From 682d2a5db2a61a6f97c09d7c143e023fe2bd4e14 Mon Sep 17 00:00:00 2001
From: David Anderson <dvander@google.com>
Date: Wed, 20 Nov 2019 15:47:07 -0800
Subject: bootloader_message: Add a magic header to the Virtual A/B message
 block.

This adds a sanity check in addition to the version number in case misc
contains random bits.

Bug: 139156011
Test: manual test
Change-Id: Ie4f3731d2b1795340881c88e0c4eec9cd4432653
---
 boot_control/libboot_control.cpp                                   | 4 +++-
 bootloader_message/include/bootloader_message/bootloader_message.h | 6 ++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/boot_control/libboot_control.cpp b/boot_control/libboot_control.cpp
index 702183979..ab9ce971b 100644
--- a/boot_control/libboot_control.cpp
+++ b/boot_control/libboot_control.cpp
@@ -365,13 +365,15 @@ bool InitMiscVirtualAbMessageIfNeeded() {
     return false;
   }
 
-  if (message.version == MISC_VIRTUAL_AB_MESSAGE_VERSION) {
+  if (message.version == MISC_VIRTUAL_AB_MESSAGE_VERSION &&
+      message.magic == MISC_VIRTUAL_AB_MAGIC_HEADER) {
     // Already initialized.
     return true;
   }
 
   message = {};
   message.version = MISC_VIRTUAL_AB_MESSAGE_VERSION;
+  message.magic = MISC_VIRTUAL_AB_MAGIC_HEADER;
   if (!WriteMiscVirtualAbMessage(message, &err)) {
     LOG(ERROR) << "Could not write merge status: " << err;
     return false;
diff --git a/bootloader_message/include/bootloader_message/bootloader_message.h b/bootloader_message/include/bootloader_message/bootloader_message.h
index a27e80bcc..9a482d423 100644
--- a/bootloader_message/include/bootloader_message/bootloader_message.h
+++ b/bootloader_message/include/bootloader_message/bootloader_message.h
@@ -189,12 +189,14 @@ static_assert(sizeof(struct bootloader_control) ==
 // must be added to the end.
 struct misc_virtual_ab_message {
   uint8_t version;
+  uint32_t magic;
   uint8_t merge_status;  // IBootControl 1.1, MergeStatus enum.
   uint8_t source_slot;   // Slot number when merge_status was written.
-  uint8_t reserved[61];
+  uint8_t reserved[57];
 } __attribute__((packed));
 
-#define MISC_VIRTUAL_AB_MESSAGE_VERSION 1
+#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2
+#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0
 
 #if (__STDC_VERSION__ >= 201112L) || defined(__cplusplus)
 static_assert(sizeof(struct misc_virtual_ab_message) == 64,
-- 
cgit v1.2.3