api: port reboot api endpoint to rust

Author: benma

src/CMakeLists.txt

@@ -423,6 +423,7 @@ add_custom_target(rust-bindgen
     --whitelist-function app_eth_erc20_params_get
     --whitelist-function app_eth_sighash
     --whitelist-function app_btc_address_simple
+    --whitelist-function reboot
     ${CMAKE_CURRENT_SOURCE_DIR}/rust/bitbox02-sys/wrapper.h --
     -DPB_NO_PACKED_STRUCTS=1 -DPB_FIELD_16BIT=1 -fshort-enums ${RUST_BINDGEN_FLAGS} ${RUST_INCLUDES}
   COMMAND

src/commander/commander.c

@@ -33,7 +33,6 @@
 #include <util.h>
 #include <version.h>
 
-#include <workflow/reboot.h>
 #include <workflow/restore.h>
 #include <workflow/workflow.h>
 
@@ -105,14 +104,6 @@ static commander_error_t _api_restore_backup(const RestoreBackupRequest* request
 }
 #endif
 
-static commander_error_t _api_reboot(void)
-{
-    if (!workflow_reboot()) {
-        return COMMANDER_ERR_GENERIC;
-    }
-    return COMMANDER_OK;
-}
-
 // ------------------------------------ Process ------------------------------------- //
 
 /**
@@ -156,9 +147,6 @@ static commander_error_t _api_process(const Request* request, Response* response
         response->which_response = Response_success_tag;
         return commander_bitboxbase(&(request->request.bitboxbase));
 #endif
-    case Request_reboot_tag:
-        response->which_response = Response_success_tag;
-        return _api_reboot();
     default:
         screen_print_debug("command unknown", 1000);
         return COMMANDER_ERR_INVALID_INPUT;

src/rust/bitbox02-rust/src/hww/api.rs

@@ -33,6 +33,7 @@ mod set_device_name;
 mod set_mnemonic_passphrase_enabled;
 mod set_password;
 mod show_mnemonic;
+mod system;
 
 use alloc::vec::Vec;
 
@@ -120,6 +121,7 @@ async fn process_api_btc(_request: &Request) -> Option<Result<Response, Error>>
 /// the C commander.
 async fn process_api(request: &Request) -> Option<Result<Response, Error>> {
     match request {
+        Request::Reboot(ref request) => Some(system::reboot(request).await),
         Request::DeviceInfo(_) => Some(device_info::process()),
         Request::DeviceName(ref request) => Some(set_device_name::process(request).await),
         Request::SetPassword(ref request) => Some(set_password::process(request).await),

src/rust/bitbox02-rust/src/hww/api/system.rs

@@ -0,0 +1,76 @@
+// Copyright 2021 Shift Crypto AG
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use super::Error;
+use crate::pb;
+
+use pb::response::Response;
+
+use crate::workflow::confirm;
+
+pub async fn reboot(&pb::RebootRequest {}: &pb::RebootRequest) -> Result<Response, Error> {
+    confirm::confirm(&confirm::Params {
+        title: "",
+        body: "Proceed to upgrade?",
+        ..Default::default()
+    })
+    .await?;
+    bitbox02::reboot()
+}
+
+#[cfg(test)]
+mod tests {
+    extern crate std;
+    use super::*;
+
+    use crate::bb02_async::block_on;
+    use bitbox02::testing::{mock, Data, MUTEX};
+    use std::boxed::Box;
+
+    #[test]
+    pub fn test_reboot() {
+        let _guard = MUTEX.lock().unwrap();
+
+        mock(Data {
+            ui_confirm_create: Some(Box::new(|_| true)),
+            ..Default::default()
+        });
+        let reboot_called = std::panic::catch_unwind(|| {
+            block_on(reboot(&pb::RebootRequest {
+                purpose: Purpose::Upgrade as _,
+            }))
+            .unwrap();
+        });
+        match reboot_called {
+            Ok(()) => panic!("reboot was not called"),
+            Err(msg) => assert_eq!(msg.downcast_ref::<&str>(), Some(&"reboot called")),
+        }
+    }
+
+    #[test]
+    pub fn test_reboot_aborted() {
+        let _guard = MUTEX.lock().unwrap();
+
+        mock(Data {
+            ui_confirm_create: Some(Box::new(|_| false)),
+            ..Default::default()
+        });
+        assert_eq!(
+            block_on(reboot(&pb::RebootRequest {
+                purpose: Purpose::Upgrade as _
+            })),
+            Err(Error::UserAbort),
+        );
+    }
+}

src/rust/bitbox02-sys/wrapper.h

@@ -51,6 +51,7 @@
 #include <wally_core.h>
 #include <wally_crypto.h>
 #include <workflow/confirm.h>
+#include <workflow/reboot.h>
 
 #if !defined(TESTING)
 #include <hal_delay.h>

src/rust/bitbox02/src/lib.rs

@@ -280,3 +280,14 @@ pub fn version_short() -> &'static str {
 pub fn version_short() -> &'static str {
     "9.2.0-testing"
 }
+
+#[cfg(not(feature = "testing"))]
+pub fn reboot() -> ! {
+    unsafe { bitbox02_sys::reboot() }
+    loop {}
+}
+
+#[cfg(feature = "testing")]
+pub fn reboot() -> ! {
+    panic!("reboot called")
+}

src/workflow/reboot.c

@@ -13,14 +13,13 @@
 // limitations under the License.
 
 #include "reboot.h"
-#include "confirm.h"
 #include <memory/memory.h>
 #include <screen.h>
 #ifndef TESTING
 #include <driver_init.h>
 #endif
 
-static void _reboot(void)
+void reboot(void)
 {
     auto_enter_t auto_enter = {
         .value = sectrue_u8,
@@ -42,19 +41,3 @@ static void _reboot(void)
     _reset_mcu();
 #endif
 }
-
-bool workflow_reboot(void)
-{
-#if PLATFORM_BITBOX02 == 1
-    // Only ask on the bitbox02 platform, bitboxbase will always reboot
-    const confirm_params_t params = {
-        .title = "",
-        .body = "Proceed to upgrade?",
-    };
-    if (!workflow_confirm_blocking(&params)) {
-        return false;
-    }
-#endif
-    _reboot();
-    return true;
-}

src/workflow/reboot.h

@@ -15,13 +15,9 @@
 #ifndef _WORKFLOW_REBOOT_H_
 #define _WORKFLOW_REBOOT_H_
 
-#include <stdbool.h>
-
 /**
- * Shows a confirmation dialog to the user to confirm/reject rebooting the
- * device into bootoader mode to upgrade the firmware.
- * @return true if the user confirms, false if the user rejects.
+ * Reboots the device.
  */
-bool workflow_reboot(void);
+void reboot(void);
 
 #endif