Repository: incubator-mynewt-core Updated Branches: refs/heads/develop 61acaddfd -> 80e7fa0db
boot - don't interpet end of image as trailer. This fix handles the case where the image is so big that there is not room for a trailer. In this case, the boot loader always boots into slot 0. Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/commit/80e7fa0d Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/tree/80e7fa0d Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/diff/80e7fa0d Branch: refs/heads/develop Commit: 80e7fa0dbd0a3b56f1941cd763297ff67bfab8c5 Parents: 61acadd Author: Christopher Collins <[email protected]> Authored: Wed Dec 21 14:31:21 2016 -0800 Committer: Christopher Collins <[email protected]> Committed: Wed Dec 21 14:31:21 2016 -0800 ---------------------------------------------------------------------- boot/bootutil/src/loader.c | 28 +++++++++ boot/bootutil/test/src/boot_test.c | 2 + boot/bootutil/test/src/boot_test.h | 1 + boot/bootutil/test/src/boot_test_utils.c | 26 ++++++++- .../test/src/testcases/boot_test_img_too_big.c | 60 ++++++++++++++++++++ 5 files changed, 116 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/80e7fa0d/boot/bootutil/src/loader.c ---------------------------------------------------------------------- diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c index fc20fdb..c143eb6 100644 --- a/boot/bootutil/src/loader.c +++ b/boot/bootutil/src/loader.c @@ -286,23 +286,51 @@ boot_write_sz(void) return elem_sz; } +static uint32_t +boot_total_img_size(int slot) +{ + const struct image_header *hdr; + + hdr = &boot_data.imgs[slot].hdr; + return hdr->ih_hdr_size + hdr->ih_img_size + hdr->ih_tlv_size; +} + static int boot_slots_compatible(void) { const struct flash_area *sector0; const struct flash_area *sector1; + uint32_t slot_size; int i; /* Ensure both image slots have identical sector layouts. */ if (boot_data.imgs[0].num_sectors != boot_data.imgs[1].num_sectors) { return 0; } + + slot_size = 0; for (i = 0; i < boot_data.imgs[0].num_sectors; i++) { sector0 = boot_data.imgs[0].sectors + i; sector1 = boot_data.imgs[1].sectors + i; if (sector0->fa_size != sector1->fa_size) { return 0; } + + slot_size += sector0->fa_size; + } + + /* Ensure images are small enough that they leave room for the image + * trailers. + */ + if (slot_size < + boot_total_img_size(0) + boot_trailer_sz(boot_data.write_sz)) { + + return 0; + } + if (slot_size < + boot_total_img_size(1) + boot_trailer_sz(boot_data.write_sz)) { + + return 0; } return 1; http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/80e7fa0d/boot/bootutil/test/src/boot_test.c ---------------------------------------------------------------------- diff --git a/boot/bootutil/test/src/boot_test.c b/boot/bootutil/test/src/boot_test.c index 98972f3..478bf85 100644 --- a/boot/bootutil/test/src/boot_test.c +++ b/boot/bootutil/test/src/boot_test.c @@ -53,6 +53,7 @@ TEST_CASE_DECL(boot_test_revert) TEST_CASE_DECL(boot_test_revert_continue) TEST_CASE_DECL(boot_test_permanent) TEST_CASE_DECL(boot_test_permanent_continue) +TEST_CASE_DECL(boot_test_img_too_big); TEST_SUITE(boot_test_main) { @@ -75,6 +76,7 @@ TEST_SUITE(boot_test_main) boot_test_revert_continue(); boot_test_permanent(); boot_test_permanent_continue(); + boot_test_img_too_big(); } int http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/80e7fa0d/boot/bootutil/test/src/boot_test.h ---------------------------------------------------------------------- diff --git a/boot/bootutil/test/src/boot_test.h b/boot/bootutil/test/src/boot_test.h index d0c1319..cd15e0d 100644 --- a/boot/bootutil/test/src/boot_test.h +++ b/boot/bootutil/test/src/boot_test.h @@ -60,6 +60,7 @@ extern struct boot_test_img_addrs boot_test_img_addrs[]; uint8_t boot_test_util_byte_at(int img_msb, uint32_t image_offset); uint8_t boot_test_util_flash_align(void); +uint32_t boot_test_util_slot_size(int slot); void boot_test_util_init_flash(void); void boot_test_util_copy_area(int from_area_idx, int to_area_idx); void boot_test_util_swap_areas(int area_idx1, int area_idx2); http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/80e7fa0d/boot/bootutil/test/src/boot_test_utils.c ---------------------------------------------------------------------- diff --git a/boot/bootutil/test/src/boot_test_utils.c b/boot/bootutil/test/src/boot_test_utils.c index 30297c8..c8583f0 100644 --- a/boot/bootutil/test/src/boot_test_utils.c +++ b/boot/bootutil/test/src/boot_test_utils.c @@ -60,12 +60,36 @@ uint8_t boot_test_util_flash_align(void) { const struct flash_area *fap; + uint8_t align; int rc; rc = flash_area_open(FLASH_AREA_IMAGE_0, &fap); TEST_ASSERT_FATAL(rc == 0); - return flash_area_align(fap); + align = flash_area_align(fap); + + flash_area_close(fap); + + return align; +} + +uint32_t +boot_test_util_slot_size(int slot) +{ + const struct flash_area *fap; + uint32_t size; + int area_id; + int rc; + + area_id = flash_area_id_from_image_slot(slot); + rc = flash_area_open(area_id, &fap); + TEST_ASSERT_FATAL(rc == 0); + + size = fap->fa_size; + + flash_area_close(fap); + + return size; } void http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/80e7fa0d/boot/bootutil/test/src/testcases/boot_test_img_too_big.c ---------------------------------------------------------------------- diff --git a/boot/bootutil/test/src/testcases/boot_test_img_too_big.c b/boot/bootutil/test/src/testcases/boot_test_img_too_big.c new file mode 100644 index 0000000..c72607b --- /dev/null +++ b/boot/bootutil/test/src/testcases/boot_test_img_too_big.c @@ -0,0 +1,60 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +#include "boot_test.h" + +TEST_CASE(boot_test_img_too_big) +{ + uint32_t slot_size; + + struct image_header hdr0 = { + .ih_magic = IMAGE_MAGIC, + .ih_tlv_size = 4 + 32, + .ih_hdr_size = BOOT_TEST_HEADER_SIZE, + .ih_img_size = 5 * 1024, + .ih_flags = IMAGE_F_SHA256, + .ih_ver = { 0, 5, 21, 432 }, + }; + + struct image_header hdr1 = { + .ih_magic = IMAGE_MAGIC, + .ih_tlv_size = 4 + 32, + .ih_hdr_size = BOOT_TEST_HEADER_SIZE, + .ih_img_size = 0, + .ih_flags = IMAGE_F_SHA256, + .ih_ver = { 1, 2, 3, 432 }, + }; + + boot_test_util_init_flash(); + + /* Make image in slot 1 so large that there is no room for an image + * trailer. + */ + slot_size = boot_test_util_slot_size(1); + hdr1.ih_img_size = slot_size - 10; + + boot_test_util_write_image(&hdr0, 0); + boot_test_util_write_hash(&hdr0, 0); + boot_test_util_write_image(&hdr1, 1); + boot_test_util_write_hash(&hdr1, 1); + + /* Ensure the boot loader does not interpret the end of the image as a + * trailer. + */ + boot_test_util_verify_all(BOOT_SWAP_TYPE_NONE, &hdr0, &hdr1); +}
