Use same format for scratch and slot trailer

ccollins476ad · ccollins476ad · commit 2adef70e331b · 2019-05-31T10:15:08.000-07:00
Prior to this change, the scratch image trailer had a different format
from a slot image trailer.  Specifically:

1. The scratch trailer only contained a single set of status entries
   (three bytes); the slot trailer contained `BOOT_STATUS_MAX_ENTRIES`
   sets of status entries.

2. The scratch trailer did not contain the `copy_done` field.

This inconsistency required some extra conditional logic in the trailer
handling code.  It is simpler to just use the same trailer format
everywhere.

This commit removes this inconsistency.  Now, the scratch trailer
structure is identical to that of the slot trailer.

Signed-off-by: Christopher Collins &lt;ccollins@apache.org&gt;
diff --git a/boot/bootutil/src/bootutil_misc.c b/boot/bootutil/src/bootutil_misc.c
@@ -120,30 +120,16 @@ boot_flag_decode(uint8_t flag)
 }
 
 uint32_t
-boot_slots_trailer_sz(uint8_t min_write_sz)
+boot_trailer_sz(uint8_t min_write_sz)
 {
     return /* state for all sectors */
            BOOT_STATUS_MAX_ENTRIES * BOOT_STATUS_STATE_COUNT * min_write_sz +
 #ifdef MCUBOOT_ENC_IMAGES
            /* encryption keys */
            BOOT_ENC_KEY_SIZE * 2                  +
 #endif
-           /* copy_done + image_ok + swap_size */
-           BOOT_MAX_ALIGN * 3                     +
-           BOOT_MAGIC_SZ;
-}
-
-static uint32_t
-boot_scratch_trailer_sz(uint8_t min_write_sz)
-{
-           /* state for one sector */
-    return BOOT_STATUS_STATE_COUNT * min_write_sz +
-#ifdef MCUBOOT_ENC_IMAGES
-           /* encryption keys */
-           BOOT_ENC_KEY_SIZE * 2                  +
-#endif
-           /* image_ok + swap_size */
-           BOOT_MAX_ALIGN * 2                     +
+           /* swap_type + copy_done + image_ok + swap_size */
+           BOOT_MAX_ALIGN * 4                     +
            BOOT_MAGIC_SZ;
 }
 
@@ -176,11 +162,7 @@ boot_status_off(const struct flash_area *fap)
 
     elem_sz = flash_area_align(fap);
 
-    if (fap->fa_id == FLASH_AREA_IMAGE_SCRATCH) {
-        off_from_end = boot_scratch_trailer_sz(elem_sz);
-    } else {
-        off_from_end = boot_slots_trailer_sz(elem_sz);
-    }
+    off_from_end = boot_trailer_sz(elem_sz);
 
     assert(off_from_end <= fap->fa_size);
     return fap->fa_size - off_from_end;
@@ -189,7 +171,6 @@ boot_status_off(const struct flash_area *fap)
 static uint32_t
 boot_copy_done_off(const struct flash_area *fap)
 {
-    assert(fap->fa_id != FLASH_AREA_IMAGE_SCRATCH);
     assert(offsetof(struct image_trailer, copy_done) == 0);
     return fap->fa_size - BOOT_MAGIC_SZ - BOOT_MAX_ALIGN * 2;
 }
@@ -204,27 +185,14 @@ boot_image_ok_off(const struct flash_area *fap)
 static uint32_t
 boot_swap_size_off(const struct flash_area *fap)
 {
-    /*
-     * The "swap_size" field if located just before the trailer.
-     * The scratch slot doesn't store "copy_done"...
-     */
-    if (fap->fa_id == FLASH_AREA_IMAGE_SCRATCH) {
-        return fap->fa_size - BOOT_MAGIC_SZ - BOOT_MAX_ALIGN * 2;
-    }
-
-    return fap->fa_size - BOOT_MAGIC_SZ - BOOT_MAX_ALIGN * 3;
+    return fap->fa_size - BOOT_MAGIC_SZ - BOOT_MAX_ALIGN * 4;
 }
 
 #ifdef MCUBOOT_ENC_IMAGES
 static uint32_t
 boot_enc_key_off(const struct flash_area *fap, uint8_t slot)
 {
-    if (fap->fa_id == FLASH_AREA_IMAGE_SCRATCH) {
-        return fap->fa_size - BOOT_MAGIC_SZ - BOOT_MAX_ALIGN * 2 -
-                              ((slot + 1) * BOOT_ENC_KEY_SIZE);
-    }
-
-    return fap->fa_size - BOOT_MAGIC_SZ - BOOT_MAX_ALIGN * 3 -
+    return fap->fa_size - BOOT_MAGIC_SZ - BOOT_MAX_ALIGN * 4 -
                           ((slot + 1) * BOOT_ENC_KEY_SIZE);
 }
 #endif
@@ -248,18 +216,16 @@ boot_read_swap_state(const struct flash_area *fap,
         state->magic = boot_magic_decode(magic);
     }
 
