WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Fixed flag comparison selecting most recent flags

pull/470/head
Daniele Lacamera 2024-07-17 08:55:14 +02:00
parent 3444c47fdb
commit 2ec2bcdf79
2 changed files with 135 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/libwolfboot.c
View File

@ -249,6 +249,10 @@ static int RAMFUNCTION nvm_select_fresh_sector(int part)
else if (word_0 != WOLFBOOT_MAGIC_TRAIL && word_1 == WOLFBOOT_MAGIC_TRAIL) { else if (word_0 != WOLFBOOT_MAGIC_TRAIL && word_1 == WOLFBOOT_MAGIC_TRAIL) {
sel = 1; sel = 1;
goto finish; goto finish;
} else if (word_0 != WOLFBOOT_MAGIC_TRAIL && word_1 != WOLFBOOT_MAGIC_TRAIL) {
/* none of the partition has a valid trailer, default to '0' */
sel = 0;
goto finish;
} }
/* try the update magic as well */ /* try the update magic as well */
@ -271,10 +275,12 @@ static int RAMFUNCTION nvm_select_fresh_sector(int part)
/* Default to last sector if no match is found */ /* Default to last sector if no match is found */
sel = 0; sel = 0;
/* Select the sector with more flags set */ /* Select the sector with more flags set. Partition flag is at offset '4'.
for (off = 1; off < WOLFBOOT_SECTOR_SIZE; off++) { * Sector flags begin from offset '5'.
uint8_t byte_0 = get_base_offset(base, off); */
uint8_t byte_1 = get_base_offset(base, (WOLFBOOT_SECTOR_SIZE + off)); for (off = 4; off < WOLFBOOT_SECTOR_SIZE; off++) {
volatile uint8_t byte_0 = get_base_offset(base, off);
volatile uint8_t byte_1 = get_base_offset(base, (WOLFBOOT_SECTOR_SIZE + off));
if (byte_0 == FLASH_BYTE_ERASED && byte_1 != FLASH_BYTE_ERASED) { if (byte_0 == FLASH_BYTE_ERASED && byte_1 != FLASH_BYTE_ERASED) {
sel = 1; sel = 1;
@ -294,11 +300,6 @@ static int RAMFUNCTION nvm_select_fresh_sector(int part)
continue; continue;
} }
#endif #endif
/* First time boot? Assume no pending update */
if (off == 1) {
sel=0;
break;
}
/* Examine previous position one byte ahead */ /* Examine previous position one byte ahead */
byte_0 = get_base_offset(base, (off - 1)); byte_0 = get_base_offset(base, (off - 1));
byte_1 = get_base_offset(base, ((WOLFBOOT_SECTOR_SIZE + off) - 1)); byte_1 = get_base_offset(base, ((WOLFBOOT_SECTOR_SIZE + off) - 1));

