update tests to properly simulate flash locks

add hal_flash_unlock after setting the key since setting the key locks flash
2024-12-06 20:55:50 -05:00 · 2024-12-06 20:55:50 -05:00 · 665641dc13
parent b52c9387aa
commit 665641dc13
2 changed files with 43 additions and 15 deletions
--- a/hal/sim.c
+++ b/hal/sim.c
@ -54,6 +54,8 @@ static uint8_t *flash_base;

 int forceEmergency = 0;
 uint32_t erasefail_address = 0xFFFFFFFF;
+int flashLocked = 1;
+int extFlashLocked = 1;

 #define INTERNAL_FLASH_FILE "./internal_flash.dd"
 #define EXTERNAL_FLASH_FILE "./external_flash.dd"
@ -134,12 +136,12 @@ static int mmap_file(const char *path, uint8_t *address, uint8_t** ret_address)

 void hal_flash_unlock(void)
 {
-    /* no op */
+    flashLocked = 0;
 }

 void hal_flash_lock(void)
 {
-    /* no op */
+    flashLocked = 1;
 }

 void hal_prepare_boot(void)
@ -150,6 +152,10 @@ void hal_prepare_boot(void)
 int hal_flash_write(uintptr_t address, const uint8_t *data, int len)
 {
    int i;
+    if (flashLocked == 1) {
+        wolfBoot_printf("FLASH IS BEING WRITTEN TO WHILE LOCKED\n");
+        return -1;
+    }
    if (forceEmergency == 1 && address == WOLFBOOT_PARTITION_BOOT_ADDRESS) {
        /* implicit cast abide compiler warning */
        memset((void*)address, 0, len);
@ -179,6 +185,10 @@ int hal_flash_write(uintptr_t address, const uint8_t *data, int len)

 int hal_flash_erase(uintptr_t address, int len)
 {
+    if (flashLocked == 1) {
+        wolfBoot_printf("FLASH IS BEING ERASED WHILE LOCKED\n");
+        return -1;
+    }
    /* implicit cast abide compiler warning */
    wolfBoot_printf( "hal_flash_erase addr %p len %d\n", (void*)address, len);
    if (address == erasefail_address + WOLFBOOT_PARTITION_BOOT_ADDRESS) {
@ -227,16 +237,20 @@ void hal_init(void)

 void ext_flash_lock(void)
 {
-    /* no op */
+    extFlashLocked = 1;
 }

 void ext_flash_unlock(void)
 {
-    /* no op */
+    extFlashLocked = 0;
 }

 int ext_flash_write(uintptr_t address, const uint8_t *data, int len)
 {
+    if (extFlashLocked == 1) {
+        wolfBoot_printf("EXT FLASH IS BEING WRITTEN TO WHILE LOCKED\n");
+        return -1;
+    }
    memcpy(flash_base + address, data, len);
    return 0;
 }
@ -249,6 +263,10 @@ int ext_flash_read(uintptr_t address, uint8_t *data, int len)

 int ext_flash_erase(uintptr_t address, int len)
 {
+    if (extFlashLocked == 1) {
+        wolfBoot_printf("EXT FLASH IS BEING ERASED WHILE LOCKED\n");
+        return -1;
+    }
    memset(flash_base + address, FLASH_BYTE_ERASED, len);
    return 0;
 }
@ -287,6 +305,14 @@ void do_boot(const uint32_t *app_offset)
    int ret;
    size_t app_size = WOLFBOOT_PARTITION_SIZE - IMAGE_HEADER_SIZE;

+    if (flashLocked == 0) {
+        wolfBoot_printf("WARNING FLASH IS UNLOCKED AT BOOT");
+    }
+
+    if (extFlashLocked == 0) {
+        wolfBoot_printf("WARNING EXT FLASH IS UNLOCKED AT BOOT");
+    }
+
 #ifdef __APPLE__
    typedef int (*main_entry)(int, char**, char**, char**);
    NSObjectFileImage fileImage = NULL;
--- a/src/update_flash.c
+++ b/src/update_flash.c
@ -245,36 +245,38 @@ static int wolfBoot_swap_and_final_erase(int resume)
    if ((resume == 1) && (swapDone == 0) && (st != IMG_STATE_FINAL_FLAGS)) {
        return -1;
    }
+
    hal_flash_unlock();
-#ifdef EXT_FLASH
+
+    /* IMG_STATE_FINAL_FLAGS allows re-entry without blowing away swap */
+    if (st != IMG_STATE_FINAL_FLAGS) {
+        /* store the sector at tmpBootPos into swap */
+        wolfBoot_copy_sector(boot, swap, tmpBootPos / WOLFBOOT_SECTOR_SIZE);
+        /* set FINAL_SWAP for re-entry */
+        wolfBoot_set_partition_state(PART_UPDATE, IMG_STATE_FINAL_FLAGS);
+    }
+#ifdef EXT_ENCRYPTED
    ext_flash_unlock();
-#endif

    if (swapDone == 0) {
-        /* IMG_STATE_FINAL_FLAGS allows re-entry without blowing away swap */
-        if (st != IMG_STATE_FINAL_FLAGS) {
-            /* store the sector at tmpBootPos into swap */
-            wolfBoot_copy_sector(boot, swap, tmpBootPos / WOLFBOOT_SECTOR_SIZE);
-            /* set FINAL_SWAP for re-entry */
-            wolfBoot_set_partition_state(PART_UPDATE, IMG_STATE_FINAL_FLAGS);
-        }
-#ifdef EXT_ENCRYPTED
        /* get encryption key and iv if encryption is enabled */
        wolfBoot_get_encrypt_key((uint8_t*)tmpBuffer,
            (uint8_t*)&tmpBuffer[ENCRYPT_KEY_SIZE/sizeof(uint32_t)]);
-#endif
        /* write TRAIL, encryption key and iv if enabled to tmpBootPos*/
        tmpBuffer[TRAILER_OFFSET_WORDS] = WOLFBOOT_MAGIC_TRAIL;

        wb_flash_erase(boot, tmpBootPos, WOLFBOOT_SECTOR_SIZE);
        wb_flash_write(boot, tmpBootPos, (void*)tmpBuffer, sizeof(tmpBuffer));
    }
+#endif
    /* erase the last boot sector(s) */
    wb_flash_erase(boot, WOLFBOOT_PARTITION_SIZE - eraseLen, eraseLen);
    /* set the encryption key */
 #ifdef EXT_ENCRYPTED
    wolfBoot_set_encrypt_key((uint8_t*)tmpBuffer,
            (uint8_t*)&tmpBuffer[ENCRYPT_KEY_SIZE/sizeof(uint32_t)]);
+    /* wolfBoot_set_encrypt_key calls hal_flash_unlock, need to unlock again */
+    hal_flash_unlock();
 #endif
    /* write the original contents of tmpBootPos back */
    if (tmpBootPos < boot->fw_size + IMAGE_HEADER_SIZE) {