trunks_send: do not update pre 0.0.19 versions unless forced
The way the CR50 handles updates changed in version RW 0.0.19. In
general trunks_send should not be updating earlier versions, because
this would cause a TPM restart on resumes after suspend, the user
should explicitly express the need to update earlier versions.
This patch implements the new policy. In case an older Cr50 is
encountered and the --force command line option is not used, the
utility returns exit code of 2.
TEST=verified that attempts to update cr50 running 0.0.18 get
processed as expected:
localhost ~ # trunks_send --update /opt/google/cr50/firmware/cr50.bin.prod
protocol version: 6
offsets: backup RO at 0x40000, backup RW at 0x4000
Not updating from RW 0.0.18, use --force if necessary
localhost ~ # echo $?
localhost ~ #
also verified that upload with --force succeeds.
Signed-off-by: Vadim Bendebury <email@example.com>
Reviewed-by: Andrey Pronin <firstname.lastname@example.org>
1 file changed