From 4810dd73a23ffaab989f86392292499256805e94 Mon Sep 17 00:00:00 2001 From: Alphan Ulusoy Date: Wed, 2 Feb 2022 09:39:24 -0500 Subject: [PATCH] [sw/silicon_creator] Harden SHUTDOWN_IF_ERROR Signed-off-by: Alphan Ulusoy --- sw/device/silicon_creator/lib/shutdown.h | 14 ++++++++------ sw/device/silicon_creator/lib/shutdown_unittest.cc | 8 ++++++-- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/sw/device/silicon_creator/lib/shutdown.h b/sw/device/silicon_creator/lib/shutdown.h index 0e643ff781d70..70649648b8d06 100644 --- a/sw/device/silicon_creator/lib/shutdown.h +++ b/sw/device/silicon_creator/lib/shutdown.h @@ -7,6 +7,7 @@ #include #include +#include "sw/device/lib/base/hardened.h" #include "sw/device/lib/base/macros.h" #include "sw/device/silicon_creator/lib/drivers/lifecycle.h" #include "sw/device/silicon_creator/lib/error.h" @@ -22,12 +23,13 @@ extern "C" { * * @param expr_ An expression which results in an rom_error_t. */ -#define SHUTDOWN_IF_ERROR(expr_) \ - do { \ - rom_error_t error = (expr_); \ - if (error != kErrorOk) { \ - shutdown_finalize(error); \ - } \ +#define SHUTDOWN_IF_ERROR(expr_) \ + do { \ + rom_error_t error_ = expr_; \ + if (launder32(error_) != kErrorOk) { \ + shutdown_finalize(error_); \ + } \ + HARDENED_CHECK_EQ(error_, kErrorOk); \ } while (false) /** diff --git a/sw/device/silicon_creator/lib/shutdown_unittest.cc b/sw/device/silicon_creator/lib/shutdown_unittest.cc index e0acee7e6ac41..2ecb2583b3d9b 100644 --- a/sw/device/silicon_creator/lib/shutdown_unittest.cc +++ b/sw/device/silicon_creator/lib/shutdown_unittest.cc @@ -599,8 +599,12 @@ TEST_F(ShutdownTest, FlashKill) { TEST_F(ShutdownTest, ShutdownIfErrorOk) { SHUTDOWN_IF_ERROR(kErrorOk); } TEST_F(ShutdownTest, ShutdownIfErrorUnknown) { - ExpectFinalize(kErrorUnknown); - SHUTDOWN_IF_ERROR(kErrorUnknown); + EXPECT_DEATH( + { + ExpectFinalize(kErrorUnknown); + SHUTDOWN_IF_ERROR(kErrorUnknown); + }, + ""); } TEST_F(ShutdownTest, SoftwareEscalate) {