Commit Graph

499 Commits

Author SHA1 Message Date
Fabio Utzig d5e0e89568 Fix style issues
Convert tab to spaces; fix opening brace position.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2024-07-25 14:45:29 +02:00
Dominik Ermel d09112acf6 boot: Reduce repeating code in boot_decrypt_and_copy_image_to_sram
There was not really needed repetition of code in if-else
block; common code has been moved out and the block has been
reduced.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-07-25 14:44:26 +02:00
Dominik Ermel 7f9ac97951 boot: Change boot_enc_load to take slot number instead of image
In all cases where boot_enc_load is called it is known what slot
is addressed, so it is better to just pass the slot number
instead of making the boot_enc_load figure out slot number from
image index and provided flash area object.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-07-25 14:30:38 +02:00
Dominik Ermel 335573520d boot: Move encryption context invalidation to boot_enc_drop.
The enc_key_data.valid had been set to true when key has been added
to the encryption context, but in case when boot_enc_drop was called,
on the same context, the flag remained true, even though the context
may no longer hold any valid context nor key.
The commit moves the enc_key_data invalidation to enc_key_drop.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-07-24 17:27:19 +02:00
Dominik Ermel 2371c0aa7f boot: Rename boot_enc_decrypt to boot_decrypt_key
All of boot_enc_ function follow the same pattern where
they take encryption context as the first parameter, and the
boot_enc_decrypt stands out here as it does not work around
the encryption context, but is rather single-part decryption
function only used for decrypting of the image encryption
key.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-07-24 17:26:01 +02:00
Dominik Ermel 7e3a1cecd7 boot: Add missing boot_enc_init
The boot_enc_set_key in boot_swap_image, when recovering from
reset, has been caled on AES context that has not been
initialized.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-07-23 10:36:43 +02:00
Thomas Altenbach 08d2d94c14 bootutil: Keep image encrypted in scratch area
Currently, when swap using scratch is used with encrypted images,
MCUboot is decrypting the images during the copy from the secondary slot
to the scratch area. This means the scratch area contains plaintext
image data and therefore that the scratch area must be placed in the
MCU's internal flash memory. This commit makes the necessary changes to
perform the decryption when copying from the scratch area to the primary
slot instead, making possible to place the scratch area in an external
flash memory since the scratch area is now encrypted.

Note that BOOT_SWAP_SAVE_ENCTLV must be enabled if the scratch area is
placed in external flash memory.

Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com>
2024-07-15 20:03:21 -03:00
Thomas Altenbach f515bb1c44 bootutil: Properly retrieve image headers after interrupted swap-scratch
For swap using scratch, the boot_read_image_header routine, responsible
for reading the image headers, was always looking for the primary and
secondary image's headers at the beginning of respectively the primary
and secondary slots, regardless of the current boot status.

This means if during a swap-scratch upgrade a reset happens after the
sector containing the image header in the primary or secondary slot has
been erased, invalid image headers were read since at that time the
location of the headers has changed.

Currently, this doesn't seem to cause any issue because the swap-scratch
algorithm is implemented in such a way the content of the headers is no
more necessary when the headers are erased. However, to be able to
decrypt the secondary image when copied to the primary slot instead of
when copied to the scratch area, properly reading the secondary image's
header is required even after it has been erased from the secondary
slot.

To that end, the boot_read_image_header is modified to determine from
the boot status the current location of the image headers and to always
read the actual header, no matter the current state of the upgrade
process.

Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com>
2024-07-15 20:03:21 -03:00
David Brown c06f7bb367 Revert "boot: Add MCUBOOT_HW_KEY support for image encryption"
This reverts commit 0fa46270c0.

This breaks:

    samples/synchronization/sample.kernel.synchronization on
    b_u585i_iot02a/stm32u585xx/ns error

as this TF-M configuration uses its own keys.  This change is an API
change that needs to be coordinated with TF-M changes.

