Google Git
Sign in
cos / mirrors / cros / chromiumos / platform / vboot_reference / refs/heads/stabilize-11101.B^! / .
commit5bc8f9c7f9ddda443d5d7214034192c5d9091887[log] [tgz]
authorHung-Te Lin <hungte@chromium.org>Fri Sep 21 17:39:46 2018 +0800
committerchrome-bot <chrome-bot@chromium.org>Fri Sep 21 10:11:34 2018 -0700
tree80b09c37c107fe6a2a891b9ed002df92ca918e5e
parentcc77bb21ebf1e131a6a8333e89709a1b8f195817 [diff]
futility: update: Skip TPM check if tpm_fwver is not valid.

Ideally we should fail if `tpm_fwver` can't be retrieved, but if an user can
run the updater then his system is already up so it's more likely to be a
vboot library issue (especially in early proto devices) that the crossystem
values were not reported correctly.

As a result, it seems more reasonable to skip checking TPM anti-rollback if
`tpm_fwver` can't be retrieved.

BRANCH=None
BUG=b:115764295
TEST=make futil; tests/futility/run_test_scripts.sh $(pwd)/build/futility

Change-Id: I7b6bf72531edb334a465c730fe8b3fbafa469b3a
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1238099
Reviewed-by: Joel Kitching <kitching@chromium.org>

diff --git a/futility/cmd_update.c b/futility/cmd_update.c
index 81fd8f4..c489791 100644
--- a/futility/cmd_update.c
+++ b/futility/cmd_update.c

@@ -1400,10 +1400,20 @@
 		     tpm_data_key_version = 0, tpm_firmware_version = 0,
 		     tpm_fwver = 0;
 
+	/* Fail if the given image does not look good. */
+	if (get_key_versions(rw_image, FMAP_RW_VBLOCK_A, &data_key_version,
+			     &firmware_version) != 0)
+		return -1;
+
 	tpm_fwver = get_system_property(SYS_PROP_TPM_FWVER, cfg);
 	if (tpm_fwver <= 0) {
-		ERROR("Invalid tpm_fwver: %d.", tpm_fwver);
-		return -1;
+		ERROR("Invalid tpm_fwver: %#x (skipped checking).", tpm_fwver);
+		/*
+		 * This is an error, but it may be common for early proto
+		 * devices so we don't want to fail here. Just skip checking TPM
+		 * if system tpm_fwver can't be fetched.
+		 */
+		return 0;
 	}
 
 	tpm_data_key_version = tpm_fwver >> 16;
@@ -1411,10 +1421,6 @@
 	DEBUG("TPM: data_key_version = %d, firmware_version = %d",
 	      tpm_data_key_version, tpm_firmware_version);
 
-	if (get_key_versions(rw_image, FMAP_RW_VBLOCK_A, &data_key_version,
-			     &firmware_version) != 0)
-		return -1;
-
 	if (tpm_data_key_version > data_key_version) {
 		ERROR("Data key version rollback detected (%d->%d).",
 		      tpm_data_key_version, data_key_version);

diff --git a/tests/futility/test_update.sh b/tests/futility/test_update.sh
index b74c7ea..8c5e0d5 100755
--- a/tests/futility/test_update.sh
+++ b/tests/futility/test_update.sh

@@ -158,6 +158,14 @@
 	"${FROM_IMAGE}" "!Firmware version rollback detected (5->4)" \
 	-i "${TO_IMAGE}" --wp=0 --sys_props 1,0x10005,1
 
+test_update "Full update (Skip TPM check due to invalid tpm_fwver)" \
+	"${FROM_IMAGE}" "${TMP}.expected.full" \
+	-i "${TO_IMAGE}" --wp=0 --sys_props 0,0x0,1
+
+test_update "Full update (Skip TPM check due to tpm_fwver error)" \
+	"${FROM_IMAGE}" "${TMP}.expected.full" \
+	-i "${TO_IMAGE}" --wp=0 --sys_props 0,-1,1
+
 # Test RW-only update.
 test_update "RW update" \
 	"${FROM_IMAGE}" "${TMP}.expected.rw" \