Skip to content

Commit 2fe9cd4

Browse files
committed
boot: bootutil: Refactor some functions to have state
Refactors some functions so that the state variable is present in it Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
1 parent 9668469 commit 2fe9cd4

File tree

11 files changed

+83
-68
lines changed

11 files changed

+83
-68
lines changed

boot/boot_serial/src/boot_serial.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -333,7 +333,7 @@ bs_list(char *buf, int len)
333333
}
334334
#endif
335335

336-
FIH_CALL(bootutil_img_validate, fih_rc, NULL, 0, &hdr,
336+
FIH_CALL(bootutil_img_validate, fih_rc, NULL, &hdr,
337337
fap, tmpbuf, sizeof(tmpbuf), NULL, 0, NULL);
338338
#if defined(MCUBOOT_ENC_IMAGES) && !defined(MCUBOOT_SINGLE_APPLICATION_SLOT)
339339
}
@@ -522,7 +522,7 @@ bs_set(char *buf, int len)
522522
&hdr, tmpbuf, sizeof(tmpbuf));
523523
} else {
524524
#endif
525-
FIH_CALL(bootutil_img_validate, fih_rc, NULL, 0, &hdr,
525+
FIH_CALL(bootutil_img_validate, fih_rc, NULL, &hdr,
526526
fap, tmpbuf, sizeof(tmpbuf), NULL, 0, NULL);
527527
#ifdef MCUBOOT_ENC_IMAGES
528528
}

boot/boot_serial/src/boot_serial_encryption.c

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -30,22 +30,20 @@ boot_image_validate_encrypted(const struct flash_area *fa_p,
3030
struct boot_loader_state *state = &boot_data;
3131
struct boot_status _bs;
3232
struct boot_status *bs = &_bs;
33-
uint8_t image_index;
3433
int rc;
3534

3635
memset(&boot_data, 0, sizeof(struct boot_loader_state));
37-
image_index = BOOT_CURR_IMG(state);
3836
if(IS_ENCRYPTED(hdr)) {
39-
rc = boot_enc_load(BOOT_CURR_ENC(state), 1, hdr, fa_p, bs);
37+
rc = boot_enc_load(state, 1, hdr, fa_p, bs);
4038
if (rc < 0) {
4139
FIH_RET(fih_rc);
4240
}
43-
rc = boot_enc_set_key(BOOT_CURR_ENC(state), 1, bs);
41+
rc = boot_enc_set_key(state, 1, bs);
4442
if (rc < 0) {
4543
FIH_RET(fih_rc);
4644
}
4745
}
48-
FIH_CALL(bootutil_img_validate, fih_rc, BOOT_CURR_ENC(state), image_index,
46+
FIH_CALL(bootutil_img_validate, fih_rc, state,
4947
hdr, fa_p, buf, buf_size, NULL, 0, NULL);
5048

5149
FIH_RET(fih_rc);
@@ -238,7 +236,7 @@ decrypt_image_inplace(const struct flash_area *fa_p,
238236
#endif
239237
memset(&boot_data, 0, sizeof(struct boot_loader_state));
240238
/* Load the encryption keys into cache */
241-
rc = boot_enc_load(BOOT_CURR_ENC(state), 0, hdr, fa_p, bs);
239+
rc = boot_enc_load(state, 0, hdr, fa_p, bs);
242240
if (rc < 0) {
243241
FIH_RET(fih_rc);
244242
}

boot/bootutil/include/bootutil/enc_key.h

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,7 @@ struct enc_key_data {
5858
int boot_enc_retrieve_private_key(struct bootutil_key **private_key);
5959

