TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / e575fe9ead1e765486621c9238f3efb13a6401d9^! / . / boot
commite575fe9ead1e765486621c9238f3efb13a6401d9[log] [tgz]
authorAndrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>Thu Mar 14 12:20:19 2019 +0100
committerAndrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>Thu Mar 14 16:10:54 2019 +0100
tree480f127c378b74d6b0758be527a0eaa20338c9a6
parentad0e9b80777675d2a47bf71771359e24bdc19b6c [diff]
image encryption: fix enc_state array indexing for zephyr

enc_state table was indexed with assumption that
image flash area are subsequent and increasing numbers.
It might not be true while building zephyr.

Patch introduce flash_area_id_to_image_slot() implementation for
the zephyr port and uses it to assign proper slot number.
This API is already available in MyNewt.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>

diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
index 14cbcd5..13ba2f4 100644
--- a/boot/bootutil/src/encrypted.c
+++ b/boot/bootutil/src/encrypted.c

@@ -233,7 +233,11 @@
     uint8_t enckey_type;
     int rc;
 
-    slot = fap->fa_id - FLASH_AREA_IMAGE_PRIMARY;
+    rc = flash_area_id_to_image_slot(fap->fa_id);
+    if (rc < 0) {
+        return rc;
+    }
+    slot = rc;
 
     /* Already loaded... */
     if (enc_state[slot].valid) {
@@ -305,7 +309,16 @@
 int
 boot_enc_valid(const struct flash_area *fap)
 {
-    return enc_state[fap->fa_id - FLASH_AREA_IMAGE_PRIMARY].valid;
+    int rc;
+
+    rc = flash_area_id_to_image_slot(fap->fa_id);
+    if (rc < 0) {
+        /* can't get proper slot number - skip encryption, */
+        /* postpone the erro for a upper layer */
+        return 0;
+    }
+
+    return enc_state[rc].valid;
 }
 
 void
@@ -317,6 +330,7 @@
     uint8_t u8;
     uint8_t nonce[16];
     uint8_t blk[16];
+    int rc;
 
     memset(nonce, 0, 12);
     off >>= 4;
@@ -325,7 +339,13 @@
     nonce[14] = (uint8_t)(off >> 8);
     nonce[15] = (uint8_t)off;
 
-    enc = &enc_state[fap->fa_id - FLASH_AREA_IMAGE_PRIMARY];
+    rc = flash_area_id_to_image_slot(fap->fa_id);
+    if (rc < 0) {
+        assert(0);
+        return;
+    }
+
+    enc = &enc_state[rc];
     assert(enc->valid == 1);
     for (i = 0; i < sz; i++) {
         if (i == 0 || blk_off == 0) {

diff --git a/boot/zephyr/flash_map_extended.c b/boot/zephyr/flash_map_extended.c
index 1b1b5ad..543a467 100644
--- a/boot/zephyr/flash_map_extended.c
+++ b/boot/zephyr/flash_map_extended.c

@@ -66,6 +66,19 @@
     return -EINVAL; /* flash_area_open will fail on that */
 }
 
+int flash_area_id_to_image_slot(int area_id)
+{
+    switch (area_id) {
+    case FLASH_AREA_IMAGE_PRIMARY:
+        return 0;
+    case FLASH_AREA_IMAGE_SECONDARY:
+        return 1;
+    default:
+        BOOT_LOG_ERR("invalid flash area ID");
+        return -1;
+    }
+}
+
 int flash_area_sector_from_off(off_t off, struct flash_sector *sector)
 {
     int rc;

diff --git a/boot/zephyr/include/flash_map_backend/flash_map_backend.h b/boot/zephyr/include/flash_map_backend/flash_map_backend.h
index 178c34f..c082dd6 100644
--- a/boot/zephyr/include/flash_map_backend/flash_map_backend.h
+++ b/boot/zephyr/include/flash_map_backend/flash_map_backend.h

@@ -52,6 +52,14 @@
 
 int flash_area_id_from_image_slot(int slot);
 
+/**
+ * Converts the specified flash area ID to an image slot index.
+ *
+ * Returns image slot index (0 or 1), or -1 if ID doesn't correspond to an image
+ * slot.
+ */
+int flash_area_id_to_image_slot(int area_id);
+
 /* Retrieve the flash sector a given offset belongs to.
  *
  * Returns 0 on success, or an error code on failure.