sim: Added test for over-sized image update

Added test which checks whether too big update image
will be rejected.

Signed-off-by: Andrzej Puzdrowski <[email protected]>

Author: nvlsianpu

sim/src/image.rs

@@ -291,6 +291,29 @@ impl ImagesBuilder {
         }
     }
 
+    pub fn make_oversized_secondary_slot_image(self) -> Images {
+        let mut bad_flash = self.flash;
+        let ram = self.ram.clone(); // TODO: Avoid this clone.
+        let images = self.slots.into_iter().enumerate().map(|(image_num, slots)| {
+            let dep = BoringDep::new(image_num, &NO_DEPS);
+            let primaries = install_image(&mut bad_flash, &slots[0],
+                maximal(32784), &ram, &dep, false);
+            let upgrades = install_image(&mut bad_flash, &slots[1],
+                ImageSize::Oversized, &ram, &dep, false);
+            OneImage {
+                slots,
+                primaries,
+                upgrades,
+            }}).collect();
+        Images {
+            flash: bad_flash,
+            areadesc: self.areadesc,
+            images,
+            total_count: None,
+            ram: self.ram,
+        }
+    }
+
     pub fn make_erased_secondary_image(self) -> Images {
         let mut flash = self.flash;
         let ram = self.ram.clone(); // TODO: Avoid this clone.
@@ -779,6 +802,53 @@ impl Images {
         fails > 0
     }
 
+    // Test taht too big upgrade image will be rejected
+    pub fn run_oversizefail_upgrade(&self) -> bool {
+        let mut flash = self.flash.clone();
+        let mut fails = 0;
+
+        info!("Try upgrade image with to big size");
+
+        // Only perform this test if an upgrade is expected to happen.
+        if !Caps::modifies_flash() {
+            info!("Skipping upgrade image with bad signature");
+            return false;
+        }
+
+        self.mark_upgrades(&mut flash, 0);
+        self.mark_permanent_upgrades(&mut flash, 0);
+        self.mark_upgrades(&mut flash, 1);
+
+        if !self.verify_trailers(&flash, 0, BOOT_MAGIC_GOOD,
+                                 BOOT_FLAG_SET, BOOT_FLAG_UNSET) {
+            warn!("1. Mismatched trailer for the primary slot");
+            fails += 1;
+        }
+
+        // Run the bootloader...
+        if !c::boot_go(&mut flash, &self.areadesc, None, None, false).success() {
+            warn!("Failed first boot");
+            fails += 1;
+        }
+
+        // State should not have changed
+        if !self.verify_images(&flash, 0, 0) {
+            warn!("Failed image verification");
+            fails += 1;
+        }
+        if !self.verify_trailers(&flash, 0, BOOT_MAGIC_GOOD,
+                                 BOOT_FLAG_SET, BOOT_FLAG_UNSET) {
+            warn!("2. Mismatched trailer for the primary slot");
+            fails += 1;
+        }
+
+        if fails > 0 {
+            error!("Expected an upgrade failure when image has to big size");
+        }
+
+        fails > 0
+    }
+
     // Test that an upgrade is rejected.  Assumes that the image was build
     // such that the upgrade is instead a downgrade.
     pub fn run_nodowngrade(&self) -> bool {

sim/tests/core.rs

@@ -56,6 +56,10 @@ sim_test!(revert_with_fails, make_image(&NO_DEPS, false), run_revert_with_fails(
 sim_test!(perm_with_fails, make_image(&NO_DEPS, true), run_perm_with_fails());
 sim_test!(perm_with_random_fails, make_image(&NO_DEPS, true), run_perm_with_random_fails(5));
 sim_test!(norevert, make_image(&NO_DEPS, true), run_norevert());
+
+#[cfg(not(feature = "max-align-32"))]
+sim_test!(oversized_secondary_slot, make_oversized_secondary_slot_image(), run_oversizefail_upgrade());
+
 sim_test!(status_write_fails_complete, make_image(&NO_DEPS, true), run_with_status_fails_complete());
 sim_test!(status_write_fails_with_reset, make_image(&NO_DEPS, true), run_with_status_fails_with_reset());
 sim_test!(downgrade_prevention, make_image(&REV_DEPS, true), run_nodowngrade());