6060
struct boot_status;
61+
struct boot_loader_state;
6162

6263
/* Decrypt random, symmetric encryption key */
6364
int boot_decrypt_key(const uint8_t *buf, uint8_t *enckey);
@@ -66,7 +67,7 @@ int boot_enc_init(struct enc_key_data *enc_state, uint8_t slot);
6667
int boot_enc_drop(struct enc_key_data *enc_state, uint8_t slot);
6768
int boot_enc_set_key(struct enc_key_data *enc_state, uint8_t slot,
6869
const struct boot_status *bs);
69-
int boot_enc_load(struct enc_key_data *enc_state, int slot,
70+
int boot_enc_load(struct boot_loader_state *state, int slot,
7071
const struct image_header *hdr, const struct flash_area *fap,
7172
struct boot_status *bs);
7273
bool boot_enc_valid(struct enc_key_data *enc_state, int slot);

boot/bootutil/include/bootutil/image.h

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -196,7 +196,8 @@ _Static_assert(sizeof(struct image_header) == IMAGE_HEADER_SIZE,
196196
"struct image_header not required size");
197197

198198
struct enc_key_data;
199-
fih_ret bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
199+
struct boot_loader_state;
200+
fih_ret bootutil_img_validate(struct boot_loader_state *state,
200201
struct image_header *hdr,
201202
const struct flash_area *fap,
202203
uint8_t *tmp_buf, uint32_t tmp_buf_sz,
@@ -220,9 +221,9 @@ int bootutil_tlv_iter_next(struct image_tlv_iter *it, uint32_t *off,
220221
uint16_t *len, uint16_t *type);
221222
int bootutil_tlv_iter_is_prot(struct image_tlv_iter *it, uint32_t off);
222223

223-
int32_t bootutil_get_img_security_cnt(struct image_header *hdr,
224+
int32_t bootutil_get_img_security_cnt(struct boot_loader_state *state, int slot,
224225
const struct flash_area *fap,
225-
uint32_t *security_cnt);
226+
uint32_t *img_security_cnt);
226227

227228
#ifdef __cplusplus
228229
}

boot/bootutil/src/encrypted.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -632,10 +632,11 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
632632
* Load encryption key.
633633
*/
634634
int
635-
boot_enc_load(struct enc_key_data *enc_state, int slot,
635+
boot_enc_load(struct boot_loader_state *state, int slot,
636636
const struct image_header *hdr, const struct flash_area *fap,
637637
struct boot_status *bs)
638638
{
639+
struct enc_key_data *enc_state = BOOT_CURR_ENC(state);
639640
uint32_t off;
640641
uint16_t len;
641642
struct image_tlv_iter it;

boot/bootutil/src/image_validate.c

Lines changed: 29 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
* Copyright (c) 2017-2019 Linaro LTD
55
* Copyright (c) 2016-2019 JUUL Labs
66
* Copyright (c) 2019-2024 Arm Limited
7+
* Copyright (c) 2025 Nordic Semiconductor ASA
78
*
89
* Original license:
910
*
@@ -29,6 +30,7 @@
2930
#include <stdint.h>
3031
#include <inttypes.h>
3132
#include <string.h>
33+
#include <errno.h>
3234

3335
#include <flash_map_backend/flash_map_backend.h>
3436

@@ -63,7 +65,7 @@
6365
* SHA256 otherwise).
6466
*/
6567
static int
66-
bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
68+
bootutil_img_hash(struct boot_loader_state *state,
6769
struct image_header *hdr, const struct flash_area *fap,
6870
uint8_t *tmp_buf, uint32_t tmp_buf_sz, uint8_t *hash_result,
6971
uint8_t *seed, int seed_len)
@@ -78,11 +80,14 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
7880
uint32_t off;
7981
uint32_t blk_sz;
8082
#endif
83+
#if defined(MCUBOOT_ENC_IMAGES)
84+
struct enc_key_data *enc_state;
85+
int image_index;
86+
#endif
8187

8288
#if (BOOT_IMAGE_NUMBER == 1) || !defined(MCUBOOT_ENC_IMAGES) || \
8389
defined(MCUBOOT_RAM_LOAD)
84-
(void)enc_state;
85-
(void)image_index;
90+
(void)state;
8691
(void)hdr_size;
8792
(void)blk_off;
8893
(void)tlv_off;
@@ -97,6 +102,14 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
97102
#endif
98103

