Merge branch 'mcu-tools:main' into usb.dfu.optimization

Author: sayooj-aerlync

.github/workflows/zephyr_build.yaml

@@ -69,7 +69,7 @@ jobs:
       - name: Setup Zephyr
         working-directory: repos/zephyr
         run: |
-          west config --system manifest.project-filter -- -.*,+cmsis,+hal_nordic,+hal_nxp,+hal_stm32,+libmetal,+littlefs,+mbedtls,+mcuboot,+open-amp,+picolibc,+segger,+tinycrypt,+trusted-firmware-m,+zcbor
+          west config --system manifest.project-filter -- -.*,+cmsis,+cmsis_6,+hal_nordic,+hal_nxp,+hal_stm32,+libmetal,+littlefs,+mbedtls,+mcuboot,+open-amp,+picolibc,+segger,+tinycrypt,+trusted-firmware-m,+zcbor
           west init -l .
           west update
 

README.md

@@ -18,7 +18,7 @@
 [travis]: https://travis-ci.org/mcu-tools/mcuboot
 [license]: https://github.com/mcu-tools/mcuboot/blob/main/LICENSE
 
-This is MCUboot version 2.2.0-rc1
+This is MCUboot version 2.2.0
 
 MCUboot is a secure bootloader for 32-bits microcontrollers. It defines a
 common infrastructure for the bootloader and the system flash layout on

boot/boot_serial/src/boot_serial.c

@@ -177,12 +177,19 @@ static int boot_serial_get_hash(const struct image_header *hdr,
 #endif
 #endif
 
-static zcbor_state_t cbor_state[2];
+#ifdef ZCBOR_CANONICAL
+/* Allow 3 extra states for backup states for all commands */
+#define CBOR_EXTRA_STATES 3
+#else
+#define CBOR_EXTRA_STATES 0
+#endif
+
+static zcbor_state_t cbor_state[2 + CBOR_EXTRA_STATES];
 
 void reset_cbor_state(void)
 {
-    zcbor_new_encode_state(cbor_state, 2, (uint8_t *)bs_obuf,
-        sizeof(bs_obuf), 0);
+    zcbor_new_encode_state(cbor_state, ARRAY_SIZE(cbor_state), (uint8_t *)bs_obuf,
+                           sizeof(bs_obuf), 0);
 }
 
 /**
@@ -497,6 +504,7 @@ bs_set(char *buf, int len)
      *   "hash":<hash of image (OPTIONAL for single image only)>
      * }
      */
+    uint32_t slot;
     uint8_t image_index = 0;
     size_t decoded = 0;
     uint8_t hash[IMAGE_HASH_SIZE];
@@ -509,8 +517,8 @@ bs_set(char *buf, int len)
     bool found = false;
 #endif
 
-    zcbor_state_t zsd[4];
-    zcbor_new_state(zsd, sizeof(zsd) / sizeof(zcbor_state_t), (uint8_t *)buf, len, 1, NULL, 0);
+    zcbor_state_t zsd[4 + CBOR_EXTRA_STATES];
+    zcbor_new_decode_state(zsd, ARRAY_SIZE(zsd), (uint8_t *)buf, len, 1, NULL, 0);
 
     struct zcbor_map_decode_key_val image_set_state_decode[] = {
         ZCBOR_MAP_DECODE_KEY_DECODER("confirm", zcbor_bool_decode, &confirm),
@@ -536,98 +544,106 @@ bs_set(char *buf, int len)
     }
 
     if (img_hash.len != 0) {
-        for (image_index = 0; image_index < BOOT_IMAGE_NUMBER; ++image_index) {
-            struct image_header hdr;
-            uint32_t area_id;
-            const struct flash_area *fap;
-            uint8_t tmpbuf[64];
+        IMAGES_ITER(image_index) {
+#ifdef MCUBOOT_SWAP_USING_OFFSET
+            int swap_status = boot_swap_type_multi(image_index);
+#endif
+
+            for (slot = 0; slot < BOOT_NUM_SLOTS; slot++) {
+                struct image_header hdr;
+                uint32_t area_id;
+                const struct flash_area *fap;
+                uint8_t tmpbuf[64];
 
 #ifdef MCUBOOT_SWAP_USING_OFFSET
-            uint32_t num_sectors = SWAP_USING_OFFSET_SECTOR_UPDATE_BEGIN;
-            struct flash_sector sector_data;
-            uint32_t start_off = 0;
+                uint32_t num_sectors = SWAP_USING_OFFSET_SECTOR_UPDATE_BEGIN;
+                struct flash_sector sector_data;
+                uint32_t start_off = 0;
 #endif
 
