Edward O'Callaghan has uploaded this change for review. ( https://review.coreboot.org/c/flashrom/+/69516 )
Change subject: flashrom.c: Use goto in err path of prepare_flash_access()
......................................................................
flashrom.c: Use goto in err path of prepare_flash_access()
A goto is useful in the special case of error paths in C for
making control flow and cleanups easier to manage.
Change-Id: Ie4f885d7f01fc78e6e431e96435757108bbf0005
Signed-off-by: Edward O'Callaghan <quasisec(a)google.com>
---
M flashrom.c
1 file changed, 23 insertions(+), 6 deletions(-)
git pull ssh://review.coreboot.org:29418/flashrom refs/changes/16/69516/1
diff --git a/flashrom.c b/flashrom.c
index 5483af3..b1782d9 100644
--- a/flashrom.c
+++ b/flashrom.c
@@ -1688,18 +1688,20 @@
const bool read_it, const bool write_it,
const bool erase_it, const bool verify_it)
{
+ int ret = 1;
+
if (chip_safety_check(flash, flash->flags.force, read_it, write_it, erase_it, verify_it)) {
msg_cerr("Aborting.\n");
- return 1;
+ goto err_out;
}
if (layout_sanity_checks(flash)) {
msg_cerr("Requested regions can not be handled. Aborting.\n");
- return 1;
+ goto err_out;
}
if (map_flash(flash) != 0)
- return 1;
+ goto err_out;
/* Initialize chip_restore_fn_count before chip unlock calls. */
flash->chip_restore_fn_count = 0;
@@ -1718,24 +1720,26 @@
if ((flash->chip->feature_bits & FEATURE_4BA_NATIVE) != FEATURE_4BA_NATIVE
|| !spi_master_4ba(flash)) {
msg_cerr("Programmer doesn't support this chip. Aborting.\n");
- return 1;
+ goto err_out;
}
}
/* Enable/disable 4-byte addressing mode if flash chip supports it */
if (flash->chip->feature_bits & (FEATURE_4BA_ENTER | FEATURE_4BA_ENTER_WREN | FEATURE_4BA_ENTER_EAR7)) {
- int ret;
if (spi_master_4ba(flash))
ret = spi_enter_4ba(flash);
else
ret = spi_exit_4ba(flash);
if (ret) {
msg_cerr("Failed to set correct 4BA mode! Aborting.\n");
- return 1;
+ goto err_out;
}
}
return 0;
+
+err_out:
+ return ret;
}
void finalize_flash_access(struct flashctx *const flash)
--
To view, visit https://review.coreboot.org/c/flashrom/+/69516
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: Ie4f885d7f01fc78e6e431e96435757108bbf0005
Gerrit-Change-Number: 69516
Gerrit-PatchSet: 1
Gerrit-Owner: Edward O'Callaghan <quasisec(a)chromium.org>
Gerrit-MessageType: newchange
Attention is currently required from: Evan Benn.
Anastasia Klimchuk has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/69263 )
Change subject: tests: Mock the mode_t variant of open
......................................................................
Patch Set 4:
(3 comments)
File tests/io_mock.h:
https://review.coreboot.org/c/flashrom/+/69263/comment/ef610289_b0e82984
PS4, Line 37: #include <fcntl.h>
Is this a platform-specific header? Is this header present on non-Linux environments? The unit tests are running not only on Linux.
File tests/tests.c:
https://review.coreboot.org/c/flashrom/+/69263/comment/c7d5b98e_732aa5b3
PS4, Line 21: #include <fcntl.h>
If you need to include the same header twice, this means it needs to be included on a higher level, so that it will be included only once.
Specifically, the right place seems to be `include/test.h`.
I see that `io_mock.h` does not include `include/test.h` however `io_mock.c` includes it.
Which means: you can do a little refactoring, in a separate patch before this one. Move include of `include/test.h` from `io_mock.c` into `io_mock.h`.
And after that, this patch can add fcntl.h into `include/test.h`.
But see also my other comment.
File tests/wraps.h:
https://review.coreboot.org/c/flashrom/+/69263/comment/375fadec_4d07bd67
PS4, Line 31: int __wrap_open(const char *pathname, int flags, ...);
: int __wrap_open64(const char *pathname, int flags, ...);
: int __wrap___open64_2(const char *pathname, int flags, ...);
Just to check, will the wraps still capture two-args variant of `open` calls?
--
To view, visit https://review.coreboot.org/c/flashrom/+/69263
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: I8c134e6d36a248d0f51985e389085a9e585fb83d
Gerrit-Change-Number: 69263
Gerrit-PatchSet: 4
Gerrit-Owner: Evan Benn <evanbenn(a)google.com>
Gerrit-Reviewer: Anastasia Klimchuk <aklm(a)chromium.org>
Gerrit-Reviewer: Angel Pons <th3fanbus(a)gmail.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-Attention: Evan Benn <evanbenn(a)google.com>
Gerrit-Comment-Date: Sun, 13 Nov 2022 21:43:23 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment
Attention is currently required from: Edward O'Callaghan.
