update tests to properly simulate flash locks

jpbland1 · danielinux · commit 665641dc13fa · 2024-12-17T14:46:24.000+01:00
add hal_flash_unlock after setting the key since setting the key locks flash
diff --git a/hal/sim.c b/hal/sim.c
@@ -54,6 +54,8 @@ static uint8_t *flash_base;
 
 int forceEmergency = 0;
 uint32_t erasefail_address = 0xFFFFFFFF;
+int flashLocked = 1;
+int extFlashLocked = 1;
 
 #define INTERNAL_FLASH_FILE "./internal_flash.dd"
 #define EXTERNAL_FLASH_FILE "./external_flash.dd"
@@ -134,12 +136,12 @@ static int mmap_file(const char *path, uint8_t *address, uint8_t** ret_address)
 
 void hal_flash_unlock(void)
 {
-    /* no op */
+    flashLocked = 0;
 }
 
 void hal_flash_lock(void)
 {
-    /* no op */
+    flashLocked = 1;
 }
 
 void hal_prepare_boot(void)
@@ -150,6 +152,10 @@ void hal_prepare_boot(void)
 int hal_flash_write(uintptr_t address, const uint8_t *data, int len)
 {
     int i;
+    if (flashLocked == 1) {
+        wolfBoot_printf("FLASH IS BEING WRITTEN TO WHILE LOCKED\n");
+        return -1;
+    }
     if (forceEmergency == 1 && address == WOLFBOOT_PARTITION_BOOT_ADDRESS) {
         /* implicit cast abide compiler warning */
         memset((void*)address, 0, len);
@@ -179,6 +185,10 @@ int hal_flash_write(uintptr_t address, const uint8_t *data, int len)
 
 int hal_flash_erase(uintptr_t address, int len)
 {
+    if (flashLocked == 1) {
+        wolfBoot_printf("FLASH IS BEING ERASED WHILE LOCKED\n");
+        return -1;
+    }
     /* implicit cast abide compiler warning */
     wolfBoot_printf( "hal_flash_erase addr %p len %d\n", (void*)address, len);
     if (address == erasefail_address + WOLFBOOT_PARTITION_BOOT_ADDRESS) {
@@ -227,16 +237,20 @@ void hal_init(void)
 
 void ext_flash_lock(void)
 {
-    /* no op */
+    extFlashLocked = 1;
 }
 
 void ext_flash_unlock(void)
 {
-    /* no op */
+    extFlashLocked = 0;
 }
 
 int ext_flash_write(uintptr_t address, const uint8_t *data, int len)
 {
+    if (extFlashLocked == 1) {
+        wolfBoot_printf("EXT FLASH IS BEING WRITTEN TO WHILE LOCKED\n");
+        return -1;
+    }
     memcpy(flash_base + address, data, len);
     return 0;
 }
@@ -249,6 +263,10 @@ int ext_flash_read(uintptr_t address, uint8_t *data, int len)
 
 int ext_flash_erase(uintptr_t address, int len)
 {
+    if (extFlashLocked == 1) {
+        wolfBoot_printf("EXT FLASH IS BEING ERASED WHILE LOCKED\n");
+        return -1;
+    }
     memset(flash_base + address, FLASH_BYTE_ERASED, len);
     return 0;
 }
@@ -287,6 +305,14 @@ void do_boot(const uint32_t *app_offset)
     int ret;
     size_t app_size = WOLFBOOT_PARTITION_SIZE - IMAGE_HEADER_SIZE;
 
+    if (flashLocked == 0) {
+        wolfBoot_printf("WARNING FLASH IS UNLOCKED AT BOOT");
+    }
+
+    if (extFlashLocked == 0) {
+        wolfBoot_printf("WARNING EXT FLASH IS UNLOCKED AT BOOT");
+    }
+
 #ifdef __APPLE__
     typedef int (*main_entry)(int, char**, char**, char**);
     NSObjectFileImage fileImage = NULL;
diff --git a/src/update_flash.c b/src/update_flash.c
@@ -245,36 +245,38 @@ static int wolfBoot_swap_and_final_erase(int resume)
     if ((resume == 1) && (swapDone == 0) && (st != IMG_STATE_FINAL_FLAGS)) {
         return -1;
     }
+
     hal_flash_unlock();
-#ifdef EXT_FLASH
+
+    /* IMG_STATE_FINAL_FLAGS allows re-entry without blowing away swap */
+    if (st != IMG_STATE_FINAL_FLAGS) {
+        /* store the sector at tmpBootPos into swap */
+        wolfBoot_copy_sector(boot, swap, tmpBootPos / WOLFBOOT_SECTOR_SIZE);
+        /* set FINAL_SWAP for re-entry */
+        wolfBoot_set_partition_state(PART_UPDATE, IMG_STATE_FINAL_FLAGS);
+    }
+#ifdef EXT_ENCRYPTED
     ext_flash_unlock();
-#endif
 
     if (swapDone == 0) {
-        /* IMG_STATE_FINAL_FLAGS allows re-entry without blowing away swap */
-        if (st != IMG_STATE_FINAL_FLAGS) {
-            /* store the sector at tmpBootPos into swap */
-            wolfBoot_copy_sector(boot, swap, tmpBootPos / WOLFBOOT_SECTOR_SIZE);
-            /* set FINAL_SWAP for re-entry */
-            wolfBoot_set_partition_state(PART_UPDATE, IMG_STATE_FINAL_FLAGS);
-        }
-#ifdef EXT_ENCRYPTED
         /* get encryption key and iv if encryption is enabled */
         wolfBoot_get_encrypt_key((uint8_t*)tmpBuffer,
             (uint8_t*)&tmpBuffer[ENCRYPT_KEY_SIZE/sizeof(uint32_t)]);
-#endif
         /* write TRAIL, encryption key and iv if enabled to tmpBootPos*/
         tmpBuffer[TRAILER_OFFSET_WORDS] = WOLFBOOT_MAGIC_TRAIL;
 
         wb_flash_erase(boot, tmpBootPos, WOLFBOOT_SECTOR_SIZE);
         wb_flash_write(boot, tmpBootPos, (void*)tmpBuffer, sizeof(tmpBuffer));
     }
+#endif
     /* erase the last boot sector(s) */
     wb_flash_erase(boot, WOLFBOOT_PARTITION_SIZE - eraseLen, eraseLen);
     /* set the encryption key */
 #ifdef EXT_ENCRYPTED
     wolfBoot_set_encrypt_key((uint8_t*)tmpBuffer,
             (uint8_t*)&tmpBuffer[ENCRYPT_KEY_SIZE/sizeof(uint32_t)]);
+    /* wolfBoot_set_encrypt_key calls hal_flash_unlock, need to unlock again */
+    hal_flash_unlock();
 #endif
     /* write the original contents of tmpBootPos back */
     if (tmpBootPos < boot->fw_size + IMAGE_HEADER_SIZE) {
