Commits adds implementation of flash_area_get_sector that
is supposed to replace flash_area_sector_from_off.
The flash_area_get_sector gets additional parameter of flash_area
type, while flash_area_sector_from_off uses hardcoded flash_area.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Differentiated image trailer size for swap-using-scratch with
max-align-32 feature and without it.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Corrected the maximal image size calculation for
the swap using scratch mode. Previously the vale which
is appropriate for the swap using move mode was used.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The sim platform was sharing a few header
files with the zephyr-rtos port. This patch provides
sim own headers.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Update dependencies that don't require any code changes. This leaves
'aes' and 'cipher' which will require code changes to support newer
versions.
Signed-off-by: David Brown <david.brown@linaro.org>
Change the edition in the various Cargo.toml to 2021. There are no
changes to the code needed for this. This will require Rust 1.56 in
order to build.
Signed-off-by: David Brown <david.brown@linaro.org>
This feature check was done statically instead of dynamically in the
build.rs file. Change this to match the rest. Perhaps we might want to
change all of them to be done at compile time, but that should be done
with all of the features.
Signed-off-by: David Brown <david.brown@linaro.org>
Change the flash layout of the stm32f4 simulated device to include
sectors of different sizes inside both slots; both slots have been
updated to still share the same layout. This layout changes allow for
testing and validation that a swap with scratch is possible even if not
all sectors inside a slot are the same size, as long as they all fit in
scratch.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This patch prepares the simulator to execute images with a max align
value other than 8 bytes.
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
The encoding of ECDSA signatures is variable sized. Better support this
by allowing the TLV size estimate to be off by as much as 6, but only in
the case of ECDSA signature.
Signed-off-by: David Brown <david.brown@linaro.org>
Having profile configuration in sub crates generates a warning every
time Cargo is run. Remove these lines, as the top-level Cargo.toml file
defines these values.
Signed-off-by: David Brown <david.brown@linaro.org>
When passed `Largest`, as the image size, compute the largest possible
image for the test.
This currently fails when 'swap-move' is enabled or
'overwrite-only,large-write' is enabled. Allow this by not testing
maximal images in these cases.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of just passing in a numeric value for the image size, create an
enum that can use a given size, or supports a `Largest` size. Largest
is not implemented yet, but this gets the types in place for this.
Signed-off-by: David Brown <david.brown@linaro.org>
In order to generate images that match exact sizes, we need to know the
size of the TLV. We can estimate this size before the payload is added
(since the payload doesn't directly affect the size).
This patch adds the size estimate, and compares it with the actual TLV
size.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of setting a mutable variable and possibly assigning to it, just
set the variable to the result of the conditional.
Signed-off-by: David Brown <david.brown@linaro.org>
This enum ended up with some fields out of order. Fix the order. No
impact to the code, as each enum entry has a specific value, this just
makes the whole enum more consistent.
Signed-off-by: David Brown <david.brown@linaro.org>
When building images for testing they are aligned to a flash write size,
which works fine for flash based comparisons, but since RAM is always
reset to 0, if the flash is erased to 0xff, the final bytes of the
alignment will differ even though they are not relevant (not part of the
image itself).
This commit adds a real image size parameter to the ImageData, so it can
be used by the RAM load to compare only the relevant bits of the image
(ignore the padding), and also updates the RAM test routine to use the
correct image size.
Signed-off-by: Fabio Utzig <utzig@apache.org>
When building mcuboot-sys, the build script currently adds some
duplicate files. When used as a library, this works, because the code
is linked in as a library. However, when mcuboot-sys is tested itself,
all specified files will be brought in, which results in duplicate
symbols for these files.
Fix this by keeping track of all of the files that we've added, and
making sure to add each file once. Additionally, instead of using the
orphaned files in mbedtls-asn1, just always use the verions in the main
mbedtls library. There are some configurations of the code that end up
using both the extracted files and the full mbed TLS. Avoid that
conflict by just always using the full tree.
Signed-off-by: David Brown <david.brown@linaro.org>
When collected together as a workspace, the test framework ends up
running all of the configurations on each project. One configuration
option `large-write` doesn't really mean anything to mcuboot-sys, but
adding support for the feature allows this package to be tested along
with all of the other packages.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of having to cd into the 'sim' directory, create a top-level
Cargo.toml file that adds the sim as a workspace.
For the most part, this doesn't change how the simulator works. It is
still possible to run `cargo test ...` within the `sim` directory.
However, the `target` directory will reside at the top-level of the tree
instead of within the sim directory.