Anastasia Klimchuk has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/69471 )
Change subject: flashrom.c: Drop redundant chip read validation in verify_range()
......................................................................
Patch Set 2: Code-Review+2
--
To view, visit https://review.coreboot.org/c/flashrom/+/69471
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: Ifc57dd89715115e03d013691352463a8b3c0dc52
Gerrit-Change-Number: 69471
Gerrit-PatchSet: 2
Gerrit-Owner: Edward O'Callaghan <quasisec(a)chromium.org>
Gerrit-Reviewer: Anastasia Klimchuk <aklm(a)chromium.org>
Gerrit-Reviewer: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-Attention: Edward O'Callaghan <quasisec(a)chromium.org>
Gerrit-Comment-Date: Sun, 13 Nov 2022 20:54:44 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
Attention is currently required from: Thomas Heijligen, Alexander Goncharov.
Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/69442 )
Change subject: Makefile: add `uninstall` target
......................................................................
Patch Set 1:
(1 comment)
Patchset:
PS1:
Even if we'd say this is a new feature, and not something to complement an
existing one: Does saying "we won't add more features" imply "we won't accept
patches"? The reason for me to agree to the former was that I was thinking
we shouldn't invest much more into the makefile. Not to block anybody else
from doing so.
(I think it doesn't matter anymore. We've spend so much time with this already,
if we had said "we continue adding features", it might have been overall cheaper.
One more reason not to agree to anything in meetings.)
--
To view, visit https://review.coreboot.org/c/flashrom/+/69442
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: I04c4f8ac5ec8ffb715b2cc3104521b90b76d7e3a
Gerrit-Change-Number: 69442
Gerrit-PatchSet: 1
Gerrit-Owner: Alexander Goncharov <chat(a)joursoir.net>
Gerrit-Reviewer: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Reviewer: Thomas Heijligen <src(a)posteo.de>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-CC: Nico Huber <nico.h(a)gmx.de>
Gerrit-CC: Richard Hughes <hughsient(a)gmail.com>
Gerrit-Attention: Thomas Heijligen <src(a)posteo.de>
Gerrit-Attention: Alexander Goncharov <chat(a)joursoir.net>
Gerrit-Comment-Date: Sun, 13 Nov 2022 09:40:42 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment
Edward O'Callaghan has submitted this change. ( https://review.coreboot.org/c/flashrom/+/69130 )
(
3 is the latest approved patch-set.
No files were changed between the latest approved patch-set and the submitted one.
)Change subject: tests: ensure chip erase operation is executed
......................................................................
tests: ensure chip erase operation is executed
The `full_chip_erase_with_wp_dummyflasher_test_success` test case
checks that erasing a write-protected region of a dummyflasher chip
fails.
However erase optimization may cause the erase operation to be skipped
if the flash contents are already erased, so the erase operation appears
to succeed and the test case fails.
Writing a non-erased value to the chip ensures that an erase operation
will be executed and write protection will be properly tested.
BUG=b:237620197
BRANCH=none
TEST=ninja test
Change-Id: Ia00444dcd2ad96c64832a13201efbd064cd7302d
Signed-off-by: Nikolai Artemiev <nartemiev(a)google.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/69130
Tested-by: build bot (Jenkins) <no-reply(a)coreboot.org>
Reviewed-by: Anastasia Klimchuk <aklm(a)chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec(a)chromium.org>
Reviewed-by: Angel Pons <th3fanbus(a)gmail.com>
---
M include/flash.h
M tests/chip_wp.c
2 files changed, 40 insertions(+), 0 deletions(-)
Approvals:
build bot (Jenkins): Verified
Angel Pons: Looks good to me, approved
Edward O'Callaghan: Looks good to me, approved
Anastasia Klimchuk: Looks good to me, approved
diff --git a/include/flash.h b/include/flash.h
index 238d010..ea8e25b 100644
--- a/include/flash.h
+++ b/include/flash.h
@@ -156,6 +156,7 @@
#define FEATURE_WRSR3 (1 << 23)
#define ERASED_VALUE(flash) (((flash)->chip->feature_bits & FEATURE_ERASED_ZERO) ? 0x00 : 0xff)
+#define UNERASED_VALUE(flash) (((flash)->chip->feature_bits & FEATURE_ERASED_ZERO) ? 0xff : 0x00)
enum test_state {
OK = 0,
diff --git a/tests/chip_wp.c b/tests/chip_wp.c
index c308959..40303ff 100644
--- a/tests/chip_wp.c
+++ b/tests/chip_wp.c
@@ -63,6 +63,7 @@
static const struct flashchip chip_W25Q128_V = {
.vendor = "aklm&dummyflasher",
.total_size = 16 * 1024,
+ .page_size = 1024,
.tested = TEST_OK_PREW,
.read = SPI_CHIP_READ,
.write = SPI_CHIP_WRITE256,
@@ -268,6 +269,14 @@
this stage WP is not enabled and erase completes successfully. */
assert_int_equal(0, flashrom_flash_erase(&flash));
+ /* Write non-erased value to entire chip so that erase operations cannot
+ * be optimized away. */
+ unsigned long size = flashrom_flash_getsize(&flash);
+ uint8_t *const contents = malloc(size);
+ memset(contents, UNERASED_VALUE(&flash), size);
+ assert_int_equal(0, flashrom_image_write(&flash, contents, size, NULL));
+ free(contents);
+
assert_int_equal(0, flashrom_wp_read_cfg(wp_cfg, &flash));
/* Hardware-protect first 4 KiB. */
--
To view, visit https://review.coreboot.org/c/flashrom/+/69130
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: Ia00444dcd2ad96c64832a13201efbd064cd7302d
Gerrit-Change-Number: 69130
Gerrit-PatchSet: 5
Gerrit-Owner: Nikolai Artemiev <nartemiev(a)google.com>
Gerrit-Reviewer: Anastasia Klimchuk <aklm(a)chromium.org>
Gerrit-Reviewer: Angel Pons <th3fanbus(a)gmail.com>
Gerrit-Reviewer: Edward O'Callaghan <quasisec(a)chromium.org>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-MessageType: merged
Attention is currently required from: Felix Singer.
