mirror of
https://github.com/Telecominfraproject/OpenCellular.git
synced 2025-12-30 18:41:11 +00:00
ccad39d1b8
For pairing purpose, we want to store some secret random number in
the base. The most convenient location for this is the rollback
region.
Since the rollback region can now be updated without incrementing
rollback_min_version (when we add entropy to the secret), we need
to add an increasing id to tell the code which rollback region is
the latest.
We also add console commands to manually add entropy.
BRANCH=none
BUG=b:38486828
TEST=Flash hammer (with or without CONFIG_ROLLBACK_ENTROPY_SIZE set)
rollbackinfo => 1 version 0 block, 1 empty block, RW verifies
correctly.
rollbackupdate 0; rollbackinfo => No change
rollbackupdate 1; reboot => RO refuses to jump to RW
only when CONFIG_ROLLBACK_ENTROPY_SIZE is set:
rollbackinfo => Secret is [00..00] on both blocks (so the data
was copied correctly)
rollbackupdate 2, 3, 4; rollbackinfo => Writes alternate
between the 2 blocks.
rollbackupdate 2 => Refuses to downgrade version
TEST=From blank secret [00..00], 'rollbackaddent Hello' updates it
to [ba..fa], which matches the output of:
(dd if=/dev/zero bs=1 count=32; echo -n Hello) | sha256sum
Change-Id: I79c3e790e56e21958cc1b4ba05bd4e5f359d3090
Reviewed-on: https://chromium-review.googlesource.com/511985
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
63 lines
1.6 KiB
ArmAsm
63 lines
1.6 KiB
ArmAsm
/* Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
|
|
* Use of this source code is governed by a BSD-style license that can be
|
|
* found in the LICENSE file.
|
|
*
|
|
* Build the full image with up to three program components (one Read only,
|
|
* and one or two Read write).
|
|
*/
|
|
|
|
#include "config.h"
|
|
#include "rollback.h"
|
|
|
|
#define FW_FILE(builddir,proj,sect,suffix,ext) \
|
|
builddir##/##sect##/##proj##.##sect##suffix##.flat##ext
|
|
|
|
#define STRINGIFY0(name) #name
|
|
#define STRINGIFY(name) STRINGIFY0(name)
|
|
#define FW_IMAGE(sect,suffix) \
|
|
STRINGIFY(FW_FILE(FINAL_OUTDIR,PROJECT,sect,suffix,))
|
|
#define FW_IMAGE_SIGN(sect,suffix) \
|
|
STRINGIFY(FW_FILE(FINAL_OUTDIR,PROJECT,sect,suffix,.sig))
|
|
|
|
/* Read Only firmware */
|
|
#ifdef CONFIG_FW_INCLUDE_RO
|
|
.section .image.RO, "ax"
|
|
.incbin FW_IMAGE(RO,)
|
|
#endif
|
|
|
|
#ifdef CONFIG_RWSIG_TYPE_RWSIG
|
|
.section .image.RO.key, "a"
|
|
.incbin STRINGIFY(FINAL_OUTDIR/key.vbpubk2)
|
|
#endif
|
|
|
|
#ifdef CONFIG_ROLLBACK
|
|
/* Note: matches struct rollback_data in common/rollback.c. */
|
|
.section .image.ROLLBACK, "a"
|
|
.long 0
|
|
.long CONFIG_ROLLBACK_VERSION
|
|
#ifdef CONFIG_ROLLBACK_SECRET_SIZE
|
|
.space CONFIG_ROLLBACK_SECRET_SIZE, 0
|
|
#endif
|
|
.long CROS_EC_ROLLBACK_COOKIE
|
|
#endif
|
|
|
|
/* Shared objects library */
|
|
#ifdef CONFIG_SHAREDLIB
|
|
.section .image.libsharedobjs, "ax"
|
|
.incbin STRINGIFY(FINAL_OUTDIR/libsharedobjs/libsharedobjs.flat)
|
|
#endif
|
|
|
|
/* Read Write firmware */
|
|
.section .image.RW, "ax"
|
|
.incbin FW_IMAGE(RW,)
|
|
|
|
#ifdef CONFIG_RWSIG_TYPE_RWSIG
|
|
.section .image.RW.sign, "a"
|
|
.incbin FW_IMAGE_SIGN(RW,)
|
|
#endif
|
|
|
|
#ifdef CONFIG_RW_B
|
|
.section .image.RW_B, "ax"
|
|
.incbin FW_IMAGE(RW,_B)
|
|
#endif
|