chip/g: Run unrestricted image even if Board ID can't be read

Previously, an error reading Board ID would prevent any image from running, even a wildcard (unrestricted) image with mask=flags=0 which would match any Board ID. Now, if Board ID can't be read, match the image against type=type_inv=flags=0. This will match only an unrestricted image. (This is better than checking directly for an unrestricted image, because that check is more susceptible to clock-jitter-induced errors.) BUG=b:67651806 BRANCH=cr50 TEST=Hack read_board_id() to return error. See that an unrestricted image will now boot. Change-Id: I1071e146b4541e8efd50c8409b8f76012a107731 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/713574 Reviewed-by: Mary Ruthven <mruthven@chromium.org>
2026-01-05 22:41:44 +00:00 · 2017-10-11 09:51:58 -07:00
parent c1afa30794
commit 7d9bd07693
1 changed files with 11 additions and 2 deletions
--- a/chip/g/board_id.c
+++ b/chip/g/board_id.c
@@ -103,8 +103,17 @@ uint32_t board_id_mismatch(const struct SignedHeader *sh)
 		sh = get_current_image_header();

 	/* Get Board ID from INFO1. */
-	if (read_board_id(&id) != EC_SUCCESS)
-		return 1;
+	if (read_board_id(&id) != EC_SUCCESS) {
+		/*
+		 * On failure, set id fields to 0.  This will only match an
+		 * unrestricted image header (board_id_mask=board_id_flags=0),
+		 * which would run on any Board ID.
+		 *
+		 * Don't return error, because that would prevent all images
+		 * from running.
+		 */
+		id.type = id.type_inv = id.flags = 0;
+	}

 	return check_board_id_vs_header(&id, sh);
 }