Fix host flash hash invalidation

The existing hash invalidation can leave slot stuck in
`HashInProgress` permanently:

```
pilot -r dublin sp exec -e 'component-active-slot host-boot-flash -s 1 -p' BRM27230037
pilot -r dublin sp exec -e 'start-host-flash-hash 0' BRM27230037
pilot -r dublin sp exec -e 'power-state A2' BRM27230037
sleep 30
pilot -r dublin sp exec -e 'power-state A0' BRM27230037
sleep 120

$ pilot -r dublin sp exec -e 'get-host-flash-hash 0' BRM27230037
Jul 28 19:22:14.066 INFO creating SP handle on interface dublin_sw0tp0, component: faux-mgs
Jul 28 19:22:14.072 INFO initial discovery complete, addr: [fe80::aa40:25ff:fe04:604%5]:11111, interface: dublin_sw0tp0, socket: control-plane-agent, component: faux-mgs
Error: Error response from SP: hf: Hash calcuation in progress
```

Switching the mux (i.e. going from Host <-> SP) should invalidate
everything and require a recalcuation. We can also end up in this
state if we write to one bank while a hash of the other bank is
in progress.

Fix this by splitting out the invalidation functions separately
and implementing them correctly. Also fix up a few other fixes
that got missed.

Author: labbott

drv/cosmo-hf/src/hf.rs

@@ -322,7 +322,17 @@ impl ServerImpl {
         }
     }
 
-    fn invalidate_hash(&mut self) {
+    // Write to flash invalidates the hash of current device
+    fn invalidate_write(&mut self) {
+        match self.hash.state {
+            // Only stop the hash for our current device
+            HashState::Hashing { dev, .. } => {
+                if dev == self.dev {
+                    self.hash.state = HashState::NotRunning;
+                }
+            }
+            _ => (),
+        }
         match self.dev {
             HfDevSelect::Flash0 => {
                 self.hash.cached_hash0 = SlotHash::Recalculate;
@@ -331,7 +341,13 @@ impl ServerImpl {
                 self.hash.cached_hash1 = SlotHash::Recalculate;
             }
         }
+    }
+
+    // We switched our mux, recalculate everything
+    fn invalidate_mux_switch(&mut self) {
         self.hash.state = HashState::NotRunning;
+        self.hash.cached_hash0 = SlotHash::Recalculate;
+        self.hash.cached_hash1 = SlotHash::Recalculate;
     }
 
     fn set_dev(
@@ -385,7 +401,7 @@ impl idl::InOrderHostFlashImpl for ServerImpl {
             return Err(HfError::Sector0IsReserved.into());
         }
         self.drv.check_flash_mux_state()?;
-        self.invalidate_hash();
+        self.invalidate_write();
         // Don't use the bulk erase command, because it will erase the entire
         // chip.  Instead, use the sector erase to erase the currently-active
         // virtual device.
@@ -408,7 +424,7 @@ impl idl::InOrderHostFlashImpl for ServerImpl {
         self.check_addr_writable(addr, protect)?;
         self.drv.check_flash_mux_state()?;
         let addr = self.flash_addr(addr, data.len() as u32)?;
-        self.invalidate_hash();
+        self.invalidate_write();
         self.drv
             .flash_write(
                 addr,
@@ -477,7 +493,7 @@ impl idl::InOrderHostFlashImpl for ServerImpl {
     ) -> Result<(), RequestError<HfError>> {
         self.drv.check_flash_mux_state()?;
         self.check_addr_writable(addr, protect)?;
-        self.invalidate_hash();
+        self.invalidate_write();
         self.drv.flash_sector_erase(self.flash_addr(addr, 0)?);
         Ok(())
     }
@@ -552,7 +568,7 @@ impl idl::InOrderHostFlashImpl for ServerImpl {
         state: HfMuxState,
     ) -> Result<(), RequestError<HfError>> {
         self.drv.set_flash_mux_state(state);
-        self.invalidate_hash();
+        self.invalidate_mux_switch();
         Ok(())
     }
 
@@ -588,6 +604,16 @@ impl idl::InOrderHostFlashImpl for ServerImpl {
         len: u32,
     ) -> Result<[u8; SHA256_SZ], RequestError<HfError>> {
         self.drv.check_flash_mux_state()?;
+
+        // Need to check hash state before doing anything else
+        // that might mess up the hash in progress
+        match self.hash.state {
+            HashState::Hashing { .. } => {
+                return Err(HfError::HashInProgress.into())
+            }
+            _ => (),
+        }
+
         if let Err(e) = self.hash.task.init_sha256() {
             ringbuf_entry!(Trace::HashInitError(e));
             return Err(HfError::HashError.into());

drv/gimlet-hf-server/src/main.rs

@@ -414,7 +414,7 @@ impl ServerImpl {
         }
         // We're about to modify our flash, stop any hash in progress
         // and say our old one is invalid.
-        self.invalidate_hash();
+        self.invalidate_write();
         Ok(())
     }
 
@@ -511,7 +511,17 @@ impl ServerImpl {
         }
     }
 
-    fn invalidate_hash(&mut self) {
+    // Write to flash invalidates the hash of the single bank
+    fn invalidate_write(&mut self) {
+        match self.hash.state {
+            // Only stop the hash for our current device
+            HashState::Hashing { dev, .. } => {
+                if dev == self.dev_state {
+                    self.hash.state = HashState::NotRunning;
+                }
+            }
+            _ => (),
+        }
         match self.dev_state {
             HfDevSelect::Flash0 => {
                 self.hash.cached_hash0 = SlotHash::Recalculate;
@@ -520,7 +530,13 @@ impl ServerImpl {
                 self.hash.cached_hash1 = SlotHash::Recalculate;
             }
         }
+    }
+
+    // We switched our mux, recalculate everything
+    fn invalidate_mux_switch(&mut self) {
         self.hash.state = HashState::NotRunning;
+        self.hash.cached_hash0 = SlotHash::Recalculate;
+        self.hash.cached_hash1 = SlotHash::Recalculate;
     }
 }
 
@@ -719,7 +735,7 @@ impl idl::InOrderHostFlashImpl for ServerImpl {
         // This is probably slight over kill but caching is best effort
         // and if we're swapping our mux back the host has probably
         // gone into A2...
-        self.invalidate_hash();
+        self.invalidate_mux_switch();
         Ok(())
     }
 
@@ -754,15 +770,15 @@ impl idl::InOrderHostFlashImpl for ServerImpl {
         len: u32,
     ) -> Result<[u8; SHA256_SZ], RequestError<HfError>> {
         self.check_muxed_to_sp()?;
-        if self.hash.task.init_sha256().is_err() {
-            return Err(HfError::HashError.into());
-        }
         match self.hash.state {
             HashState::Hashing { .. } => {
                 return Err(HfError::HashInProgress.into())
             }
             _ => (),
         }
+        if self.hash.task.init_sha256().is_err() {
+            return Err(HfError::HashError.into());
+        }
         let begin = addr as usize;
         let end = match begin.checked_add(len as usize) {
             Some(end) => {
@@ -804,7 +820,9 @@ impl idl::InOrderHostFlashImpl for ServerImpl {
         // Need to check hash state before doing anything else
         // that might mess up the hash in progress
         match self.hash.state {
-            HashState::Hashing { .. } => return Err(HfError::HashError.into()),
+            HashState::Hashing { .. } => {
+                return Err(HfError::HashInProgress.into())
+            }
             _ => (),
         }