99104
#ifdef MCUBOOT_ENC_IMAGES
105+
if (state == NULL) {
106+
enc_state = NULL;
107+
image_index = 0;
108+
} else {
109+
enc_state = BOOT_CURR_ENC(state);
110+
image_index = BOOT_CURR_IMG(state);
111+
}
112+
100113
/* Encrypted images only exist in the secondary slot */
101114
if (MUST_DECRYPT(fap, image_index, hdr) &&
102115
!boot_enc_valid(enc_state, 1)) {
@@ -306,15 +319,16 @@ bootutil_find_key(uint8_t image_index, uint8_t *key, uint16_t key_len)
306319
/**
307320
* Reads the value of an image's security counter.
308321
*
309-
* @param hdr Pointer to the image header structure.
322+
* @param state Pointer to the boot state object.
323+
* @param slot Slot of the current image to get the security counter of.
310324
* @param fap Pointer to a description structure of the image's
311325
* flash area.
312326
* @param security_cnt Pointer to store the security counter value.
313327
*
314328
* @return 0 on success; nonzero on failure.
315329
*/
316330
int32_t
317-
bootutil_get_img_security_cnt(struct image_header *hdr,
331+
bootutil_get_img_security_cnt(struct boot_loader_state *state, int slot,
318332
const struct flash_area *fap,
319333
uint32_t *img_security_cnt)
320334
{
@@ -323,19 +337,20 @@ bootutil_get_img_security_cnt(struct image_header *hdr,
323337
uint16_t len;
324338
int32_t rc;
325339

326-
if ((hdr == NULL) ||
340+
if ((state == NULL) ||
341+
(boot_img_hdr(state, slot) == NULL) ||
327342
(fap == NULL) ||
328343
(img_security_cnt == NULL)) {
329344
/* Invalid parameter. */
330345
return BOOT_EBADARGS;
331346
}
332347

333348
/* The security counter TLV is in the protected part of the TLV area. */
334-
if (hdr->ih_protect_tlv_size == 0) {
349+
if (boot_img_hdr(state, slot)->ih_protect_tlv_size == 0) {
335350
return BOOT_EBADIMAGE;
336351
}
337352

338-
rc = bootutil_tlv_iter_begin(&it, hdr, fap, IMAGE_TLV_SEC_CNT, true);
353+
rc = bootutil_tlv_iter_begin(&it, boot_img_hdr(state, slot), fap, IMAGE_TLV_SEC_CNT, true);
339354
if (rc) {
340355
return rc;
341356
}
@@ -355,7 +370,7 @@ bootutil_get_img_security_cnt(struct image_header *hdr,
355370
return BOOT_EBADIMAGE;
356371
}
357372

358-
rc = LOAD_IMAGE_DATA(hdr, fap, off, img_security_cnt, len);
373+
rc = LOAD_IMAGE_DATA(boot_img_hdr(state, slot), fap, off, img_security_cnt, len);
359374
if (rc != 0) {
360375
return BOOT_EFLASH;
361376
}
@@ -434,11 +449,14 @@ static const uint16_t allowed_unprot_tlvs[] = {
434449
* Return non-zero if image could not be validated/does not validate.
435450
*/
436451
fih_ret
437-
bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
452+
bootutil_img_validate(struct boot_loader_state *state,
438453
struct image_header *hdr, const struct flash_area *fap,
439454
uint8_t *tmp_buf, uint32_t tmp_buf_sz, uint8_t *seed,
440455
int seed_len, uint8_t *out_hash)
441456
{
457+
#if (defined(EXPECTED_KEY_TLV) && defined(MCUBOOT_HW_KEY)) || defined(MCUBOOT_HW_ROLLBACK_PROT)
458+
int image_index = (state == NULL ? 0 : BOOT_CURR_IMG(state));
459+
#endif
442460
uint32_t off;
443461
uint16_t len;
444462
uint16_t type;
@@ -471,7 +489,7 @@ bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
471489
#endif
472490

473491
#if defined(EXPECTED_HASH_TLV) && !defined(MCUBOOT_SIGN_PURE)
474-
rc = bootutil_img_hash(enc_state, image_index, hdr, fap, tmp_buf,
492+
rc = bootutil_img_hash(state, hdr, fap, tmp_buf,
475493
tmp_buf_sz, hash, seed, seed_len);
476494
if (rc) {
477495
goto out;

0 commit comments

Comments
 (0)