suit: allow for soft failures in case of unavailable payload

The directive now returns SUIT_SUCCESS in cases
of unavailable payload - then this is handled as a "fail condition"
by check_image_match

Signed-off-by: Artur Hadasz <[email protected]>

Author: ahasztag

subsys/suit/platform/app/src/suit_plat_fetch_app_specific.c

@@ -50,6 +50,8 @@ int suit_plat_fetch_domain_specific(suit_component_t dst_handle,
 				    struct stream_sink *dst_sink, struct zcbor_string *uri)
 {
 	int ret = SUIT_SUCCESS;
+	bool hard_failure = false;
+
 	/* Select streamer */
 	switch (dst_component_type) {
 #ifdef CONFIG_SUIT_STREAM_FETCH_SOURCE_MGR
@@ -68,13 +70,23 @@ int suit_plat_fetch_domain_specific(suit_component_t dst_handle,
 #endif
 	default:
 		ret = SUIT_ERR_UNSUPPORTED_COMPONENT_ID;
+		hard_failure = true;
 		break;
 	}
 
 	if (ret == SUIT_SUCCESS && dst_component_type == SUIT_COMPONENT_TYPE_CACHE_POOL) {
 		suit_dfu_cache_sink_commit(dst_sink->ctx);
 	}
 
+	if (!hard_failure) {
+		/* Failures without hard_failure flag set are treated as "unavailable payload"
+		 * failures. These are cases where suit-condition-image-match will detect
+		 * the failure, however suit-plat-fetch should return success to allow
+		 * soft failures.
+		 */
+		ret = SUIT_SUCCESS;
+	}
+
 	return ret;
 }
 

subsys/suit/platform/sdfw/src/suit_plat_fetch_sdfw_specific.c

@@ -78,9 +78,21 @@ int suit_plat_fetch_domain_specific(suit_component_t dst_handle,
 		ret = suit_ipc_streamer_stream(uri->value, uri->len, dst_sink,
 					       CONFIG_SUIT_STREAM_IPC_STREAMER_CHUNK_TIMEOUT,
 					       CONFIG_SUIT_STREAM_IPC_STREAMER_REQUESTING_PERIOD);
+		if (ret != SUIT_PLAT_SUCCESS) {
+			ret = SUIT_PLAT_ERR_NOT_FOUND;
+		}
 	}
 #endif /* CONFIG_SUIT_STREAM_IPC_REQUESTOR */
 
+	if (ret == SUIT_PLAT_ERR_NOT_FOUND) {
+		/* If we arrived here we can treat the source data as unavailable.
+		 * This is a case where suit-condition-image-match will detect
+		 * the failure, however suit-plat-fetch should return success to allow
+		 * soft failures.
+		 */
+		return SUIT_SUCCESS;
+	}
+
 	if (ret == SUIT_PLAT_SUCCESS) {
 		/* Flush any remaining data before reading used storage size */
 		if (dst_sink->flush != NULL) {

subsys/suit/platform/sdfw/src/suit_plat_retrieve_manifest_sdfw_specific.c

@@ -37,7 +37,7 @@ int suit_plat_retrieve_manifest_domain_specific(struct zcbor_string *component_i
 		ret = suit_storage_installed_envelope_get(class_id, envelope_str, envelope_len);
 		if ((ret != SUIT_PLAT_SUCCESS) || (*envelope_str == NULL) || (*envelope_len == 0)) {
 			LOG_ERR("Unable to find installed envelope (err: %d)", ret);
-			ret = SUIT_ERR_UNSUPPORTED_COMPONENT_ID;
+			ret = SUIT_ERR_UNAVAILABLE_PAYLOAD;
 			break;
 		}
 

subsys/suit/platform/src/suit_plat_check_image_match.c

@@ -64,14 +64,20 @@ int suit_plat_check_image_match_mem_mapped(suit_component_t component, enum suit
 	}
 
 	err = suit_generic_address_streamer_stream(data, size, &digest_sink);
-	if (err != SUIT_PLAT_SUCCESS) {
+	if (err == SUIT_PLAT_ERR_INVAL) {
+		LOG_ERR("Invalid value passed to digest sink");
+		/* This can result from an NULL/zero size source payload.
+		 * This case should be treated as a digest mismatch.
+		 */
+		err = SUIT_FAIL_CONDITION;
+	} else if (err != SUIT_PLAT_SUCCESS) {
 		LOG_ERR("Failed to stream to digest sink: %d", err);
 		err = suit_plat_err_to_processor_err_convert(err);
 	} else {
 		err = suit_digest_sink_digest_match(digest_sink.ctx);
 		if (err != SUIT_PLAT_SUCCESS) {
 			LOG_ERR("Failed to check digest: %d", err);
-			/* Translate error code to allow entering another branches in try-each
+			/* Translate error code to allow entering other branches in try-each
 			 * sequence
 			 */
 			err = SUIT_FAIL_CONDITION;
@@ -104,6 +110,9 @@ int suit_plat_check_image_match_mfst(suit_component_t component, enum suit_cose_
 	enum suit_cose_alg alg;
 