-            area_id = flash_area_id_from_multi_image_slot(image_index, 1);
-            if (flash_area_open(area_id, &fap)) {
-                BOOT_LOG_ERR("Failed to open flash area ID %d", area_id);
-                continue;
-            }
+                area_id = flash_area_id_from_multi_image_slot(image_index, slot);
+                if (flash_area_open(area_id, &fap)) {
+                    BOOT_LOG_ERR("Failed to open flash area ID %d", area_id);
+                    continue;
+                }
 
 #ifdef MCUBOOT_SWAP_USING_OFFSET
-            rc = flash_area_sectors(fap, &num_sectors, &sector_data);
+                if (slot == BOOT_SECONDARY_SLOT && swap_status != BOOT_SWAP_TYPE_REVERT) {
+                    rc = flash_area_sectors(fap, &num_sectors, &sector_data);
 
-            if ((rc != 0 && rc != -ENOMEM) ||
-                num_sectors != SWAP_USING_OFFSET_SECTOR_UPDATE_BEGIN) {
-                flash_area_close(fap);
-                continue;
-            }
+                    if ((rc != 0 && rc != -ENOMEM) ||
+                        num_sectors != SWAP_USING_OFFSET_SECTOR_UPDATE_BEGIN) {
+                        flash_area_close(fap);
+                        continue;
+                    }
 
-            start_off = sector_data.fs_size;
+                    start_off = sector_data.fs_size;
+                }
 #endif
 
-            rc = BOOT_HOOK_CALL(boot_read_image_header_hook,
-                                BOOT_HOOK_REGULAR, image_index, 1, &hdr);
-            if (rc == BOOT_HOOK_REGULAR)
-            {
+                rc = BOOT_HOOK_CALL(boot_read_image_header_hook,
+                                    BOOT_HOOK_REGULAR, image_index, 1, &hdr);
+                if (rc == BOOT_HOOK_REGULAR)
+                {
 #ifdef MCUBOOT_SWAP_USING_OFFSET
-                flash_area_read(fap, start_off, &hdr, sizeof(hdr));
+                    flash_area_read(fap, start_off, &hdr, sizeof(hdr));
 #else
-                flash_area_read(fap, 0, &hdr, sizeof(hdr));
+                    flash_area_read(fap, 0, &hdr, sizeof(hdr));
 #endif
-            }
-
-            if (hdr.ih_magic == IMAGE_MAGIC)
-            {
-                FIH_DECLARE(fih_rc, FIH_FAILURE);
+                }
 
-                BOOT_HOOK_CALL_FIH(boot_image_check_hook,
-                                   FIH_BOOT_HOOK_REGULAR,
-                                   fih_rc, image_index, 1);
-                if (FIH_EQ(fih_rc, FIH_BOOT_HOOK_REGULAR))
+                if (hdr.ih_magic == IMAGE_MAGIC)
                 {
+                    FIH_DECLARE(fih_rc, FIH_FAILURE);
+
+                    BOOT_HOOK_CALL_FIH(boot_image_check_hook,
+                                       FIH_BOOT_HOOK_REGULAR,
+                                       fih_rc, image_index, 1);
+                    if (FIH_EQ(fih_rc, FIH_BOOT_HOOK_REGULAR))
+                    {
 #ifdef MCUBOOT_ENC_IMAGES
-                    if (IS_ENCRYPTED(&hdr)) {
+                        if (IS_ENCRYPTED(&hdr)) {
 #ifdef MCUBOOT_SWAP_USING_OFFSET
-                        FIH_CALL(boot_image_validate_encrypted, fih_rc, fap,
-                                 &hdr, tmpbuf, sizeof(tmpbuf), start_off);
+                            FIH_CALL(boot_image_validate_encrypted, fih_rc, fap,
+                                     &hdr, tmpbuf, sizeof(tmpbuf), start_off);
 #else
-                        FIH_CALL(boot_image_validate_encrypted, fih_rc, fap,
-                                 &hdr, tmpbuf, sizeof(tmpbuf));
+                            FIH_CALL(boot_image_validate_encrypted, fih_rc, fap,
+                                     &hdr, tmpbuf, sizeof(tmpbuf));
 #endif
-                    } else {
+                        } else {
 #endif
 #ifdef MCUBOOT_SWAP_USING_OFFSET
-                        FIH_CALL(bootutil_img_validate, fih_rc, NULL, &hdr,
-                                 fap, tmpbuf, sizeof(tmpbuf), NULL, 0, NULL, start_off);
+                            FIH_CALL(bootutil_img_validate, fih_rc, NULL, &hdr,
+                                     fap, tmpbuf, sizeof(tmpbuf), NULL, 0, NULL, start_off);
 #else
-                        FIH_CALL(bootutil_img_validate, fih_rc, NULL, &hdr,
-                                 fap, tmpbuf, sizeof(tmpbuf), NULL, 0, NULL);
+                            FIH_CALL(bootutil_img_validate, fih_rc, NULL, &hdr,
+                                     fap, tmpbuf, sizeof(tmpbuf), NULL, 0, NULL);
 #endif
 #ifdef MCUBOOT_ENC_IMAGES
-                    }
+                        }
 #endif
-                }
+                    }
 