-    if (fap->fa_id != FLASH_AREA_IMAGE_SCRATCH) {
-        off = boot_copy_done_off(fap);
-        rc = flash_area_read_is_empty(fap, off, &state->copy_done,
-                sizeof state->copy_done);
-        if (rc < 0) {
-            return BOOT_EFLASH;
-        }
-        if (rc == 1) {
-            state->copy_done = BOOT_FLAG_UNSET;
-        } else {
-            state->copy_done = boot_flag_decode(state->copy_done);
-        }
+    off = boot_copy_done_off(fap);
+    rc = flash_area_read_is_empty(fap, off, &state->copy_done,
+            sizeof state->copy_done);
+    if (rc < 0) {
+        return BOOT_EFLASH;
+    }
+    if (rc == 1) {
+        state->copy_done = BOOT_FLAG_UNSET;
+    } else {
+        state->copy_done = boot_flag_decode(state->copy_done);
     }
 
     off = boot_image_ok_off(fap);
diff --git a/boot/bootutil/src/bootutil_priv.h b/boot/bootutil/src/bootutil_priv.h
@@ -180,7 +180,7 @@ struct boot_loader_state {
 int bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig,
                         size_t slen, uint8_t key_id);
 
-uint32_t boot_slots_trailer_sz(uint8_t min_write_sz);
+uint32_t boot_trailer_sz(uint8_t min_write_sz);
 int boot_status_entries(const struct flash_area *fap);
 uint32_t boot_status_off(const struct flash_area *fap);
 int boot_read_swap_state(const struct flash_area *fap,
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
@@ -1026,7 +1026,7 @@ boot_erase_trailer_sectors(const struct flash_area *fap)
 
     /* delete starting from last sector and moving to beginning */
     sector = boot_img_num_sectors(&boot_data, slot) - 1;
-    trailer_sz = boot_slots_trailer_sz(BOOT_WRITE_SZ(&boot_data));
+    trailer_sz = boot_trailer_sz(BOOT_WRITE_SZ(&boot_data));
     total_sz = 0;
     do {
         sz = boot_img_sector_size(&boot_data, slot, sector);
@@ -1072,7 +1072,7 @@ boot_swap_sectors(int idx, uint32_t sz, struct boot_status *bs)
     img_off = boot_img_sector_off(&boot_data, BOOT_PRIMARY_SLOT, idx);
 
     copy_sz = sz;
-    trailer_sz = boot_slots_trailer_sz(BOOT_WRITE_SZ(&boot_data));
+    trailer_sz = boot_trailer_sz(BOOT_WRITE_SZ(&boot_data));
 
     /* sz in this function is always sized on a multiple of the sector size.
      * The check against the start offset of the last sector
diff --git a/sim/mcuboot-sys/src/c.rs b/sim/mcuboot-sys/src/c.rs
@@ -41,7 +41,7 @@ pub fn boot_go(multiflash: &mut SimMultiFlash, areadesc: &AreaDesc,
 }
 
 pub fn boot_trailer_sz(align: u8) -> u32 {
-    unsafe { raw::boot_slots_trailer_sz(align) }
+    unsafe { raw::boot_trailer_sz(align) }
 }
 
 pub fn boot_magic_sz() -> usize {
@@ -87,7 +87,7 @@ mod raw {
         pub static mut c_asserts: u8;
         pub static mut c_catch_asserts: u8;
 
-        pub fn boot_slots_trailer_sz(min_write_sz: u8) -> u32;
+        pub fn boot_trailer_sz(min_write_sz: u8) -> u32;
 
         pub static BOOT_MAGIC_SZ: u32;
         pub static BOOT_MAX_ALIGN: u32;

Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ pub fn boot_go(multiflash: &mut SimMultiFlash, areadesc: &AreaDesc,`
`41`	`41`	`}`
`42`	`42`
`43`	`43`	`pub fn boot_trailer_sz(align: u8) -> u32 {`
`44`		`- unsafe { raw::boot_slots_trailer_sz(align) }`
	`44`	`+ unsafe { raw::boot_trailer_sz(align) }`
`45`	`45`	`}`
`46`	`46`
`47`	`47`	`pub fn boot_magic_sz() -> usize {`
`@@ -87,7 +87,7 @@ mod raw {`
`87`	`87`	`pub static mut c_asserts: u8;`
`88`	`88`	`pub static mut c_catch_asserts: u8;`
`89`	`89`
`90`		`- pub fn boot_slots_trailer_sz(min_write_sz: u8) -> u32;`
	`90`	`+ pub fn boot_trailer_sz(min_write_sz: u8) -> u32;`
`91`	`91`
`92`	`92`	`pub static BOOT_MAGIC_SZ: u32;`
`93`	`93`	`pub static BOOT_MAX_ALIGN: u32;`