ADD_UNITS(&upgrade_to_usb, &u.startup_resp, resp_size); @@ -257,7 +265,11 @@ static void upgrade_out_handler(struct consumer const *consumer, size_t count) if (command == UPGRADE_DONE) { CPRINTS("FW update: done"); - fw_upgrade_complete(); + if (data_was_transferred) { + fw_upgrade_complete(); + data_was_transferred = 0; + } + resp_value = 0; QUEUE_ADD_UNITS(&upgrade_to_usb, &resp_value, 1); @@ -358,6 +370,11 @@ static void upgrade_out_handler(struct consumer const *consumer, size_t count) */ fw_upgrade_command_handler(block_buffer, block_index, &resp_size); + /* + * There was at least an attempt to program the flash, set the + * flag. + */ + data_was_transferred = 1; resp_value = block_buffer[0]; QUEUE_ADD_UNITS(&upgrade_to_usb, &resp_value, sizeof(resp_value)); rx_state_ = rx_outside_block;