mcuboot: Update to 1.7.0-rc1

Signed-off-by: Øyvind Rønningstad <[email protected]>

Author: oyvindronningstad

mcuboot/.github/workflows/mynewt.yaml

@@ -0,0 +1,26 @@
+# For development, trigger this on any push.
+on: [pull_request]
+
+jobs:
+  environment:
+    name: Mynewt build
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - name: Print the environment
+      run: |
+        uname -a
+        lscpu
+        free
+        pwd
+    - name: Signed commit check
+      run: |
+        ./ci/check-signed-off-by.sh
+    - name: Mynewt install
+      run: |
+        ./ci/mynewt_install.sh
+    - name: Mynewt run
+      run: |
+        ./ci/mynewt_run.sh

mcuboot/.github/workflows/sim.yaml

@@ -0,0 +1,50 @@
+# For development, trigger this on any push.
+on: [pull_request]
+
+jobs:
+  environment:
+    strategy:
+      matrix:
+        features:
+        - "sig-ecdsa,sig-ed25519,enc-kw,bootstrap"
+        - "sig-rsa,sig-rsa3072,overwrite-only,validate-primary-slot,swap-move"
+        - "enc-rsa"
+        - "enc-ec256"
+        - "enc-x25519"
+        - "sig-rsa overwrite-only large-write,sig-ecdsa overwrite-only large-write,multiimage overwrite-only large-write"
+        - "sig-rsa validate-primary-slot,sig-ecdsa validate-primary-slot,sig-rsa multiimage validate-primary-slot"
+        - "enc-kw overwrite-only large-write,enc-rsa overwrite-only large-write"
+        - "sig-rsa enc-rsa validate-primary-slot,swap-move enc-rsa sig-rsa validate-primary-slot bootstrap"
+        - "sig-rsa enc-kw validate-primary-slot bootstrap,sig-ed25519 enc-x25519 validate-primary-slot"
+        - "sig-ecdsa enc-kw validate-primary-slot"
+        - "sig-rsa validate-primary-slot overwrite-only large-write"
+        - "sig-ecdsa enc-ec256 validate-primary-slot"
+        - "sig-rsa validate-primary-slot overwrite-only downgrade-prevention"
+    name: Sim
+    runs-on: ubuntu-latest
+    env:
+      MULTI_FEATURES: ${{ matrix.features }}
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+        submodules: recursive
+    - name: Print the environment
+      run: |
+        uname -a
+        lscpu
+        free
+        pwd
+    - name: Signed commit check
+      run: |
+        ./ci/check-signed-off-by.sh
+    - name: Install stable Rust
+      uses: actions-rs/toolchain@v1
+      with:
+        toolchain: stable
+    - name: Sim install
+      run: |
+        ./ci/sim_install.sh
+    - name: Sim run
+      run: |
+        ./ci/sim_run.sh

mcuboot/.travis.yml

@@ -16,39 +16,39 @@ matrix:
   include:
     # Runs each value defined in $SINGLE_FEATURES by itself in the order
     # the were defined.
-    - os: linux
-      env: SINGLE_FEATURES="sig-ecdsa sig-ed25519 enc-kw bootstrap" TEST=sim
-    - os: linux
-      env: SINGLE_FEATURES="none sig-rsa sig-rsa3072 overwrite-only validate-primary-slot swap-move" TEST=sim
-    - os: linux
-      env: SINGLE_FEATURES="enc-rsa enc-ec256 enc-x25519" TEST=sim
+    # - os: linux
+    #   env: SINGLE_FEATURES="sig-ecdsa sig-ed25519 enc-kw bootstrap" TEST=sim
+    # - os: linux
+    #   env: SINGLE_FEATURES="none sig-rsa sig-rsa3072 overwrite-only validate-primary-slot swap-move" TEST=sim
+    # - os: linux
+    #   env: SINGLE_FEATURES="enc-rsa enc-ec256 enc-x25519" TEST=sim
 
