Commit e312fa2c authored by Andrzej Puzdrowski's avatar Andrzej Puzdrowski
Browse files

synch with upstream 296949ef 

Synchronized up to:
https://github.com/JuulLabs-OSS/mcuboot/commit/@296949e



Improvements:
- hardening against hardware level fault injection and timing attacks
- Abstract crypto primitives to simplify porting.
- boot: Add ram-load upgrade mode
- renamed single-image mode to single-slot mode

- kconfig: provide logic for setting key file, simplify prj.conf

- imgtool: Print image digest during verify
- imgtool: Add possibility to set confirm flag for hex files as well
- imgtool: --confirm implies --pad

- Added single-slot Zephyr-RTOS test build

fixes:
- bootutil: fix boostrapping in swap-move
- bootutil: fix swap-move brick with padded image_0
- Disable HW stack protection (temporary hack)
- reset SPLIM registers before boot
- fixes build issue that occurs if CONF_FILE contains multiple file paths instead of single file path.
- imgtool: Fix 'custom_tlvs' argument handling
- Turn off cache for Cortex M7 before chain-loading.- hardening against hardware level fault injection and timing attacks

Conflicts:
- took upsteram boot/zephyr/sample.yaml

Signed-off-by: default avatarAndrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
parents e8bfc030 296949ef

.github/workflows/mynewt.yaml

0 → 100644
+26 −0
Original line number Diff line number Diff line 
# For development, trigger this on any push.

on: [pull_request]



jobs:

  environment:

    name: Mynewt build

    runs-on: ubuntu-latest

    steps:

    - uses: actions/checkout@v2

      with:

        fetch-depth: 0

    - name: Print the environment

      run: |

        uname -a

        lscpu

        free

        pwd

    - name: Signed commit check

      run: |

        ./ci/check-signed-off-by.sh

    - name: Mynewt install

      run: |

        ./ci/mynewt_install.sh

    - name: Mynewt run

      run: |

        ./ci/mynewt_run.sh

.github/workflows/sim.yaml

0 → 100644
+50 −0
Original line number Diff line number Diff line 
# For development, trigger this on any push.

on: [pull_request]



jobs:

  environment:

    strategy:

      matrix:

        features:

        - "sig-ecdsa,sig-ed25519,enc-kw,bootstrap"

        - "sig-rsa,sig-rsa3072,overwrite-only,validate-primary-slot,swap-move"

        - "enc-rsa"

        - "enc-ec256"

        - "enc-x25519"

        - "sig-rsa overwrite-only large-write,sig-ecdsa overwrite-only large-write,multiimage overwrite-only large-write"

        - "sig-rsa validate-primary-slot,sig-ecdsa validate-primary-slot,sig-rsa multiimage validate-primary-slot"

        - "enc-kw overwrite-only large-write,enc-rsa overwrite-only large-write"

        - "sig-rsa enc-rsa validate-primary-slot,swap-move enc-rsa sig-rsa validate-primary-slot bootstrap"

        - "sig-rsa enc-kw validate-primary-slot bootstrap,sig-ed25519 enc-x25519 validate-primary-slot"

        - "sig-ecdsa enc-kw validate-primary-slot"

        - "sig-rsa validate-primary-slot overwrite-only large-write"

        - "sig-ecdsa enc-ec256 validate-primary-slot"

        - "sig-rsa validate-primary-slot overwrite-only downgrade-prevention"

    name: Sim

    runs-on: ubuntu-latest

    env:

      MULTI_FEATURES: ${{ matrix.features }}

    steps:

    - uses: actions/checkout@v2

      with:

        fetch-depth: 0

        submodules: recursive

    - name: Print the environment

      run: |

        uname -a

        lscpu

        free

        pwd

    - name: Signed commit check

      run: |

        ./ci/check-signed-off-by.sh

    - name: Install stable Rust

      uses: actions-rs/toolchain@v1

      with:

        toolchain: stable

    - name: Sim install

      run: |

        ./ci/sim_install.sh

    - name: Sim run

      run: |

        ./ci/sim_run.sh

.travis.yml

+27 −27
Original line number Diff line number Diff line
@@ -16,39 +16,39 @@ matrix: 
  include:

    # Runs each value defined in $SINGLE_FEATURES by itself in the order

    # the were defined.

    - os: linux

      env: SINGLE_FEATURES="sig-ecdsa sig-ed25519 enc-kw bootstrap" TEST=sim

    - os: linux

      env: SINGLE_FEATURES="none sig-rsa sig-rsa3072 overwrite-only validate-primary-slot swap-move" TEST=sim

    - os: linux

      env: SINGLE_FEATURES="enc-rsa enc-ec256 enc-x25519" TEST=sim

    # - os: linux

    #   env: SINGLE_FEATURES="sig-ecdsa sig-ed25519 enc-kw bootstrap" TEST=sim

    # - os: linux

    #   env: SINGLE_FEATURES="none sig-rsa sig-rsa3072 overwrite-only validate-primary-slot swap-move" TEST=sim

    # - os: linux

    #   env: SINGLE_FEATURES="enc-rsa enc-ec256 enc-x25519" TEST=sim



    # Values defined in $MULTI_FEATURES consist of any number of features

    # to be enabled at the same time. The list of multi-values should be

    # separated by ',' and each list of values is run sequentially in the

    # defined order.

    - os: linux

      env: MULTI_FEATURES="sig-rsa overwrite-only large-write,sig-ecdsa overwrite-only large-write,multiimage overwrite-only large-write" TEST=sim