Before this revert, compiling this test results in:

    .../encrypted.c:447: undefined reference to
    `boot_enc_retrieve_private_key`

Signed-off-by: David Brown <david.brown@linaro.org>
2024-07-09 09:19:43 -06:00
David Brown 1d79ef35ee boot: Fix ASN.1 for mbedtls >= 3.1
In Mbed TLS 3.1, the private fields in the ASN.1 structure were made private.
This breaks code that accesses these private macros.

Fix this by changing the ASN.1 specific code to use a new field accessor
`ASN1_CONTEXT_MEMBER` that will be conditionally defined based on the version of
Mbed TLS that is present.

Signed-off-by: David Brown <david.brown@linaro.org>
2024-06-28 10:04:35 -06:00
David Brown 1b1d495338 FIH: Disable FIH labels on Apple targets
The symbols injected here cause some kind of poor interaction with the linker on
MacOS, which results in most of the code becoming hopelessly corrupt.  For now,
just disable these symbols on this target.

Signed-off-by: David Brown <david.brown@linaro.org>
2024-06-26 16:43:56 -06:00
Thomas Altenbach 9ae634f3bf bootutil: Fix signed/unsigned comparison in boot_read_enc_key
When MCUBOOT_SWAP_SAVE_ENCTLV is enabled, a comparison between a signed
and an unsigned integer is made in boot_read_enc_key. This might cause a
warning to be emitted at compile-time.

Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com>
2024-06-20 17:54:01 -03:00
Dinesh Kumar K 0fa46270c0 boot: Add MCUBOOT_HW_KEY support for image encryption
Currently encryption supports only private key embed
in mcuboot itself. To support MCUBOOT_HW_KEY for image
encryption boot_retrieve_private_key() hook is added.

This hook helps retrieving private key from trusted
sources like OTP, TPM.

Signed-off-by: Dinesh Kumar K <dinesh@linumiz.com>
2024-06-12 15:17:54 -06:00
Jerzy Kasenberg 29f9540db8 mynewt: Igore swap_scratch.c for single application slot
swap_scratch.c requires definition of SLOT1, in single application
slot build it's not needed and file would not be used anyway so
now it is removed from mynewt build

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
2024-05-23 18:09:36 +02:00
Tomi Fontanilles d4394c2f9b mbedtls config: fix too early check_config.h includes
check_config.h was included manually by custom configuration files.
This caused compilation errors when updating MbedTLS to 3.6.0
because check_config.h was processed too early, before the whole
configuration is defined, effectively causing configuration check errors.

MbedTLS already takes care of including check_config.h at the right time.
Remove those erroneous manual check_config.h includes.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
2024-04-25 11:05:54 +02:00
Thomas Altenbach 73315f7b51 bootutil: Fix memory leak in HKDF implementation
The bootutil_hmac_sha256_set_key routine performs some dynamic memory
allocations when mbedTLS is used. To properly free the allocated memory,
bootutil_hmac_sha256_drop must be called before reinitializing the HMAC
context using bootutil_hmac_sha256_init.  However, in the hkdf routine,
the HMAC context was freed only once even though it was initialized
multiple times.

Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com>
2024-04-23 11:03:22 -06:00
David Brown da2e2ab4e3 boot: Enforce TLV entries to be protected
Only allow TLV entries that are needed for signature verification to be placed
in the unprotected area of the TLV.

Signed-off-by: David Brown <david.brown@linaro.org>
2024-04-18 11:27:15 +02:00
David Brown ea1cdfdeff boot: Add tlv query for protected region
Add a query to the TLV iterator that will indicate if the currently iterated TLV
entry was found in the protected region or not.

Signed-off-by: David Brown <david.brown@linaro.org>
2024-04-18 11:27:15 +02:00
Jerzy Kasenberg ed6460b815 mynewt: Add single_loader support
There is existing functionality for Zephyr where mcuboot works
with single slot (no swap) and image can be updated via boot_serial.

To have same functionality in mynewet single_loader.c file is copied
from zephyr tree and 2 pkg.yml files are modified to utilize new
file when BOOTUTIL_SINGLE_APPLICATION_SLOT is defined

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
2024-04-14 20:17:44 -03:00
David Vincze f06bc71180 bootutil/crypto: Builtin ECDSA key support for PSA Crypto backend
Enable the usage of builtin keys in the ECDSA verification module with
the PSA Crypto API based cryptographic backend.
This way parsing and importing the verification keys can also be avoided.

