diff options
author | Rob Austein <sra@hactrn.net> | 2016-12-21 21:28:18 -0500 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2016-12-21 21:28:18 -0500 |
commit | 147208e5724d92f49f7252d0e877979ff4424173 (patch) | |
tree | 040c80e19a3a1355c34361fa3150a55aa7e60064 | |
parent | 9e725cd708b743a7907412c9d004f5d67569d80e (diff) |
Add hal_ks_init_read_only_pins_only() so bootloader can use PINs.
-rw-r--r-- | hal_internal.h | 2 | ||||
-rw-r--r-- | ks_flash.c | 35 |
2 files changed, 37 insertions, 0 deletions
diff --git a/hal_internal.h b/hal_internal.h index 9aa360b..a8f88e2 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -356,6 +356,8 @@ extern hal_error_t hal_get_pin(const hal_user_t user, extern hal_error_t hal_set_pin(const hal_user_t user, const hal_ks_pin_t * const pin); +extern void hal_ks_init_read_only_pins_only(void); + /* * Master key memory (MKM) and key-encryption-key (KEK). * @@ -1786,6 +1786,41 @@ const hal_ks_driver_t hal_ks_token_driver[1] = {{ */ /* + * Special bonus init routine used only by the bootloader, so that it + * can read PINs set by the main firmware. Yes, this is a kludge. We + * could of course call the real ks_init() routine instead, but it's + * slow, and we don't want to allow anything that would modify the + * flash here, so having a special entry point for this kludge is + * simplest, overall. Sigh. + */ + +void hal_ks_init_read_only_pins_only(void) +{ + unsigned b, best_seen = ~0; + flash_block_t block[1]; + + for (b = 0; b < NUM_FLASH_BLOCKS; b++) { + if (block_read(b, block) != HAL_OK || block_get_type(block) != BLOCK_TYPE_PIN) + continue; + best_seen = b; + if (block_get_status(block) == BLOCK_STATUS_LIVE) + break; + } + + if (b != best_seen && best_seen != ~0 && block_read(best_seen, block) != HAL_OK) + best_seen = ~0; + + if (best_seen == ~0) { + memset(block, 0xFF, sizeof(*block)); + block->pin.wheel_pin = hal_last_gasp_pin; + } + + db.wheel_pin = block->pin.wheel_pin; + db.so_pin = block->pin.so_pin; + db.user_pin = block->pin.user_pin; +} + +/* * Fetch PIN. This is always cached, so just returned cached value. */ |