Add config for BOOT_MAX_IMG_SECTORS
This still defaults to 128 for compatibility, but allows users to
specify less elements to save space, or more elements for devices that
have massive flash size and/or too small sectors.
Signed-off-by: Fabio Utzig <utzig@apache.org>
diff --git a/boot/bootutil/src/bootutil_priv.h b/boot/bootutil/src/bootutil_priv.h
index 1fd0403..1889aae 100644
--- a/boot/bootutil/src/bootutil_priv.h
+++ b/boot/bootutil/src/bootutil_priv.h
@@ -90,8 +90,33 @@
uint8_t image_ok;
};
-#define BOOT_STATUS_STATE_COUNT 3
-#define BOOT_STATUS_MAX_ENTRIES 128
+#if defined(__BOOTSIM__)
+#define BOOT_MAX_IMG_SECTORS 128
+#elif defined(__ZEPHYR__)
+#define BOOT_MAX_IMG_SECTORS CONFIG_BOOT_MAX_IMG_SECTORS
+#elif defined(MCUBOOT_MYNEWT)
+#define BOOT_MAX_IMG_SECTORS MYNEWT_VAL(BOOTUTIL_MAX_IMG_SECTORS)
+#else
+#error "Invalid target OS"
+#endif
+
+/*
+ * The current flashmap API does not check the amount of space allocated when
+ * loading sector data from the flash device, allowing for smaller counts here
+ * would most surely incur in overruns.
+ *
+ * TODO: make flashmap API receive the current sector array size.
+ */
+#if BOOT_MAX_IMG_SECTORS < 32
+#error "Too few sectors, please increase BOOT_MAX_IMG_SECTORS to at least 32"
+#endif
+
+/** Number of image slots in flash; currently limited to two. */
+#define BOOT_NUM_SLOTS 2
+
+/** Maximum number of image sectors supported by the bootloader. */
+#define BOOT_STATUS_STATE_COUNT 3
+#define BOOT_STATUS_MAX_ENTRIES BOOT_MAX_IMG_SECTORS
#define BOOT_STATUS_SOURCE_NONE 0
#define BOOT_STATUS_SOURCE_SCRATCH 1
@@ -105,12 +130,6 @@
extern const uint32_t BOOT_MAGIC_SZ;
-/** Number of image slots in flash; currently limited to two. */
-#define BOOT_NUM_SLOTS 2
-
-/** Maximum number of image sectors supported by the bootloader. */
-#define BOOT_MAX_IMG_SECTORS 120
-
/**
* Compatibility shim for flash sector type.
*
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
index 82e17c5..e2762bd 100644
--- a/boot/bootutil/src/loader.c
+++ b/boot/bootutil/src/loader.c
@@ -337,14 +337,22 @@
size_t size_0, size_1;
size_t i;
- /* Ensure both image slots have identical sector layouts. */
- if (num_sectors_0 != num_sectors_1) {
+ if (num_sectors_0 > BOOT_MAX_IMG_SECTORS || num_sectors_1 > BOOT_MAX_IMG_SECTORS) {
+ BOOT_LOG_WRN("Cannot upgrade: more sectors than allowed");
return 0;
}
+
+ /* Ensure both image slots have identical sector layouts. */
+ if (num_sectors_0 != num_sectors_1) {
+ BOOT_LOG_WRN("Cannot upgrade: number of sectors differ between slots");
+ return 0;
+ }
+
for (i = 0; i < num_sectors_0; i++) {
size_0 = boot_img_sector_size(&boot_data, 0, i);
size_1 = boot_img_sector_size(&boot_data, 1, i);
if (size_0 != size_1) {
+ BOOT_LOG_WRN("Cannot upgrade: an incompatible sector was found");
return 0;
}
}
@@ -1336,6 +1344,8 @@
/* Determine the sector layout of the image slots and scratch area. */
rc = boot_read_sectors();
if (rc != 0) {
+ BOOT_LOG_WRN("Failed reading sectors; BOOT_MAX_IMG_SECTORS=%d - too small?",
+ BOOT_MAX_IMG_SECTORS);
goto out;
}