Merge pull request #340 from jpbland1/internal-only-write-once

Internal only write once
wolfSSL · Aug 15, 2023 · 059d0f8 · 059d0f8
2 parents db032d1 + f5a2e23
commit 059d0f8
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 3 deletions.
diff --git a/.github/workflows/test-powerfail-simulator.yml b/.github/workflows/test-powerfail-simulator.yml
@@ -225,3 +225,35 @@ jobs:
         run: |
           tools/scripts/sim-update-powerfail-resume.sh
 
+     # TEST with encryption (aes128) and NVM_WRITEONCE
+
+      - name: make clean
+        run: |
+          make keysclean && make -C tools/keytools clean && rm -f include/target.h
+      - name: Select config with encrypted updates
+        run: |
+          cp config/examples/sim-encrypt-nvm-writeonce-update.config .config
+      - name: Build key tools
+        run: |
+          make -C tools/keytools
+      - name: Build bin assemble
+        run: |
+          make -C tools/bin-assemble
+      - name: Build wolfboot.elf
+        run: |
+          make clean && make test-sim-external-flash-with-enc-update
+      - name: Run sunny day update test (AES128 NVM_WRITEONCE)
+        run: |
+          tools/scripts/sim-sunnyday-update.sh
+      - name: Rebuild wolfboot.elf
+        run: |
+          make clean && make test-sim-external-flash-with-enc-update
+      - name: Run update-revert test (AES128 NVM_WRITEONCE)
+        run: |
+          tools/scripts/sim-update-fallback.sh
+      - name: Rebuild wolfboot.elf
+        run: |
+          make clean && make test-sim-external-flash-with-enc-update
+      - name: Run update-revert test with power failures (AES128 NVM_WRITEONCE)
+        run: |
+          tools/scripts/sim-update-powerfail-resume.sh
diff --git a/config/examples/sim-encrypt-nvm-writeonce-update.config b/config/examples/sim-encrypt-nvm-writeonce-update.config
@@ -0,0 +1,20 @@
+ARCH=sim
+TARGET=sim
+SIGN?=ED25519
+HASH?=SHA256
+WOLFBOOT_SMALL_STACK=1
+SPI_FLASH=0
+EXT_FLASH=1
+ENCRYPT=1
+ENCRYPT_WITH_AES128=1
+DEBUG=1
+# it should be multiple of system page size
+NVM_FLASH_WRITEONCE=1
+WOLFBOOT_PARTITION_SIZE=0x40000
+WOLFBOOT_SECTOR_SIZE=0x1000
+WOLFBOOT_PARTITION_BOOT_ADDRESS=0x20000
+# if on external flash, it should be multiple of system page size
+WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x00000
+WOLFBOOT_PARTITION_SWAP_ADDRESS=0x40000
+# required for keytools
+WOLFBOOT_FIXED_PARTITIONS=1
diff --git a/src/libwolfboot.c b/src/libwolfboot.c
@@ -268,15 +268,16 @@ static uint8_t* RAMFUNCTION get_trailer_at(uint8_t part, uint32_t at)
 {
     uint8_t *ret = NULL;
     uint32_t sel_sec = 0;
-#ifdef NVM_FLASH_WRITEONCE
-    sel_sec = nvm_select_fresh_sector(part);
-#endif
     if (part == PART_BOOT) {
         if (FLAGS_BOOT_EXT()){
             ext_flash_check_read(PART_BOOT_ENDFLAGS - (sizeof(uint32_t) + at),
                 (void *)&ext_cache, sizeof(uint32_t));
             ret = (uint8_t *)&ext_cache;
         } else {
+            /* only internal flash should be writeonce */
+#ifdef NVM_FLASH_WRITEONCE
+            sel_sec = nvm_select_fresh_sector(part);
+#endif
             ret = (void *)(PART_BOOT_ENDFLAGS -
                     (WOLFBOOT_SECTOR_SIZE * sel_sec + (sizeof(uint32_t) + at)));
         }
@@ -287,6 +288,10 @@ static uint8_t* RAMFUNCTION get_trailer_at(uint8_t part, uint32_t at)
                 (void *)&ext_cache, sizeof(uint32_t));
             ret = (uint8_t *)&ext_cache;
         } else {
+            /* only internal flash should be writeonce */
+#ifdef NVM_FLASH_WRITEONCE
+            sel_sec = nvm_select_fresh_sector(part);
+#endif
             ret = (void *)(PART_UPDATE_ENDFLAGS -
                     (WOLFBOOT_SECTOR_SIZE * sel_sec + (sizeof(uint32_t) + at)));
         }