130
tools/unit-tests/unit-nvm.c
View File

@ -10,16 +10,13 @@
#include <sys/mman.h> #include <sys/mman.h>
#include <check.h> #include <check.h>
static int locked = 0; static int locked = 1;
static int erased_boot = 0; static int erased_boot = 0;
static int erased_update = 0; static int erased_update = 0;
static int erased_nvm_bank0 = 0; static int erased_nvm_bank0 = 0;
static int erased_nvm_bank1 = 0; static int erased_nvm_bank1 = 0;
/* Mocks */ /* Mocks */
void hal_init(void) void hal_init(void)
{ {
@ -28,6 +25,7 @@ int hal_flash_write(haladdr_t address, const uint8_t *data, int len)
{ {
int i; int i;
uint8_t *a = (uint8_t *)address; uint8_t *a = (uint8_t *)address;
fail_if(locked, "Attempting to write to a locked FLASH");
if ((address >= WOLFBOOT_PARTITION_UPDATE_ADDRESS) && if ((address >= WOLFBOOT_PARTITION_UPDATE_ADDRESS) &&
(address < WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE)) { (address < WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE)) {
for (i = 0; i < len; i++) { for (i = 0; i < len; i++) {
@ -38,6 +36,7 @@ int hal_flash_write(haladdr_t address, const uint8_t *data, int len)
} }
int hal_flash_erase(haladdr_t address, int len) int hal_flash_erase(haladdr_t address, int len)
{ {
fail_if(locked, "Attempting to erase a locked FLASH");
if ((address >= WOLFBOOT_PARTITION_BOOT_ADDRESS) && if ((address >= WOLFBOOT_PARTITION_BOOT_ADDRESS) &&
(address < WOLFBOOT_PARTITION_BOOT_ADDRESS + WOLFBOOT_PARTITION_SIZE)) { (address < WOLFBOOT_PARTITION_BOOT_ADDRESS + WOLFBOOT_PARTITION_SIZE)) {
erased_boot++; erased_boot++;
@ -119,13 +118,18 @@ Suite *wolfboot_suite(void);
START_TEST (test_nvm_select_fresh_sector) START_TEST (test_nvm_select_fresh_sector)
{ {
int ret; int ret, i;
const char BOOT[] = "BOOT"; const char BOOT[] = "BOOT";
const uint32_t *boot_word = (const uint32_t *)BOOT; const uint32_t *boot_word = (const uint32_t *)BOOT;
uint8_t st; uint8_t st;
uint32_t *magic; uint32_t *magic;
uint8_t *dst, *src;
ret = mmap_file("/tmp/wolfboot-unit-file.bin", MOCK_ADDRESS, NULL); ret = mmap_file("/tmp/wolfboot-unit-file.bin", MOCK_ADDRESS, NULL);
/* unlock the flash to allow operations */
hal_flash_unlock();
erased_update = 0; erased_update = 0;
wolfBoot_erase_partition(PART_UPDATE); wolfBoot_erase_partition(PART_UPDATE);
fail_if(erased_update != 1); fail_if(erased_update != 1);
@ -202,6 +206,122 @@ START_TEST (test_nvm_select_fresh_sector)
ret = nvm_select_fresh_sector(PART_UPDATE); ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select right sector after reading sector state\n"); fail_if(ret != 0, "Failed to select right sector after reading sector state\n");
/* Update sector flag, again. it should change nvm sector */
erased_nvm_bank1 = 0;
erased_nvm_bank0 = 0;
wolfBoot_set_update_sector_flag(1, SECT_FLAG_SWAPPING);
/* Current selected should now be 1 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 1, "Failed to select updating fresh sector\n");
fail_if(erased_nvm_bank0 == 0, "Did not erase the non-selected bank");
/* Check sector state is read back correctly */
ret = wolfBoot_get_update_sector_flag(1, &st);
fail_if (ret != 0, "Failed to read sector flag state\n");
fail_if (st != SECT_FLAG_SWAPPING, "Wrong sector flag state\n");
/* Check that reading did not change the current sector (1) */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 1, "Failed to select right sector after reading sector state\n");
/* Update sector flag, again. it should change nvm sector */
erased_nvm_bank1 = 0;
erased_nvm_bank0 = 0;
wolfBoot_set_update_sector_flag(1, SECT_FLAG_UPDATED);
/* Copy flags from 0 to 1 */
src = (uint8_t *)(WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE - 8);
dst = (uint8_t *)(WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE - (8 + WOLFBOOT_SECTOR_SIZE));
for (i = 0; i < 8; i++)
dst[i] = src[i];
/* Force-erase 4B of sector flags in 0 */
dst = (uint8_t *)(WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE - 8);
for (i = 0; i < 4; i++)
dst[i] = 0xFF;
/* This should fall back to 1 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 1, "Failed to select most recent sector after deleting flags\n");
/* Start over, update some sector flags */
wolfBoot_erase_partition(PART_UPDATE);
wolfBoot_set_update_sector_flag(0, SECT_FLAG_UPDATED);
wolfBoot_set_update_sector_flag(1, SECT_FLAG_UPDATED);
wolfBoot_set_update_sector_flag(2, SECT_FLAG_UPDATED);
wolfBoot_set_update_sector_flag(3, SECT_FLAG_UPDATED);
wolfBoot_set_update_sector_flag(4, SECT_FLAG_SWAPPING);
st = IMG_STATE_UPDATING;
wolfBoot_set_partition_state(PART_UPDATE, &st);
/* Current selected should now be 1 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 1, "Failed to select updating fresh sector\n");
fail_if(erased_nvm_bank0 == 0, "Did not erase the non-selected bank");
/* Check sector state is read back correctly */
for (i = 0; i < 4; i++) {
ret = wolfBoot_get_update_sector_flag(i, &st);
fail_if (ret != 0, "Failed to read sector flag state\n");
fail_if (st != SECT_FLAG_UPDATED, "Wrong sector flag state\n");
}
ret = wolfBoot_get_update_sector_flag(4, &st);
fail_if (ret != 0, "Failed to read sector flag state\n");
fail_if (st != SECT_FLAG_SWAPPING, "Wrong sector flag state\n");
/* Check that reading did not change the current sector (1) */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 1, "Failed to select right sector after reading sector state\n");
/* Copy flags from 1 to 0 */
src = (uint8_t *)(WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE - (8 + WOLFBOOT_SECTOR_SIZE));
dst = (uint8_t *)(WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE - 8);
for (i = 0; i < 8; i++)
dst[i] = src[i];
/* Force to F0 last sector flag in 0, so that the sector '4' is 'updated' */
dst = (uint8_t *)(WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE - 8);
dst[0] = 0xF0;
/* Check if still there */
ret = wolfBoot_get_update_sector_flag(4, &st);
fail_if (ret != 0, "Failed to read sector flag state\n");
fail_if (st != SECT_FLAG_UPDATED, "Wrong sector flag state\n");
/* This should fall back to 0 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select most recent sector after deleting flags\n");
/* Erase partition and start over */
erased_update = 0;
wolfBoot_erase_partition(PART_UPDATE);
fail_if(erased_update != 1);
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select right sector after reading sector state\n");
/* re-lock the flash: update_trigger implies unlocking/locking */
hal_flash_lock();
/* Triggering update to set flags */
wolfBoot_update_trigger();
/* Current selected should now be 0 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select updating fresh sector\n");
fail_if(erased_nvm_bank1 == 0, "Did not erase the non-selected bank");
magic = get_partition_magic(PART_UPDATE);
fail_if(*magic != *boot_word,
"Failed to read back 'BOOT' trailer at the end of the partition");
/* Sanity check at the end of the operations. */
fail_unless(locked, "The FLASH was left unlocked.\n");
} }
END_TEST END_TEST