boot: Change boot_enc_load to take slot number instead of image

In all cases where boot_enc_load is called it is known what slot
is addressed, so it is better to just pass the slot number
instead of making the boot_enc_load figure out slot number from
image index and provided flash area object.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
(cherry picked from commit 7f9ac97951)
This commit is contained in:
Dominik Ermel 2024-07-12 19:21:40 +00:00 committed by Jamie McCrae
parent 9083649931
commit 35bf48c5b7
4 changed files with 13 additions and 25 deletions

View File

@ -36,7 +36,7 @@ boot_image_validate_encrypted(const struct flash_area *fa_p,
memset(&boot_data, 0, sizeof(struct boot_loader_state));
image_index = BOOT_CURR_IMG(state);
if(IS_ENCRYPTED(hdr)) {
rc = boot_enc_load(BOOT_CURR_ENC(state), image_index, hdr, fa_p, bs);
rc = boot_enc_load(BOOT_CURR_ENC(state), 1, hdr, fa_p, bs);
if (rc < 0) {
FIH_RET(fih_rc);
}
@ -218,7 +218,6 @@ decrypt_image_inplace(const struct flash_area *fa_p,
size_t sect_size;
size_t sect_count;
size_t sect;
uint8_t image_index;
struct flash_sector sector;
memset(&boot_data, 0, sizeof(struct boot_loader_state));
@ -228,8 +227,6 @@ decrypt_image_inplace(const struct flash_area *fa_p,
rc = flash_area_get_sector(fa_p, boot_status_off(fa_p), &sector);
image_index = BOOT_CURR_IMG(state);
if(IS_ENCRYPTED(hdr)) {
#if 0 //Skip this step?, the image will just not boot if it's not decrypted properly
static uint8_t tmpbuf[BOOT_TMPBUF_SZ];
@ -241,7 +238,7 @@ decrypt_image_inplace(const struct flash_area *fa_p,
#endif
memset(&boot_data, 0, sizeof(struct boot_loader_state));
/* Load the encryption keys into cache */
rc = boot_enc_load(BOOT_CURR_ENC(state), image_index, hdr, fa_p, bs);
rc = boot_enc_load(BOOT_CURR_ENC(state), 0, hdr, fa_p, bs);
if (rc < 0) {
FIH_RET(fih_rc);
}

View File

@ -55,7 +55,7 @@ int boot_enc_init(struct enc_key_data *enc_state, uint8_t slot);
int boot_enc_drop(struct enc_key_data *enc_state, uint8_t slot);
int boot_enc_set_key(struct enc_key_data *enc_state, uint8_t slot,
const struct boot_status *bs);
int boot_enc_load(struct enc_key_data *enc_state, int image_index,
int boot_enc_load(struct enc_key_data *enc_state, int slot,
const struct image_header *hdr, const struct flash_area *fap,
struct boot_status *bs);
bool boot_enc_valid(struct enc_key_data *enc_state, int image_index,

View File

@ -607,7 +607,7 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
* Load encryption key.
*/
int
boot_enc_load(struct enc_key_data *enc_state, int image_index,
boot_enc_load(struct enc_key_data *enc_state, int slot,
const struct image_header *hdr, const struct flash_area *fap,
struct boot_status *bs)
{
@ -619,15 +619,8 @@ boot_enc_load(struct enc_key_data *enc_state, int image_index,
#else
uint8_t buf[EXPECTED_ENC_LEN];
#endif
uint8_t slot;
int rc;
rc = flash_area_id_to_multi_image_slot(image_index, flash_area_get_id(fap));
if (rc < 0) {
return rc;
}
slot = rc;
/* Already loaded... */
if (enc_state[slot].valid) {
return 1;

View File

@ -781,7 +781,6 @@ boot_image_check(struct boot_loader_state *state, struct image_header *hdr,
const struct flash_area *fap, struct boot_status *bs)
{
TARGET_STATIC uint8_t tmpbuf[BOOT_TMPBUF_SZ];
uint8_t image_index;
int rc;
FIH_DECLARE(fih_rc, FIH_FAILURE);
@ -792,13 +791,11 @@ boot_image_check(struct boot_loader_state *state, struct image_header *hdr,
(void)bs;
(void)rc;
image_index = BOOT_CURR_IMG(state);
/* In the case of ram loading the image has already been decrypted as it is
* decrypted when copied in ram */
#if defined(MCUBOOT_ENC_IMAGES) && !defined(MCUBOOT_RAM_LOAD)
if (MUST_DECRYPT(fap, image_index, hdr)) {
rc = boot_enc_load(BOOT_CURR_ENC(state), image_index, hdr, fap, bs);
if (MUST_DECRYPT(fap, BOOT_CURR_IMG(state), hdr)) {
rc = boot_enc_load(BOOT_CURR_ENC(state), 1, hdr, fap, bs);
if (rc < 0) {
FIH_RET(fih_rc);
}
@ -808,8 +805,9 @@ boot_image_check(struct boot_loader_state *state, struct image_header *hdr,
}
#endif
FIH_CALL(bootutil_img_validate, fih_rc, BOOT_CURR_ENC(state), image_index,
hdr, fap, tmpbuf, BOOT_TMPBUF_SZ, NULL, 0, NULL);
FIH_CALL(bootutil_img_validate, fih_rc, BOOT_CURR_ENC(state),
BOOT_CURR_IMG(state), hdr, fap, tmpbuf, BOOT_TMPBUF_SZ,
NULL, 0, NULL);
FIH_RET(fih_rc);
}
@ -1403,7 +1401,7 @@ boot_copy_image(struct boot_loader_state *state, struct boot_status *bs)
#ifdef MCUBOOT_ENC_IMAGES
if (IS_ENCRYPTED(boot_img_hdr(state, BOOT_SECONDARY_SLOT))) {
rc = boot_enc_load(BOOT_CURR_ENC(state), image_index,
rc = boot_enc_load(BOOT_CURR_ENC(state), BOOT_SECONDARY_SLOT,
boot_img_hdr(state, BOOT_SECONDARY_SLOT),
fap_secondary_slot, bs);
@ -1527,7 +1525,7 @@ boot_swap_image(struct boot_loader_state *state, struct boot_status *bs)
#ifdef MCUBOOT_ENC_IMAGES
if (IS_ENCRYPTED(hdr)) {
fap = BOOT_IMG_AREA(state, BOOT_PRIMARY_SLOT);
rc = boot_enc_load(BOOT_CURR_ENC(state), image_index, hdr, fap, bs);
rc = boot_enc_load(BOOT_CURR_ENC(state), 0, hdr, fap, bs);
assert(rc >= 0);
if (rc == 0) {
@ -1551,7 +1549,7 @@ boot_swap_image(struct boot_loader_state *state, struct boot_status *bs)
hdr = boot_img_hdr(state, BOOT_SECONDARY_SLOT);
if (IS_ENCRYPTED(hdr)) {
fap = BOOT_IMG_AREA(state, BOOT_SECONDARY_SLOT);
rc = boot_enc_load(BOOT_CURR_ENC(state), image_index, hdr, fap, bs);
rc = boot_enc_load(BOOT_CURR_ENC(state), 1, hdr, fap, bs);
assert(rc >= 0);
if (rc == 0) {
@ -2750,7 +2748,7 @@ boot_decrypt_and_copy_image_to_sram(struct boot_loader_state *state,
goto done;
}
rc = boot_enc_load(BOOT_CURR_ENC(state), image_index, hdr, fap_src, &bs);
rc = boot_enc_load(BOOT_CURR_ENC(state), slot, hdr, fap_src, &bs);
if (rc < 0) {
goto done;
}