One change is that running cargo commands at the top of the tree will
run those commands on all of the packages found within the tree.
Specific packages can be tested by either changing to the directory of
that package, or passing `-p <dir>` to the cargo test command (i.e.
`cargo test -p bootsim`).
The other visible change from this commit is that the 'target' directory
will always be at the top of the tree, rather than in particular
directory where the test is run. Any scripts or tools that expect this
to be in a certainly location, will have to be modified.
Signed-off-by: David Brown <david.brown@linaro.org>
Update the dependencies in the main sim to the latest versions. There
are some minor changes in a few of the packages, and a fairly
significant change to the aes. The aes_ctr crate has been merged into
the aes crate, along with some changes to how it initialized.
Signed-off-by: David Brown <david.brown@linaro.org>
This reverts commit 78e4441bd3.
Although it shouldn't, this change is provoking numerous errors in
CI. In order to allow CI to continue, revert this change, and it can be
redone later, after fixing whatever is causing the CI build failures.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of requiring cargo to be run in the sim directory, create a
top-level "workspace" Cargo file, that references the others. The main
result of this is that cargo can now be run in the top of the workspace,
and the 'target' directory will be placed there, rather than in the sim
directory.
This is primarily of benefit to tools such as RLS, Rust-analyzer and
various IDEs that expect a crate at the top level of the tree.
Signed-off-by: David Brown <david.brown@linaro.org>
Combine all of the pieces to be able to test ram loading with multiple
images. We construct a model `RamData` that indicates where each image
should be loaded into RAM. This has to be made early enough to compute
signatures on the images, and then used later to verify that the images
were loaded properly.
Signed-off-by: David Brown <david.brown@linaro.org>
This RamData is filled in with a mapping between partitions and
information about where the data should be loaded into RAM when booting
in RamLoad mode. This commit creates the data, but does not yet use it.
Signed-off-by: David Brown <david.brown@linaro.org>
Test the basic configuration for ram loading. Instead of a fixed
address for RAM, the values come dynamically from a thread-local
variable (allowing the tests to run in parallel). The size of the ram
along with the address of the buffer in the test address space are
passed in this way.
This tests the single-image configurations of ram loading. Testing
multi-image will take additional work, as the RAM will need to be large
enough for both images, and the second image will need a meaningful
offset address in RAM.
Signed-off-by: David Brown <david.brown@linaro.org>
Perform simplistic test of the DIRECT_XIP configuration (both with
single and multi-images). This verifies that the bootloader indicates
the upgrade image should be booted.
Signed-off-by: David Brown <david.brown@linaro.org>
Add simulator support for building the direct-xip configuration.
Although this builds, there are no tests that test any of the
functionality, so all current tests trivially pass.
Signed-off-by: David Brown <david.brown@linaro.org>
Allow the sim to test configurations with MCUBOOT_RAM_LOAD defined.
This does not define any tests for this mode.
This adds definitions for simulated RAM offsets to the simulator. This
will define the offset (from `IMAGE_RAM_BASE`) to where the simulated
RAM will be located. For now, just give these somewhat reasonable
values so that we are able to at least compile the RAM_LOADING code in
the simulator.
Signed-off-by: David Brown <david.brown@linaro.org>
The function `flash_area_id_from_image_slot` is used in the RAM_LOAD and
DIRECT_XIP configurations. Define a version for use in the simulator.
Signed-off-by: David Brown <david.brown@linaro.org>
Some configurations of MCUboot do not modify the flash, but instead
MCUboot operates in a mode where it detects the best image to run.
Detect this, and skip what is currently a majority of the tests that
expect the upgrade to be moving data around in flash.
Signed-off-by: David Brown <david.brown@linaro.org>
The MCUBOOT_RAM_LOAD feature supports configurations where code is
loaded from flash into RAM before execution. As such, it is not
necessary for upgrades to move data around in flash.
Signed-off-by: David Brown <david.brown@linaro.org>
When the bootloader completes, it fills a response structure with
various information. Move this into the BootGoResult and provide an
accessor for it.
Signed-off-by: David Brown <david.brown@linaro.org>
Now that this result is abstracted, take the special case for a sim stop
and make it its own field. This hides the magic number we use to
indicate this to be entirely within mcuboot-sys.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of a tuple of values that is matched, return an abstract type
that has methods for querying the information we need. Abstracting this
will allow us to return additional information without having to change
all of the code that matches against these patterns.
Signed-off-by: David Brown <david.brown@linaro.org>