Edward O'Callaghan has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/69473 )
Change subject: flashrom.c: Position heap alloc along side check in compare_range()
......................................................................
Patch Set 1:
(1 comment)
File flashrom.c:
https://review.coreboot.org/c/flashrom/+/69473/comment/3cffbac7_41734ec3
PS1, Line 451: uint8_t *cmpbuf = malloc(len);
> I would keep the declaration here and move the malloc down.
Why the ANSI C89 requirement, isn't C99 closer to 2023, nearly a 34yo requirement of the toolchain.
--
To view, visit https://review.coreboot.org/c/flashrom/+/69473
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: I0386ac4c09a541cb9a659b2410ce49c3292ecc6e
Gerrit-Change-Number: 69473
Gerrit-PatchSet: 1
Gerrit-Owner: Edward O'Callaghan <quasisec(a)chromium.org>
Gerrit-Reviewer: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-Attention: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Comment-Date: Sun, 13 Nov 2022 07:48:08 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Felix Singer <felixsinger(a)posteo.net>
Gerrit-MessageType: comment
Attention is currently required from: Edward O'Callaghan, Anastasia Klimchuk.
Hello Felix Singer, build bot (Jenkins), Anastasia Klimchuk,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/flashrom/+/69471
to look at the new patch set (#2).
Change subject: flashrom.c: Drop redundant chip read validation in verify_range()
......................................................................
flashrom.c: Drop redundant chip read validation in verify_range()
The 'chip_safety_check()' already validates the chip structure
within 'prepare_flash_access()' before all subsequent chip operations
such as 'verify_range()' and therefore the chip structure is
guaranteed to be valid in the domain of those operations.
BUG=none
BRANCH=none
TEST=builds
Change-Id: Ifc57dd89715115e03d013691352463a8b3c0dc52
Signed-off-by: Edward O'Callaghan <quasisec(a)google.com>
---
M flashrom.c
1 file changed, 19 insertions(+), 5 deletions(-)
git pull ssh://review.coreboot.org:29418/flashrom refs/changes/71/69471/2
--
To view, visit https://review.coreboot.org/c/flashrom/+/69471
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: Ifc57dd89715115e03d013691352463a8b3c0dc52
Gerrit-Change-Number: 69471
Gerrit-PatchSet: 2
Gerrit-Owner: Edward O'Callaghan <quasisec(a)chromium.org>
Gerrit-Reviewer: Anastasia Klimchuk <aklm(a)chromium.org>
Gerrit-Reviewer: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-Attention: Edward O'Callaghan <quasisec(a)chromium.org>
Gerrit-Attention: Anastasia Klimchuk <aklm(a)chromium.org>
Gerrit-MessageType: newpatchset
Attention is currently required from: Felix Singer.
Edward O'Callaghan has posted comments on this change. ( https://review.coreboot.org/c/flashrom/+/69472 )
Change subject: tree/: Make heap alloc checks err msg consistent
......................................................................
Patch Set 1:
(1 comment)
Patchset:
PS1:
> I am wondering if it makes sense to introduce an inline function or a define for these.
Yes probably, but you could do that as a separate change as that changes the control flow graph.
--
To view, visit https://review.coreboot.org/c/flashrom/+/69472
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: Id84a9f15c33781efc494ed36a1c7cec82a0333d6
Gerrit-Change-Number: 69472
Gerrit-PatchSet: 1
Gerrit-Owner: Edward O'Callaghan <quasisec(a)chromium.org>
Gerrit-Reviewer: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Reviewer: build bot (Jenkins) <no-reply(a)coreboot.org>
Gerrit-Attention: Felix Singer <felixsinger(a)posteo.net>
Gerrit-Comment-Date: Sun, 13 Nov 2022 07:41:24 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Felix Singer <felixsinger(a)posteo.net>
Gerrit-MessageType: comment