 	ret = suit_plat_retrieve_manifest(component, &envelope_str, &envelope_len);
+	if (ret == SUIT_ERR_UNAVAILABLE_PAYLOAD) {
+		return SUIT_FAIL_CONDITION;
+	}
 	if (ret != SUIT_SUCCESS) {
 		LOG_ERR("Failed to check image digest: unable to retrieve manifest contents "
 			"(handle: %p)\r\n",

subsys/suit/platform/src/suit_plat_retrieve_manifest.c

@@ -50,6 +50,10 @@ int suit_plat_retrieve_manifest(suit_component_t component_handle, const uint8_t
 		}
 
 		ret = suit_memptr_storage_ptr_get(handle, envelope_str, envelope_len);
+		if ((*envelope_str == NULL) && (*envelope_len == 0)) {
+			LOG_WRN("Pointer to manifest candidate is empty");
+			return SUIT_ERR_UNAVAILABLE_PAYLOAD;
+		}
 		if ((ret != SUIT_PLAT_SUCCESS) || (*envelope_str == NULL) || (*envelope_len == 0)) {
 			LOG_ERR("Unable to fetch pointer to manifest candidate"
 				"(memptr storage err: %d)",

subsys/suit/stream/stream_sinks/src/suit_memptr_sink.c

@@ -11,11 +11,12 @@ LOG_MODULE_REGISTER(suit_memptr_sink, CONFIG_SUIT_LOG_LEVEL);
 
 static suit_plat_err_t write(void *ctx, const uint8_t *buf, size_t size);
 static suit_plat_err_t used_storage(void *ctx, size_t *size);
+static suit_plat_err_t erase(void *ctx);
 
 suit_plat_err_t suit_memptr_sink_get(struct stream_sink *sink, memptr_storage_handle_t handle)
 {
 	if ((sink != NULL) && (handle != NULL)) {
-		sink->erase = NULL;
+		sink->erase = erase;
 		sink->write = write;
 		sink->seek = NULL;
 		sink->flush = NULL;
@@ -74,3 +75,23 @@ static suit_plat_err_t used_storage(void *ctx, size_t *size)
 	LOG_ERR("Invalid argument.");
 	return SUIT_PLAT_ERR_INVAL;
 }
+
+static suit_plat_err_t erase(void *ctx)
+{
+	suit_memptr_storage_err_t err;
+
+	if (ctx != NULL) {
+		err = suit_memptr_storage_ptr_store(ctx, NULL, 0);
+		if (err != SUIT_PLAT_SUCCESS) {
+			/* In the current conditions suit_memptr_storage_ptr_store will only
+			 * fail with SUIT_MEMPTR_STORAGE_ERR_UNALLOCATED_RECORD
+			 */
+			return SUIT_PLAT_ERR_NOT_FOUND;
+		}
+
+		return SUIT_PLAT_SUCCESS;
+	}
+
+	LOG_ERR("Invalid argument.");
+	return SUIT_PLAT_ERR_INVAL;
+}

tests/subsys/suit/check_image_match/src/main.c

@@ -397,7 +397,7 @@ ZTEST(check_image_match_tests, test_unhandled_component)
 	err = suit_plat_check_image_match(component, suit_cose_sha256, &valid_digest);
 
 	/* THEN appropriate error code is returned */
-	zassert_equal(SUIT_ERR_UNSUPPORTED_COMPONENT_ID, err, "unexpected error code: %d", err);
+	zassert_equal(SUIT_FAIL_CONDITION, err, "unexpected error code: %d", err);
 
