Commit cb5a7b33 authored by Henrik Brix Andersen's avatar Henrik Brix Andersen
Browse files

Merge: Synchronized up to mcu-tools/mcuboot@e512181 

Merge in upstream MCUboot revision e5121816

- allow xip-revert only for xip-mode
- boot: Fix LOAD_IMAGE_DATA macro
- bootutil: crypto: avoid unuseful memset
- ext: tinycrypt: update ctr mode to stream
- zephyr: use minimal CBPRINTF implementation
- zephyr/Kconfig: Added default pin for serial recovery mode for nRF5340DK
- boot: zephyr: Default to LOG_MINIMAL
- imgtool: Add support for setting fixed ROM address into image header
- boot: zephyr: cleanup NXP MPU configuration before boot
- fix nokogiri<=1.11.0.rc4 vulnerability

The remaining commits are related to MCUboot CI and tests.
parents 6e3825f1 e5121816

.travis.yml

+4 −0
Original line number Diff line number Diff line
@@ -70,6 +70,10 @@ install: 
script:

  - ./ci/${TEST}_run.sh



cache:

  directories:

  - docker



notifications:

  slack:

    rooms:

README.md

+1 −1
Original line number Diff line number Diff line
@@ -16,7 +16,7 @@ 
[travis]: https://travis-ci.org/mcu-tools/mcuboot

[license]: https://github.com/mcu-tools/mcuboot/blob/master/LICENSE



This is mcuboot version 1.7.0-rc2

This is mcuboot version 1.8.0-dev



MCUboot is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to

define a common infrastructure for the bootloader, system flash layout on

boot/bootutil/CMakeLists.txt

0 → 100644
+35 −0
Original line number Diff line number Diff line 
#------------------------------------------------------------------------------

# Copyright (c) 2020, Arm Limited. All rights reserved.

#

# SPDX-License-Identifier: Apache-2.0

#

#------------------------------------------------------------------------------



add_library(bootutil STATIC)



target_include_directories(bootutil

    PUBLIC

        include

    PRIVATE

        src

)



target_sources(bootutil

    PRIVATE

        src/boot_record.c

        src/bootutil_misc.c

        src/caps.c

        src/encrypted.c

        src/fault_injection_hardening.c

        src/fault_injection_hardening_delay_rng_mbedtls.c

        src/image_ec.c

        src/image_ec256.c

        src/image_ed25519.c

        src/image_rsa.c

        src/image_validate.c

        src/loader.c

        src/swap_misc.c

        src/swap_move.c

        src/swap_scratch.c

        src/tlv.c

)

boot/bootutil/include/bootutil/crypto/aes_ctr.h

+4 −32
Original line number Diff line number Diff line
@@ -62,19 +62,13 @@ static inline int bootutil_aes_ctr_set_key(bootutil_aes_ctr_context *ctx, const 
static inline int bootutil_aes_ctr_encrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *m, uint32_t mlen, size_t blk_off, uint8_t *c)

{

    uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];

    int rc;

    rc = mbedtls_aes_crypt_ctr(ctx, mlen, &blk_off, counter, stream_block, m, c);

    memset(stream_block, 0, BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE);

    return rc;

    return mbedtls_aes_crypt_ctr(ctx, mlen, &blk_off, counter, stream_block, m, c);

}



static inline int bootutil_aes_ctr_decrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *c, uint32_t clen, size_t blk_off, uint8_t *m)

{

    uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];

    int rc;

    rc = mbedtls_aes_crypt_ctr(ctx, clen, &blk_off, counter, stream_block, c, m);

    memset(stream_block, 0, BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE);

    return rc;

    return mbedtls_aes_crypt_ctr(ctx, clen, &blk_off, counter, stream_block, c, m);

}

#endif /* MCUBOOT_USE_MBED_TLS */
@@ -102,33 +96,11 @@ static inline int bootutil_aes_ctr_set_key(bootutil_aes_ctr_context *ctx, const 


static int _bootutil_aes_ctr_crypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *in, uint32_t inlen, uint32_t blk_off, uint8_t *out)

{

    uint8_t buf[16];

    uint32_t buflen;

    int rc;

    if (blk_off == 0) {

        rc = tc_ctr_mode(out, inlen, in, inlen, counter, ctx);

        if (rc != TC_CRYPTO_SUCCESS) {

            return -1;

        }

    } else if (blk_off < 16) {

        buflen = ((inlen + blk_off <= 16) ? inlen : (16 - blk_off));

        inlen -= buflen;

        memcpy(&buf[blk_off], &in[0], buflen);

        rc = tc_ctr_mode(buf, 16, buf, 16, counter, ctx);

    rc = tc_ctr_mode(out, inlen, in, inlen, counter, &blk_off, ctx);

    if (rc != TC_CRYPTO_SUCCESS) {

        return -1;

    }

        memcpy(&out[0], &buf[blk_off], buflen);

        memset(&buf[0], 0, 16);

        if (inlen > 0) {

            rc = tc_ctr_mode(&out[buflen], inlen, &in[buflen], inlen, counter, ctx);

        }

        if (rc != TC_CRYPTO_SUCCESS) {

            return -1;

        }

    } else {

        return -1;

    }

    return 0;

}

boot/bootutil/src/bootutil_priv.h

+1 −1
Original line number Diff line number Diff line
@@ -460,7 +460,7 @@ boot_img_sector_off(const struct boot_loader_state *state, size_t slot, 
#ifdef MCUBOOT_RAM_LOAD

#define LOAD_IMAGE_DATA(hdr, fap, start, output, size)       \

    (memcpy((output),(void*)((hdr)->ih_load_addr + (start)), \

    (size)) != (output))

    (size)), 0)

#else

#define LOAD_IMAGE_DATA(hdr, fap, start, output, size)       \

    (flash_area_read((fap), (start), (output), (size)))

CRA Git | Maintained and supported by SUSTech CRA and CCSE