commit 10ee648145adc508bd09cf1947fe0872d776833c
author Fabio Utzig <utzig@apache.org> Thu Aug 01 12:04:52 2019 -0300
committer Fabio Utzig <utzig@utzig.org> Wed Aug 07 14:33:36 2019 -0300
tree d2292a65add120ab7dc4ec45f73b699c54b45f77
parent b0f0473352c8211e0d7c80e974e58331547db3d7

Update bootutil to reduce amount of global state

The boot loader state currently exists as global variable (boot_data)
which is accessed by all routines; this updates all routines that
require access to the state to receive it by parameter.

Variables that are declared as "static" (globals) were #ifdef'ed to
only use static when building a native bootloader, to avoid stack
allocation. When bootutil is built to run in the simulator they are
stack allocated to avoid thread share.

Signed-off-by: Fabio Utzig <utzig@apache.org>

boot/bootutil/src/image_validate.c

diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
index 256d125..01efbcb 100644
--- a/boot/bootutil/src/image_validate.c
+++ b/boot/bootutil/src/image_validate.c
@@ -51,10 +51,10 @@
  * Compute SHA256 over the image.
  */
 static int
-bootutil_img_hash(int image_index, struct image_header *hdr,
-                  const struct flash_area *fap, uint8_t *tmp_buf,
-                  uint32_t tmp_buf_sz, uint8_t *hash_result, uint8_t *seed,
-                  int seed_len)
+bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
+                  struct image_header *hdr, const struct flash_area *fap,
+                  uint8_t *tmp_buf, uint32_t tmp_buf_sz, uint8_t *hash_result,
+                  uint8_t *seed, int seed_len)
 {
     bootutil_sha256_context sha256_ctx;
     uint32_t blk_sz;
@@ -67,6 +67,7 @@
 #endif
 
 #if (BOOT_IMAGE_NUMBER == 1) || !defined(MCUBOOT_ENC_IMAGES)
+    (void)enc_state;
     (void)image_index;
 #endif
 
@@ -81,7 +82,7 @@
 #ifdef MCUBOOT_ENC_IMAGES
     /* Encrypted images only exist in the secondary slot */
     if (fap->fa_id == FLASH_AREA_IMAGE_SECONDARY(image_index) &&
-            IS_ENCRYPTED(hdr) && !boot_enc_valid(image_index, fap)) {
+            IS_ENCRYPTED(hdr) && !boot_enc_valid(enc_state, image_index, fap)) {
         return -1;
     }
 #endif
@@ -122,8 +123,8 @@
         if (fap->fa_id == FLASH_AREA_IMAGE_SECONDARY(image_index) &&
                 IS_ENCRYPTED(hdr) && off >= hdr_size) {
             blk_off = (off - hdr_size) & 0xf;
-            boot_encrypt(image_index, fap, off - hdr_size, blk_sz, blk_off,
-                    tmp_buf);
+            boot_encrypt(enc_state, image_index, fap, off - hdr_size, blk_sz,
+                    blk_off, tmp_buf);
         }
 #endif
         bootutil_sha256_update(&sha256_ctx, tmp_buf, blk_sz);
@@ -201,10 +202,10 @@
  * Return non-zero if image could not be validated/does not validate.
  */
 int
-bootutil_img_validate(int image_index, struct image_header *hdr,
-                      const struct flash_area *fap, uint8_t *tmp_buf,
-                      uint32_t tmp_buf_sz, uint8_t *seed, int seed_len,
-                      uint8_t *out_hash)
+bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
+                      struct image_header *hdr, const struct flash_area *fap,
+                      uint8_t *tmp_buf, uint32_t tmp_buf_sz, uint8_t *seed,
+                      int seed_len, uint8_t *out_hash)
 {
     uint32_t off;
     uint32_t end;
@@ -219,8 +220,8 @@
     uint8_t hash[32];
     int rc;
 
-    rc = bootutil_img_hash(image_index, hdr, fap, tmp_buf, tmp_buf_sz, hash,
-            seed, seed_len);
+    rc = bootutil_img_hash(enc_state, image_index, hdr, fap, tmp_buf,
+            tmp_buf_sz, hash, seed, seed_len);
     if (rc) {
         return rc;
     }