     # Values defined in $MULTI_FEATURES consist of any number of features
     # to be enabled at the same time. The list of multi-values should be
     # separated by ',' and each list of values is run sequentially in the
     # defined order.
-    - os: linux
-      env: MULTI_FEATURES="sig-rsa overwrite-only large-write,sig-ecdsa overwrite-only large-write,multiimage overwrite-only large-write" TEST=sim
-    - os: linux
-      env: MULTI_FEATURES="sig-rsa validate-primary-slot,sig-ecdsa validate-primary-slot,sig-rsa multiimage validate-primary-slot" TEST=sim
-    - os: linux
-      env: MULTI_FEATURES="enc-kw overwrite-only large-write,enc-rsa overwrite-only large-write" TEST=sim
-    - os: linux
-      env: MULTI_FEATURES="sig-rsa enc-rsa validate-primary-slot,swap-move enc-rsa sig-rsa validate-primary-slot" TEST=sim
-    - os: linux
-      env: MULTI_FEATURES="sig-rsa enc-kw validate-primary-slot bootstrap,sig-ed25519 enc-x25519 validate-primary-slot" TEST=sim
-    - os: linux
-      env: MULTI_FEATURES="sig-ecdsa enc-kw validate-primary-slot" TEST=sim
-    - os: linux
-      env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only large-write,sig-ecdsa enc-ec256 validate-primary-slot" TEST=sim
-    - os: linux
-      env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only downgrade-prevention" TEST=sim
+    # - os: linux
+    #   env: MULTI_FEATURES="sig-rsa overwrite-only large-write,sig-ecdsa overwrite-only large-write,multiimage overwrite-only large-write" TEST=sim
+    # - os: linux
+    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot,sig-ecdsa validate-primary-slot,sig-rsa multiimage validate-primary-slot" TEST=sim
+    # - os: linux
+    #   env: MULTI_FEATURES="enc-kw overwrite-only large-write,enc-rsa overwrite-only large-write" TEST=sim
+    # - os: linux
+    #   env: MULTI_FEATURES="sig-rsa enc-rsa validate-primary-slot,swap-move enc-rsa sig-rsa validate-primary-slot" TEST=sim
+    # - os: linux
+    #   env: MULTI_FEATURES="sig-rsa enc-kw validate-primary-slot bootstrap,sig-ed25519 enc-x25519 validate-primary-slot" TEST=sim
+    # - os: linux
+    #   env: MULTI_FEATURES="sig-ecdsa enc-kw validate-primary-slot" TEST=sim
+    # - os: linux
+    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only large-write,sig-ecdsa enc-ec256 validate-primary-slot" TEST=sim
+    # - os: linux
+    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only downgrade-prevention" TEST=sim
 
-    - os: linux
-      language: go
-      env: TEST=mynewt
-      go:
-        - "1.12"
+    # - os: linux
+    #   language: go
+    #   env: TEST=mynewt
+    #   go:
+    #     - "1.12"
 
     - os: linux
       language: python

mcuboot/README.md

@@ -6,7 +6,7 @@
 [coverity]: https://scan.coverity.com/projects/mcuboot
 [travis]: https://travis-ci.org/JuulLabs-OSS/mcuboot
 
-This is mcuboot version 1.6.0
+This is mcuboot version 1.7.0-rc1
 
 MCUboot is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to
 define a common infrastructure for the bootloader, system flash layout on

mcuboot/boot/boot_serial/src/boot_serial.c

@@ -51,6 +51,7 @@
 #include <os/os_malloc.h>
 
 #include <bootutil/image.h>
+#include <bootutil/bootutil.h>
 
 #include "boot_serial/boot_serial.h"
 #include "boot_serial_priv.h"
@@ -312,11 +313,17 @@ bs_upload(char *buf, int len)
         rc = 0;
         goto out;
     }
-    if (curr_off + img_blen < img_size) {
-        rem_bytes = img_blen % flash_area_align(fap);
-        if (rem_bytes) {
-            img_blen -= rem_bytes;
-        }
+
+    if (curr_off + img_blen > img_size) {
+        rc = MGMT_ERR_EINVAL;
+        goto out;
+    }
+
+    rem_bytes = img_blen % flash_area_align(fap);
+
+    if ((curr_off + img_blen < img_size) && rem_bytes) {
+        img_blen -= rem_bytes;
+        rem_bytes = 0;
     }
 