-                if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
-                    continue;
+                    if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
+                        continue;
+                    }
                 }
-            }
 
 #ifdef MCUBOOT_SERIAL_IMG_GRP_HASH
-            /* Retrieve hash of image for identification */
+                /* Retrieve hash of image for identification */
 #ifdef MCUBOOT_SWAP_USING_OFFSET
-            rc = boot_serial_get_hash(&hdr, fap, hash, start_off);
+                rc = boot_serial_get_hash(&hdr, fap, hash, start_off);
 #else
-            rc = boot_serial_get_hash(&hdr, fap, hash);
+                rc = boot_serial_get_hash(&hdr, fap, hash);
 #endif
 #endif
-            flash_area_close(fap);
+                flash_area_close(fap);
 
-            if (rc == 0 && memcmp(hash, img_hash.value, sizeof(hash)) == 0) {
-                /* Hash matches, set this slot for test or confirmation */
-                found = true;
-                break;
+                if (rc == 0 && memcmp(hash, img_hash.value, sizeof(hash)) == 0) {
+                    /* Hash matches, set this slot for test or confirmation */
+                    found = true;
+                    goto set_image_state;
+                }
             }
         }
 
@@ -640,6 +656,7 @@ bs_set(char *buf, int len)
     }
 #endif
 
+set_image_state:
     rc = boot_set_pending_multi(image_index, confirm);
 
 out:
@@ -683,6 +700,8 @@ bs_list_set(uint8_t op, char *buf, int len)
         bs_rc_rsp(MGMT_ERR_ENOTSUP);
 #endif
     }
+
+    reset_cbor_state();
 }
 
 #ifdef MCUBOOT_SERIAL_IMG_GRP_SLOT_INFO
@@ -856,7 +875,7 @@ static off_t erase_range(const struct flash_area *fap, off_t start, off_t end)
     BOOT_LOG_DBG("Erasing range 0x%jx:0x%jx", (intmax_t)start,
 		 (intmax_t)(start + size - 1));
 
-    rc = boot_erase_region(fap, start, size);
+    rc = boot_erase_region(fap, start, size, false);
     if (rc != 0) {
         BOOT_LOG_ERR("Error %d while erasing range", rc);
         return -EINVAL;
@@ -901,8 +920,8 @@ bs_upload(char *buf, int len)
     static uint32_t start_off = 0;
 #endif
 
-    zcbor_state_t zsd[4];
-    zcbor_new_state(zsd, sizeof(zsd) / sizeof(zcbor_state_t), (uint8_t *)buf, len, 1, NULL, 0);
+    zcbor_state_t zsd[4 + CBOR_EXTRA_STATES];
+    zcbor_new_decode_state(zsd, ARRAY_SIZE(zsd), (uint8_t *)buf, len, 1, NULL, 0);
 
     struct zcbor_map_decode_key_val image_upload_decode[] = {
         ZCBOR_MAP_DECODE_KEY_DECODER("image", zcbor_uint32_decode, &img_num_tmp),
@@ -1000,7 +1019,7 @@ bs_upload(char *buf, int len)
         /* Non-progressive erase erases entire image slot when first chunk of
          * an image is received.
          */
-        rc = boot_erase_region(fap, 0, area_size);
+        rc = boot_erase_region(fap, 0, area_size, false);
         if (rc) {
             goto out_invalid_data;
         }
@@ -1210,8 +1229,8 @@ bs_echo(char *buf, int len)
     bool ok;
     uint32_t rc = MGMT_ERR_EINVAL;
 
