Google Git
Sign in
chromium / chromiumos / platform / ec / 114f5cee5ac4af758882a7557cbdf91fbc8e4698
commit114f5cee5ac4af758882a7557cbdf91fbc8e4698[log] [tgz]
authorAseda Aboagye <aaboagye@google.com>Thu Feb 16 00:56:10 2017
committerchrome-bot <chrome-bot@chromium.org>Sun Feb 19 01:26:59 2017
tree0afea58938e54b67116f861780d73cceb4a54f22
parent4ed404432904c3f8e6c9d64e8bb306daf3c687f5 [diff]
g: extension: Add a whitelist for vendor commands.

The USB FW upgrade endpoint should really only accept vendor commands
required to perform the firmware update.  This commit adds a whitelist
that is checked whenever a vendor command is received over this
endpoint.

The allowed commands over USB are the following:

 - EXTENSION_POST_RESET
 - VENDOR_CC_IMMEDIATE_RESET (only for dev images)

There is also functionality to have a whitelist for vendor commands that
come over the TPM interface.

BUG=chrome-os-partner:62815
BRANCH=None
TEST=Flash Cr50 with image containing this change.  Verify that an
upgrade over USB to newer image works.
TEST=Try using usb_updater to send a vendor command that's not in the
whitelist.  Verify that the vendor command is dropped.

Change-Id: I71f8ba090a1cc6c9e7c30ce0dd3c25259e8f292f
Signed-off-by: Aseda Aboagye <aaboagye@google.com>
Reviewed-on: https://chromium-review.googlesource.com/443447
Commit-Ready: Aseda Aboagye <aaboagye@chromium.org>
Tested-by: Aseda Aboagye <aaboagye@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
4 files changed
tree: 0afea58938e54b67116f861780d73cceb4a54f22
  1. board/
  2. builtin/
  3. chip/
  4. common/
  5. core/
  6. cts/
  7. docs/
  8. driver/
  9. extra/
  10. include/
  11. power/
  12. test/
  13. util/
  14. .checkpatch.conf
  15. .gitignore
  16. COMMIT-QUEUE.ini
  17. LICENSE
  18. Makefile
  19. Makefile.rules
  20. Makefile.toolchain
  21. OWNERS
  22. PRESUBMIT.cfg
  23. README
  24. README.fmap
  25. setup.py