Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bootutil: Fix image verification and add state to is header valid function #2045

Merged
merged 3 commits into from
Aug 27, 2024
Merged

bootutil: Fix image verification and add state to is header valid function #2045

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
3f07bdc
bootutil: loader: Add state to boot_is_header_valid() function
nordicjm Aug 22, 2024
15b35f6
bootutil: loader: Verify image header before checking image
nordicjm Aug 22, 2024
49a5872
docs: release-notes: Add note on bootutil changes
nordicjm Aug 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 14 additions & 8 deletions boot/bootutil/src/loader.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -863,10 +863,13 @@ split_image_check(struct image_header *app_hdr,
* within the flash area we are in.
*/
static bool
boot_is_header_valid(const struct image_header *hdr, const struct flash_area *fap)
boot_is_header_valid(const struct image_header *hdr, const struct flash_area *fap,
struct boot_loader_state *state)
{
uint32_t size;

(void)state;

if (hdr->ih_magic != IMAGE_MAGIC) {
return false;
}
Expand Down Expand Up @@ -1027,13 +1030,16 @@ boot_validate_slot(struct boot_loader_state *state, int slot,
}
}
#endif
BOOT_HOOK_CALL_FIH(boot_image_check_hook, FIH_BOOT_HOOK_REGULAR,
fih_rc, BOOT_CURR_IMG(state), slot);
if (FIH_EQ(fih_rc, FIH_BOOT_HOOK_REGULAR))
{
FIH_CALL(boot_image_check, fih_rc, state, hdr, fap, bs);
if (!boot_is_header_valid(hdr, fap, state)) {
fih_rc = FIH_FAILURE;
} else {
BOOT_HOOK_CALL_FIH(boot_image_check_hook, FIH_BOOT_HOOK_REGULAR,
fih_rc, BOOT_CURR_IMG(state), slot);
if (FIH_EQ(fih_rc, FIH_BOOT_HOOK_REGULAR)) {
FIH_CALL(boot_image_check, fih_rc, state, hdr, fap, bs);
}
}
if (!boot_is_header_valid(hdr, fap) || FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
if ((slot != BOOT_PRIMARY_SLOT) || ARE_SLOTS_EQUIVALENT()) {
flash_area_erase(fap, 0, flash_area_get_size(fap));
/* Image is invalid, erase it to prevent further unnecessary
Expand Down Expand Up @@ -2556,7 +2562,7 @@ boot_get_slot_usage(struct boot_loader_state *state)
for (slot = 0; slot < BOOT_NUM_SLOTS; slot++) {
hdr = boot_img_hdr(state, slot);

if (boot_is_header_valid(hdr, BOOT_IMG_AREA(state, slot))) {
if (boot_is_header_valid(hdr, BOOT_IMG_AREA(state, slot), state)) {
state->slot_usage[BOOT_CURR_IMG(state)].slot_available[slot] = true;
BOOT_LOG_IMAGE_INFO(slot, hdr);
} else {
Expand Down
4 changes: 4 additions & 0 deletions docs/release-notes.d/bootutil-image-verification.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
- Changed bootutil's order of events to verify the image header
before checking the image.
- Added the bootloader state object to the bootutil
boot_is_header_valid() function
Loading