Implement actual rollback protection. First, we add a new field
in the version structure, which is an incrementing integer
(we'll start by shipping images with version 0, and gradually
increase the number as required). This allows us to release
new versions of the EC without necessarily bumping the rollback
protection.
For the rollback protection block itself, it contains 2 sub-blocks
of equal size (normally, 2k), that are individually erasable.
The rollback code looks at both, and takes the most restrictive one
to determine the desired rollback minimum version. The blocks
are also allowed to be erased (full of 1's), in which case the
rollback minimum version is assumed to be 0.
We also add an FMAP entry, in case we later decide to allow the
signer to increment the rollback version.
Also note that, like any version_data struct change, this change
breaks compatibility between old and new RO/RW.
Follow-up code will take care of auto-updating the rollback block
as required, and properly manage block protection.
BRANCH=none
BUG=b:35586219
TEST=Flash hammer
rollbackinfo => 1 version 0 block, 1 empty block, RW verifies
correctly.
rollbackupdate 0; rollbackinfo => No change
rollbackupdate 1; reboot => RO refuses to jump to RW
rollbackupdate 2, 3, 4; rollbackinfo => Writes alternate
between the 2 blocks.
rollbackupdate 2 => Refuses to downgrade version
Change-Id: Ia969afb481a93deb912b9153bdd95ace01ad8fa7
Reviewed-on: https://chromium-review.googlesource.com/452815
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Store our image size (known at build time) in our version struct (now
renamed to image_data). This will allow us to more efficiently determine
the size of an image in a follow-up CL.
Note that compatibility is broken for old ROs that do not include this
CL.
BUG=chromium:577915
TEST=Verify on kevin + lars + lars_pd that stored image size matches
output of system_get_image_used() for both RO and RW images.
BRANCH=None
Change-Id: I7b8dc3ac8cf2df3184d0701a0e0ec8032de8d81b
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/450858
Commit-Ready: Shawn N <shawnn@chromium.org>
Tested-by: Shawn N <shawnn@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Store our image size (known at build time) in our version struct (now
renamed to image_data). This will allow us to more efficiently determine
the size of an image in a follow-up CL.
Note that compatibility is broken for old ROs that do not include this
CL.
BUG=chromium:577915
TEST=Verify on kevin + lars + lars_pd that stored image size matches
output of system_get_image_used() for both RO and RW images.
BRANCH=None
Change-Id: I49ea5fc27a7f11f66daba485a87d0dfe7d0c770f
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/427408
Commit-Ready: Shawn N <shawnn@chromium.org>
Tested-by: Shawn N <shawnn@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Change the zinger software version returned by VDO_CMD_READ_INFO
to report the commit count portion of the version string to make
the software version automatically change. This software version
is important for debugging and is printed to PD console every time
a zinger is attached.
BUG=none
BRANCH=none
TEST=load onto zinger and samus, plug in zinger and see:
Dev:1 SW:2147 RW:0
compare to the version string in zinger binary and we see:
zinger_v1.1.2147-...
Change-Id: Ieafe89b4b16cee076be17bcbc6774bbd7fc24f8e
Signed-off-by: Alec Berg <alecaberg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214428
Reviewed-by: Todd Broch <tbroch@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
we don't want to get a __packed symbol,
so we need to define __package attribute before using it for
"struct version_struct".
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=none
BUG=none
TEST="make buildall" and verify that we no longer have a __packed
symbol in any of the build/<board/ec.{RO|RW}.map.
Change-Id: I4c229660f9b751a9149c08261fe71154067e6e62
Reviewed-on: https://chromium-review.googlesource.com/189223
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
The version struct and EC_CMD_GET_VERSION assume 32-character version
strings. But if the git tree is dirty and the board name is long, the
version string overflows that limit.
This change truncates what's stored in the version string to fit.
The build info still contains the full version string, as it did before.
BUG=chrome-os-partner:21156
BRANCH=none
TEST=build BOARD=mccroskey with a dirty tree; it should build.
Then cat build/mccroskey/ec_version.h to see CROS_EC_VERSION32 has
truncated the version string. Then build a platform of your choice
and type 'version' to see that the version string and build info is
still reported correctly.
Change-Id: Ie71b8efd99a83315f8b4d5ad10c51e48781b12f4
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/62649
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Add build information (date/time/builder) which can be displayed at the
EC console.
Generate a version from the board name and the branch tag.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BUG=chromium-os:27013
TEST=on BDS, run version command on the console.
inspect the built binary.
Change-Id: Idb1f68898ba6b811d02919f17ab4536ed9f8934a