    - os: linux

      env: MULTI_FEATURES="sig-rsa validate-primary-slot,sig-ecdsa validate-primary-slot,sig-rsa multiimage validate-primary-slot" TEST=sim

    - os: linux

      env: MULTI_FEATURES="enc-kw overwrite-only large-write,enc-rsa overwrite-only large-write" TEST=sim

    - os: linux

      env: MULTI_FEATURES="sig-rsa enc-rsa validate-primary-slot,swap-move enc-rsa sig-rsa validate-primary-slot" TEST=sim

    - os: linux

      env: MULTI_FEATURES="sig-rsa enc-kw validate-primary-slot bootstrap,sig-ed25519 enc-x25519 validate-primary-slot" TEST=sim

    - os: linux

      env: MULTI_FEATURES="sig-ecdsa enc-kw validate-primary-slot" TEST=sim

    - os: linux

      env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only large-write,sig-ecdsa enc-ec256 validate-primary-slot" TEST=sim

    - os: linux

      env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only downgrade-prevention" TEST=sim

    # - os: linux

    #   env: MULTI_FEATURES="sig-rsa overwrite-only large-write,sig-ecdsa overwrite-only large-write,multiimage overwrite-only large-write" TEST=sim

    # - os: linux

    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot,sig-ecdsa validate-primary-slot,sig-rsa multiimage validate-primary-slot" TEST=sim

    # - os: linux

    #   env: MULTI_FEATURES="enc-kw overwrite-only large-write,enc-rsa overwrite-only large-write" TEST=sim

    # - os: linux

    #   env: MULTI_FEATURES="sig-rsa enc-rsa validate-primary-slot,swap-move enc-rsa sig-rsa validate-primary-slot" TEST=sim

    # - os: linux

    #   env: MULTI_FEATURES="sig-rsa enc-kw validate-primary-slot bootstrap,sig-ed25519 enc-x25519 validate-primary-slot" TEST=sim

    # - os: linux

    #   env: MULTI_FEATURES="sig-ecdsa enc-kw validate-primary-slot" TEST=sim

    # - os: linux

    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only large-write,sig-ecdsa enc-ec256 validate-primary-slot" TEST=sim

    # - os: linux

    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only downgrade-prevention" TEST=sim



    - os: linux

      language: go

      env: TEST=mynewt

      go:

        - "1.12"

    # - os: linux

    #   language: go

    #   env: TEST=mynewt

    #   go:

    #     - "1.12"



    - os: linux

      language: python

boot/bootutil/include/bootutil/bootutil.h

+6 −5
Original line number Diff line number Diff line
@@ -3,7 +3,7 @@ 
 *

 * Copyright (c) 2017-2019 Linaro LTD

 * Copyright (c) 2016-2019 JUUL Labs

 * Copyright (c) 2019 Arm Limited

 * Copyright (c) 2019-2020 Arm Limited

 *

 * Original license:

 *
@@ -29,6 +29,7 @@ 
#define H_BOOTUTIL_



#include <inttypes.h>

#include "bootutil/fault_injection_hardening.h"



#ifdef __cplusplus

extern "C" {
@@ -91,10 +92,10 @@ struct image_trailer { 
};



/* you must have pre-allocated all the entries within this structure */

int boot_go(struct boot_rsp *rsp);

fih_int boot_go(struct boot_rsp *rsp);



struct boot_loader_state;

int context_boot_go(struct boot_loader_state *state, struct boot_rsp *rsp);

fih_int context_boot_go(struct boot_loader_state *state, struct boot_rsp *rsp);



int boot_swap_type_multi(int image_index);

int boot_swap_type(void);
@@ -105,8 +106,8 @@ int boot_set_confirmed(void); 
#define SPLIT_GO_OK                 (0)

#define SPLIT_GO_NON_MATCHING       (-1)

#define SPLIT_GO_ERR                (-2)

int

split_go(int loader_slot, int split_slot, void **entry);



fih_int split_go(int loader_slot, int split_slot, void **entry);



#ifdef __cplusplus

}

boot/bootutil/include/bootutil/caps.h

+1 −0
Original line number Diff line number Diff line
@@ -46,6 +46,7 @@ uint32_t bootutil_get_caps(void); 
#define BOOTUTIL_CAP_SWAP_USING_MOVE        (1<<11)

#define BOOTUTIL_CAP_DOWNGRADE_PREVENTION   (1<<12)

#define BOOTUTIL_CAP_ENC_X25519             (1<<13)

#define BOOTUTIL_CAP_BOOTSTRAP              (1<<14)



/*

 * Query the number of images this bootloader is configured for.  This

CRA Git | Maintained and supported by SUSTech CRA and CCSE