 	/* Cleanup */
 	err = suit_plat_release_component_handle(component);

tests/subsys/suit/fetch/src/main.c

@@ -212,8 +212,9 @@ ZTEST(fetch_tests, test_fetch_to_memptr_NOK_uri_not_in_cache)
 	setup_cache_with_sample_entries();
 
 	ret = suit_plat_fetch(component_handle, &uri, NULL);
-	zassert_not_equal(ret, SUIT_SUCCESS,
-			  "suit_plat_fetch should fail - supplied uri is not in cache", ret);
+	zassert_equal(ret, SUIT_SUCCESS,
+			  "suit_plat_fetch should succeed - supplied uri is not in cache, "
+			  "treated as empty payload");
 
 	ret = suit_plat_release_component_handle(component_handle);
 	zassert_equal(ret, SUIT_SUCCESS, "Handle release failed - error %i", ret);

tests/subsys/suit/unit/app_specific/suit_plat_fetch_app/src/main.c

@@ -109,7 +109,7 @@ ZTEST(suit_platform_app_fetch_tests, test_fetch_dfu_cache_streamer_fail)
 	zassert_equal(suit_plat_fetch_domain_specific(TEST_COMPONENT_HANDLE,
 						      SUIT_COMPONENT_TYPE_CAND_IMG, &dummy_sink,
 						      &dummy_uri),
-		      SUIT_ERR_CRASH, "Failed to return correct error code");
+		      SUIT_SUCCESS, "Failed when URI not found in cache (should succeed)");
 	zassert_equal(suit_dfu_cache_streamer_stream_fake.call_count, 1,
 		      "Incorrect number of suit_dfu_cache_streamer_stream() calls");
 	zassert_equal(suit_dfu_cache_streamer_stream_fake.arg0_val, dummy_uri.value,
@@ -168,7 +168,7 @@ ZTEST(suit_platform_app_fetch_tests, test_fetch_fetch_source_streamer_fail)
 	zassert_equal(suit_plat_fetch_domain_specific(TEST_COMPONENT_HANDLE,
 						      SUIT_COMPONENT_TYPE_CACHE_POOL, &dummy_sink,
 						      &dummy_uri),
-		      SUIT_ERR_CRASH, "Failed to return correct error code");
+		      SUIT_SUCCESS, "Failed when unable to fetch payload (should succeed)");
 	zassert_equal(suit_fetch_source_stream_fake.call_count, 1,
 		      "Incorrect number of suit_fetch_source_stream() calls");
 	zassert_equal(suit_fetch_source_stream_fake.arg0_val, dummy_uri.value,

tests/subsys/suit/unit/suit_plat_retrieve_manifest/src/main.c

@@ -562,7 +562,7 @@ ZTEST(suit_platform_retrieve_manifest_tests, test_instld_manifest_not_found)
 	int ret = suit_plat_retrieve_manifest(TEST_COMPONENT_HANDLE, &envelope_str, &envelope_len);
 
 	/* THEN manifest is not returned... */
-	zassert_equal(SUIT_ERR_UNSUPPORTED_COMPONENT_ID, ret, "Invalid manifest retrieved");
+	zassert_equal(SUIT_ERR_UNAVAILABLE_PAYLOAD, ret, "Invalid manifest retrieved");
 
 	/* ... and component ID for given component handle was fetched */
 	zassert_equal(suit_plat_component_id_get_fake.call_count, 1,
@@ -606,7 +606,7 @@ ZTEST(suit_platform_retrieve_manifest_tests, test_instld_manifest_invalid_addres
 	int ret = suit_plat_retrieve_manifest(TEST_COMPONENT_HANDLE, &envelope_str, &envelope_len);
 
 	/* THEN manifest is not returned... */
-	zassert_equal(SUIT_ERR_UNSUPPORTED_COMPONENT_ID, ret, "Invalid manifest retrieved");
+	zassert_equal(SUIT_ERR_UNAVAILABLE_PAYLOAD, ret, "Invalid manifest retrieved");
 
 	/* ... and component ID for given component handle was fetched */
 	zassert_equal(suit_plat_component_id_get_fake.call_count, 1,
@@ -650,7 +650,7 @@ ZTEST(suit_platform_retrieve_manifest_tests, test_instld_manifest_invalid_size)
 	int ret = suit_plat_retrieve_manifest(TEST_COMPONENT_HANDLE, &envelope_str, &envelope_len);
 
 	/* THEN manifest is not returned... */
-	zassert_equal(SUIT_ERR_UNSUPPORTED_COMPONENT_ID, ret, "Invalid manifest retrieved");
+	zassert_equal(SUIT_ERR_UNAVAILABLE_PAYLOAD, ret, "Invalid manifest retrieved");
 
 	/* ... and component ID for given component handle was fetched */
 	zassert_equal(suit_plat_component_id_get_fake.call_count, 1,