mirror of
https://github.com/Telecominfraproject/OpenCellular.git
synced 2026-01-08 00:21:46 +00:00
rollback: Include board-generated entropy when adding entropy
Mix in board-generated entropy with the externally provided one,
which should help make the per-device secret stronger.
BRANCH=none
BUG=b:38486828
TEST=reboot; rollbackaddent Hello => works fine when USB is connected,
fails otherwise, as board-generated entropy relies on USB timing.
Change-Id: I314f44759c5f8b859913a748db95e9d42b5cdd11
Reviewed-on: https://chromium-review.googlesource.com/518609
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
This commit is contained in:
Nicolas Boichat
committed by
chrome-bot
chrome-bot
parent
39db721f9a
commit
6d05a31a44
@@ -196,6 +196,7 @@
|
||||
*/
|
||||
#define CONFIG_ROLLBACK
|
||||
#define CONFIG_ROLLBACK_SECRET_SIZE 32
|
||||
#define CONFIG_ROLLBACK_SECRET_LOCAL_ENTROPY_SIZE 32
|
||||
#define CONFIG_FLASH_PROTECT_RW
|
||||
#ifdef SECTION_IS_RW
|
||||
#undef CONFIG_ROLLBACK_UPDATE
|
||||
|
||||
@@ -135,24 +135,34 @@ int rollback_lock(void)
|
||||
#ifdef CONFIG_ROLLBACK_UPDATE
|
||||
|
||||
#ifdef CONFIG_ROLLBACK_SECRET_SIZE
|
||||
static void add_entropy(uint8_t *dst, const uint8_t *src,
|
||||
static int add_entropy(uint8_t *dst, const uint8_t *src,
|
||||
uint8_t *add, unsigned int add_len)
|
||||
{
|
||||
#ifdef CONFIG_SHA256
|
||||
BUILD_ASSERT(SHA256_DIGEST_SIZE == CONFIG_ROLLBACK_SECRET_SIZE);
|
||||
struct sha256_ctx ctx;
|
||||
uint8_t *hash;
|
||||
uint8_t extra;
|
||||
int i;
|
||||
|
||||
SHA256_init(&ctx);
|
||||
SHA256_update(&ctx, src, CONFIG_ROLLBACK_SECRET_SIZE);
|
||||
SHA256_update(&ctx, add, add_len);
|
||||
/* TODO(b:38486828): Add other sources of entropy (e.g. device id) */
|
||||
#ifdef CONFIG_ROLLBACK_SECRET_LOCAL_ENTROPY_SIZE
|
||||
/* Add some locally produced entropy */
|
||||
for (i = 0; i < CONFIG_ROLLBACK_SECRET_LOCAL_ENTROPY_SIZE; i++) {
|
||||
if (!board_get_entropy(&extra, 1))
|
||||
return 0;
|
||||
SHA256_update(&ctx, &extra, 1);
|
||||
}
|
||||
#endif
|
||||
hash = SHA256_final(&ctx);
|
||||
|
||||
memcpy(dst, hash, CONFIG_ROLLBACK_SECRET_SIZE);
|
||||
#else
|
||||
#error "Adding entropy to secret in rollback region requires SHA256."
|
||||
#endif
|
||||
return 1;
|
||||
}
|
||||
#endif /* CONFIG_ROLLBACK_SECRET_SIZE */
|
||||
|
||||
@@ -212,8 +222,10 @@ static int rollback_update(int32_t next_min_version,
|
||||
* If we are provided with some entropy, add it to secret. Otherwise,
|
||||
* data.secret is left untouched and written back to the other region.
|
||||
*/
|
||||
if (entropy)
|
||||
add_entropy(data.secret, data.secret, entropy, length);
|
||||
if (entropy) {
|
||||
if (!add_entropy(data.secret, data.secret, entropy, length))
|
||||
return EC_ERROR_UNCHANGED;
|
||||
}
|
||||
#endif
|
||||
data.cookie = CROS_EC_ROLLBACK_COOKIE;
|
||||
|
||||
|
||||
@@ -1159,6 +1159,13 @@
|
||||
/* If defined, add support for storing some entropy in the rollback region. */
|
||||
#undef CONFIG_ROLLBACK_SECRET_SIZE
|
||||
|
||||
/*
|
||||
* If defined, inject some locally generated entropy when secret is updated,
|
||||
* using board_get_entropy function.
|
||||
* Large values may take a long time to generate.
|
||||
*/
|
||||
#undef CONFIG_ROLLBACK_SECRET_LOCAL_ENTROPY_SIZE
|
||||
|
||||
/* If defined, we can update rollback information (RW can unset this). */
|
||||
#define CONFIG_ROLLBACK_UPDATE
|
||||
|
||||
|
||||
Reference in New Issue
Block a user