bootutil: loader: Verify image header before checking image

Changes the order of operations to validate the image header
before checking the image, it does not make sense to check the
image if the header itself is invalid

Note: This PR has been modified from the upstream commit due to
a merge failure from other changes that are not being brought into
Zephyr 3.7

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
(cherry picked from commit 2939d30545)
This commit is contained in:
Jamie McCrae 2024-08-22 10:44:46 +01:00
parent 1cd53982e1
commit 60ac682a12
1 changed files with 9 additions and 6 deletions

View File

@ -1015,13 +1015,16 @@ boot_validate_slot(struct boot_loader_state *state, int slot,
} }
} }
#endif #endif
if (!boot_is_header_valid(hdr, fap)) {
fih_rc = FIH_FAILURE;
} else {
BOOT_HOOK_CALL_FIH(boot_image_check_hook, FIH_BOOT_HOOK_REGULAR, BOOT_HOOK_CALL_FIH(boot_image_check_hook, FIH_BOOT_HOOK_REGULAR,
fih_rc, BOOT_CURR_IMG(state), slot); fih_rc, BOOT_CURR_IMG(state), slot);
if (FIH_EQ(fih_rc, FIH_BOOT_HOOK_REGULAR)) if (FIH_EQ(fih_rc, FIH_BOOT_HOOK_REGULAR)) {
{
FIH_CALL(boot_image_check, fih_rc, state, hdr, fap, bs); FIH_CALL(boot_image_check, fih_rc, state, hdr, fap, bs);
} }
if (!boot_is_header_valid(hdr, fap) || FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) { }
if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
if ((slot != BOOT_PRIMARY_SLOT) || ARE_SLOTS_EQUIVALENT()) { if ((slot != BOOT_PRIMARY_SLOT) || ARE_SLOTS_EQUIVALENT()) {
flash_area_erase(fap, 0, flash_area_get_size(fap)); flash_area_erase(fap, 0, flash_area_get_size(fap));
/* Image is invalid, erase it to prevent further unnecessary /* Image is invalid, erase it to prevent further unnecessary