From dc49a6827670abc0f2dc45178c2623e070ff5961 Mon Sep 17 00:00:00 2001 From: Daisuke Nojiri Date: Wed, 13 May 2015 15:32:14 -0700 Subject: [PATCH] Detect GBB 1.1 also as impcompatible version Older GBB headers (e.g. 1.0 and 1.1) do not have hwid_digest. In such cases, PCR1 is currently extended from 0, causing a remote attestation failure. This change makes all GBB headers older than 1.2 incompatible. BUG=none BRANCH=tot TEST=make -j runtests Change-Id: I7a3b19c2da325a3fa4b9c1fe06ed6f43cb51fb9e Signed-off-by: Daisuke Nojiri Reviewed-on: https://chromium-review.googlesource.com/270796 Reviewed-by: Bill Richardson --- firmware/2lib/2misc.c | 4 ++-- tests/vb2_misc_tests.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c index 8d2cbf3fa6..31884732e0 100644 --- a/firmware/2lib/2misc.c +++ b/firmware/2lib/2misc.c @@ -49,8 +49,8 @@ int vb2_read_gbb_header(struct vb2_context *ctx, struct vb2_gbb_header *gbb) if (gbb->major_version != VB2_GBB_MAJOR_VER) return VB2_ERROR_GBB_VERSION; - /* Current code is not backwards-compatible to 1.0 headers */ - if (gbb->minor_version == 0) + /* Current code is not backwards-compatible to 1.1 headers or older */ + if (gbb->minor_version < VB2_GBB_MINOR_VER) return VB2_ERROR_GBB_TOO_OLD; /* diff --git a/tests/vb2_misc_tests.c b/tests/vb2_misc_tests.c index 437b247f7c..4d8045091e 100644 --- a/tests/vb2_misc_tests.c +++ b/tests/vb2_misc_tests.c @@ -166,8 +166,8 @@ static void gbb_tests(void) TEST_SUCC(vb2_read_gbb_header(&cc, &gbbdest), "read gbb header minor++"); gbb.minor_version = 1; - TEST_SUCC(vb2_read_gbb_header(&cc, &gbbdest), - "read gbb header 1.1"); + TEST_EQ(vb2_read_gbb_header(&cc, &gbbdest), + VB2_ERROR_GBB_TOO_OLD, "read gbb header 1.1 fails"); gbb.minor_version = 0; TEST_EQ(vb2_read_gbb_header(&cc, &gbbdest), VB2_ERROR_GBB_TOO_OLD, "read gbb header 1.0 fails");