 #ifdef CONFIG_BOOT_ERASE_PROGRESSIVELY
@@ -337,7 +344,32 @@ bs_upload(char *buf, int len)
 #endif
 
     BOOT_LOG_INF("Writing at 0x%x until 0x%x", curr_off, curr_off + img_blen);
-    rc = flash_area_write(fap, curr_off, img_data, img_blen);
+    if (rem_bytes) {
+        /* the last chunk of the image might be unaligned */
+        uint8_t wbs_aligned[BOOT_MAX_ALIGN];
+        size_t w_size = img_blen - rem_bytes;
+
+        if (w_size) {
+            rc = flash_area_write(fap, curr_off, img_data, w_size);
+            if (rc) {
+                goto out_invalid_data;
+            }
+            curr_off += w_size;
+            img_blen -= w_size;
+            img_data += w_size;
+        }
+
+        if (img_blen) {
+            memcpy(wbs_aligned, img_data, rem_bytes);
+            memset(wbs_aligned + rem_bytes, flash_area_erased_val(fap),
+                   sizeof(wbs_aligned) - rem_bytes);
+            rc = flash_area_write(fap, curr_off, wbs_aligned, flash_area_align(fap));
+        }
+
+    } else {
+        rc = flash_area_write(fap, curr_off, img_data, img_blen);
+    }
+
     if (rc == 0) {
         curr_off += img_blen;
 #ifdef CONFIG_BOOT_ERASE_PROGRESSIVELY
@@ -485,7 +517,7 @@ boot_serial_output(void)
     bs_hdr->nh_group = htons(bs_hdr->nh_group);
 
 #ifdef __ZEPHYR__
-    crc =  crc16((u8_t *)bs_hdr, sizeof(*bs_hdr), CRC_CITT_POLYMINAL,
+    crc =  crc16((uint8_t *)bs_hdr, sizeof(*bs_hdr), CRC_CITT_POLYMINAL,
                  CRC16_INITIAL_CRC, false);
     crc =  crc16(data, len, CRC_CITT_POLYMINAL, crc, true);
 #else

mcuboot/boot/bootutil/include/bootutil/bootutil.h

@@ -3,7 +3,7 @@
  *
  * Copyright (c) 2017-2019 Linaro LTD
  * Copyright (c) 2016-2019 JUUL Labs
- * Copyright (c) 2019 Arm Limited
+ * Copyright (c) 2019-2020 Arm Limited
  *
  * Original license:
  *
@@ -29,6 +29,7 @@
 #define H_BOOTUTIL_
 
 #include <inttypes.h>
+#include "bootutil/fault_injection_hardening.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -91,10 +92,10 @@ struct image_trailer {
 };
 
 /* you must have pre-allocated all the entries within this structure */
-int boot_go(struct boot_rsp *rsp);
+fih_int boot_go(struct boot_rsp *rsp);
 
 struct boot_loader_state;
-int context_boot_go(struct boot_loader_state *state, struct boot_rsp *rsp);
+fih_int context_boot_go(struct boot_loader_state *state, struct boot_rsp *rsp);
 
 int boot_swap_type_multi(int image_index);
 int boot_swap_type(void);
@@ -105,8 +106,8 @@ int boot_set_confirmed(void);
 #define SPLIT_GO_OK                 (0)
 #define SPLIT_GO_NON_MATCHING       (-1)
 #define SPLIT_GO_ERR                (-2)
-int
-split_go(int loader_slot, int split_slot, void **entry);
+
+fih_int split_go(int loader_slot, int split_slot, void **entry);
 
 #ifdef __cplusplus
 }

mcuboot/boot/bootutil/include/bootutil/caps.h

@@ -46,6 +46,7 @@ uint32_t bootutil_get_caps(void);
 #define BOOTUTIL_CAP_SWAP_USING_MOVE        (1<<11)
 #define BOOTUTIL_CAP_DOWNGRADE_PREVENTION   (1<<12)
 #define BOOTUTIL_CAP_ENC_X25519             (1<<13)
+#define BOOTUTIL_CAP_BOOTSTRAP              (1<<14)
 
 /*
  * Query the number of images this bootloader is configured for.  This