-    zcbor_state_t zsd[4];
-    zcbor_new_state(zsd, sizeof(zsd) / sizeof(zcbor_state_t), (uint8_t *)buf, len, 1, NULL, 0);
+    zcbor_state_t zsd[4 + CBOR_EXTRA_STATES];
+    zcbor_new_decode_state(zsd, ARRAY_SIZE(zsd), (uint8_t *)buf, len, 1, NULL, 0);
 
     if (!zcbor_map_start_decode(zsd)) {
         goto out;

boot/boot_serial/src/boot_serial_encryption.c

@@ -11,7 +11,6 @@
 #include "bootutil/bootutil_log.h"
 #include "bootutil/bootutil_public.h"
 #include "bootutil/fault_injection_hardening.h"
-#include "bootutil/enc_key.h"
 
 #include "mcuboot_config/mcuboot_config.h"
 
@@ -187,7 +186,7 @@ decrypt_region_inplace(struct boot_loader_state *state,
                     (off + bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
                     blk_off, &buf[idx]);
         }
-        rc = boot_erase_region(fap, off + bytes_copied, chunk_sz);
+        rc = boot_erase_region(fap, off + bytes_copied, chunk_sz, false);
         if (rc != 0) {
             return BOOT_EFLASH;
         }

boot/bootutil/include/bootutil/crypto/aes_ctr.h

@@ -19,30 +19,27 @@
     #error "One crypto backend must be defined: either MBED_TLS or TINYCRYPT or PSA"
 #endif
 
+#include "bootutil/enc_key_public.h"
+
 #if defined(MCUBOOT_USE_MBED_TLS)
     #include <mbedtls/aes.h>
-    #include "bootutil/enc_key_public.h"
-    #define BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE BOOT_ENC_KEY_SIZE
-    #define BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE (16)
+    #define BOOT_ENC_BLOCK_SIZE (16)
 #endif /* MCUBOOT_USE_MBED_TLS */
 
 #if defined(MCUBOOT_USE_TINYCRYPT)
-    #if defined(MCUBOOT_AES_256)
-        #error "Cannot use AES-256 for encryption with Tinycrypt library."
-    #endif
     #include <string.h>
     #include <tinycrypt/aes.h>
     #include <tinycrypt/ctr_mode.h>
     #include <tinycrypt/constants.h>
-    #define BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE TC_AES_KEY_SIZE
-    #define BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE TC_AES_BLOCK_SIZE
+    #if defined(MCUBOOT_AES_256) || (BOOT_ENC_KEY_SIZE != TC_AES_KEY_SIZE)
+        #error "Cannot use AES-256 for encryption with Tinycrypt library."
+    #endif
+    #define BOOT_ENC_BLOCK_SIZE TC_AES_BLOCK_SIZE
 #endif /* MCUBOOT_USE_TINYCRYPT */
 
 #if defined(MCUBOOT_USE_PSA_CRYPTO)
     #include <psa/crypto.h>
-    #include "bootutil/enc_key_public.h"
-    #define BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE BOOT_ENC_KEY_SIZE
-    #define BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE (16)
+    #define BOOT_ENC_BLOCK_SIZE (16)
 #endif
 
 #include <stdint.h>
@@ -91,18 +88,18 @@ static inline void bootutil_aes_ctr_drop(bootutil_aes_ctr_context *ctx)
 
 static inline int bootutil_aes_ctr_set_key(bootutil_aes_ctr_context *ctx, const uint8_t *k)
 {
-    return mbedtls_aes_setkey_enc(ctx, k, BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE * 8);
+    return mbedtls_aes_setkey_enc(ctx, k, BOOT_ENC_KEY_SIZE * 8);
 }
 
 static inline int bootutil_aes_ctr_encrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *m, uint32_t mlen, size_t blk_off, uint8_t *c)
 {
-    uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];
+    uint8_t stream_block[BOOT_ENC_BLOCK_SIZE];
     return mbedtls_aes_crypt_ctr(ctx, mlen, &blk_off, counter, stream_block, m, c);
 }
 
 static inline int bootutil_aes_ctr_decrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *c, uint32_t clen, size_t blk_off, uint8_t *m)
 {
-    uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];
+    uint8_t stream_block[BOOT_ENC_BLOCK_SIZE];
     return mbedtls_aes_crypt_ctr(ctx, clen, &blk_off, counter, stream_block, c, m);
 }
 #endif /* MCUBOOT_USE_MBED_TLS */