Debugging the mynewt bootloader

Niall Begley Thu, 19 Apr 2018 09:27:14 -0700

Hi everyone, I'm new to mynewt (and RTOS's in general) and I'm looking to
do something that I think is a little outside the scope of a lot of the
documentation on the mynewt site (as far as I can tell) and I was hoping to
get some guidance.


Basically, I'm interested in modifying the existing digital signature
systems in place for secure boot loading, but I'm running into a problem
actually debugging the changes I'm making.  When I run "newt run" on my
bootloader, GDB appears to only load when the digital signature is already
halfway through validation.  For example, here is what the stack looks like
immediately after breaking into GDB when the bootloader is set to perform
RSA signature validation:

#0  memset (dst=0x80002d28, c=c@entry=0, n=<optimized out>) at
repos/apache-mynewt-core/libc/baselibc/src/memset.c:24
#1  0x200025ca in mbedtls_mpi_lset (X=X@entry=0x80002fd0, z=z@entry=0) at
repos/apache-mynewt-core/crypto/mbedtls/src/bignum.c:295
#2  0x20002f0c in mbedtls_mpi_mul_mpi (X=X@entry=0x80002fd0, A=0x80002f54,
A@entry=0x80002fd0, B=B@entry=0x80002f84)
    at repos/apache-mynewt-core/crypto/mbedtls/src/bignum.c:1193
#3  0x20002f5a in mbedtls_mpi_mul_int (X=X@entry=0x80002fd0,
A=A@entry=0x80002fd0,
b=<optimized out>)
    at repos/apache-mynewt-core/crypto/mbedtls/src/bignum.c:1220
#4  0x200031e4 in mbedtls_mpi_div_mpi (Q=Q@entry=0x0, R=R@entry=0x80003694,
A=A@entry=0x80003694, B=B@entry=0x80003cec)
    at repos/apache-mynewt-core/crypto/mbedtls/src/bignum.c:1388
#5  0x20003320 in mbedtls_mpi_mod_mpi (R=R@entry=0x80003694,
A=A@entry=0x80003694,
B=B@entry=0x80003cec)
    at repos/apache-mynewt-core/crypto/mbedtls/src/bignum.c:1460
#6  0x20003648 in mbedtls_mpi_exp_mod (X=X@entry=0x800036e4,
A=A@entry=0x800036e4,
E=E@entry=0x80003cf8, N=N@entry=0x80003cec,
    _RR=_RR@entry=0x80003d4c) at
repos/apache-mynewt-core/crypto/mbedtls/src/bignum.c:1662
#7  0x20003a00 in mbedtls_rsa_public (ctx=ctx@entry=0x80003ce4,
    input=input@entry=0x80003e2c
"\002\005\256\024\350R\fV\214\207(\222\246>\016j\222t\200d2V\327\265h9F\005
\305\030\312t\255\357\b\024\203\020C)Ң\f!\031\024\203\035*b\220b\f!\031N\225\265\356\061F2\232\016|\024\203\035*\203\230\327\301H1\004",
    output=output@entry=0x80003714 "\n\001") at
repos/apache-mynewt-core/crypto/mbedtls/src/rsa.c:312
#8  0x20001946 in bootutil_cmp_rsasig (
    sig=0x80003e2c
"\002\005\256\024\350R\fV\214\207(\222\246>\016j\222t\200d2V\327\265h9F\005
\305\030\312t\255\357\b\024\203\020C)Ң\f!\031\024\203\035*b\220b\f!\031N\225\265\356\061F2\232\016|\024\203\035*\203\230\327\301H1\004",
hlen=32,
    hash=0x80003e0c
"u\362~\202\361\245\"\206\204\370aD\241JC\304#\352\202Ҫ\247\216yA)\002\341\071wNN\002\005\256\024\350R\fV\214\207(\222\246>\016j\222t\200d2V\327\265h9F\005
\305\030\312t\255\357\b\024\203\020C)Ң\f!\031\024\203\035*b\220b\f!\031N\225\265\356\061F2\232\016|\024\203\035*\203\230\327\301H1\004",
ctx=0x80003ce4) at repos/apache-mynewt-core/boot/bootutil/src/image_rsa.c:91
#9  bootutil_verify_sig (
    hash=hash@entry=0x80003e0c
"u\362~\202\361\245\"\206\204\370aD\241JC\304#\352\202Ҫ\247\216yA)\002\341\071wNN\002\005\256\024\350R\fV\214\207(\222\246>\016j\222t\200d2V\327\265h9F\005
\305\030\312t\255\357\b\024\203\020C)Ң\f!\031\024\203\035*b\220b\f!\031N\225\265\356\061F2\232\016|\024\203\035*\203\230\327\301H1\004",
hlen=hlen@entry=32,
    sig=sig@entry=0x80003e2c
"\002\005\256\024\350R\fV\214\207(\222\246>\016j\222t\200d2V\327\265h9F\005
\305\030\312t\255\357\b\024\203\020C)Ң\f!\031\024\203\035*b\220b\f!\031N\225\265\356\061F2\232\016|\024\203\035*\203\230\327\301H1\004",
    slen=slen@entry=256, key_id=<optimized out>) at
repos/apache-mynewt-core/boot/bootutil/src/image_rsa.c:145
#10 0x20001842 in bootutil_img_validate (hdr=hdr@entry=0x800007c4
<boot_data>, fap=fap@entry=0x20005e84 <sysflash_map_dflt+12>,
    tmp_buf=<optimized out>, tmp_buf_sz=tmp_buf_sz@entry=256,
seed=seed@entry=0x0, seed_len=seed_len@entry=0,
    out_hash=out_hash@entry=0x0) at
repos/apache-mynewt-core/boot/bootutil/src/image_validate.c:215
#11 0x20000e2e in boot_image_check (fap=0x20005e84 <sysflash_map_dflt+12>,
hdr=0x800007c4 <boot_data>)
    at repos/apache-mynewt-core/boot/bootutil/src/loader.c:518
#12 boot_validate_slot (slot=slot@entry=0) at
repos/apache-mynewt-core/boot/bootutil/src/loader.c:576
#13 0x200011b4 in boot_go (rsp=rsp@entry=0x80003fd4) at
repos/apache-mynewt-core/boot/bootutil/src/loader.c:1054
#14 0x20000bf2 in main () at
repos/apache-mynewt-core/apps/boot/src/boot.c:54

Is there a better way to do this with GDB?  Is it possible to use one of
the logging or console packages to perform prints?  Any tips in general?

Thanks everyone

Debugging the mynewt bootloader

Reply via email to