Change-Id: I6ada1ef8ed04a3f12c228ef399e3a7b8ebc7fb5e
Signed-off-by: David Vincze <david.vincze@arm.com>
2024-04-10 12:05:08 -06:00
David Vincze e369784ba4 bootutil: Allow the usage of builtin keys in verification
Introduce a new MCUBOOT_BUILTIN_KEY option to enable the usage of
builtin keys for signature verification. This way the details of the key
handling mechanism are abstracted away from the boot code and this
responsibility is delegated to the given crypto library.
This is an alternative option to the existing MCUBOOT_HW_KEY feature,
however in this case we can entirely rely on key IDs and not only the
code, but also the image metadata does not contain any public key data.

Change-Id: Id01b67951310549b2734730c58bfa7210a2d5236
Signed-off-by: David Vincze <david.vincze@arm.com>
2024-04-10 12:05:08 -06:00
Petr Buchta c5a528ba4e New OVERWRITE_ONLY_KEEP_BACKUP option
It builds on top of OVERWRITE_ONLY mode and uses secondary slot
as a backup of the primary slot. The main difference is that after
image copy to the primary slot the secondary slot is not erased.
This is meant to be used together with BOOTSTRAP option that will
reinstall the primary image with the backup in case it's not valid.

Signed-off-by: Petr Buchta <petr.buchta@nxp.com>
2024-04-05 10:42:21 -06:00
Dominik Ermel aafcbad6ec boot: Refactoring image dependency functions to reduce code size
There have been duplicate functions:
 boot_verify_dependencies
 boot_verify_slot_dependencies
 boot_verify_slot_dependency
with, very similar internals, scattered around unit.
The commit have moved them on top and squashed where possible.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-03-13 14:19:43 +01:00
Dominik Ermel 6f7f87384d boot: Fix swap-move algorithm failing to validate multi-image
In multi image swap validation of images could fail due to
headers being incorrectly re-read from storage.

Fixes #1768

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-02-20 16:29:41 +01:00
Jamie McCrae 4d75fc8e07 bootutil: Fix compatible sector checking
Fixes an issue whereby slot sizes were checked but the check was
not done properly. This also adds debug log messages to show the
sector configuration including if slot sizes are not optimal

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-01-08 15:35:53 +00:00
Jamie McCrae 35e9931c78 bootutil: Add debug logging for boot status write
Adds debug level logging which shows the offset of where a
sector swap status write is occurring at

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-01-08 15:35:53 +00:00
Jamie McCrae 215345f76a zephyr: Add firmware loader MCUboot operation style
Adds a new operation style in which the secondary slot has an
image which is used to update the primary image only.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-11-28 13:59:00 +00:00
Andrej Butok 13767d0b72 bootutil: Disable MCUBOOT_BOOT_MAX_ALIGN assert for non-swap modes
- Assert should be checked only for SWAP update modes.
- Allow platforms with page size >32 Bytes (e.g. LPC) to use
  MCUBoot, at least for non-SWAP update modes.

Signed-off-by: Andrej Butok <andrey.butok@nxp.com>
2023-10-05 10:25:10 +01:00
Jamie McCrae 2929a975c7 bootutil: Show error if flash area open fails
Shows an error if a particular flash area fails to open

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-28 15:10:46 +01:00
Jamie McCrae 50f8b5f742 bootutil: Add shared data support for XIP with revert mode
Adds support for sharing the direct-XIP MCUboot mode with revert
to applications using shared data

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-27 18:11:56 +02:00
Jamie McCrae 8d0b35a1e9 bootutil: Add mode for XIP with revert
Adds a new define if bootloader in built in direct-XIP with revert
mode

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-27 18:11:56 +02:00
Jamie McCrae 4da510137a zephyr: Add shared data support
Adds the ability to share mcuboot configuration with the
application using Zephyr's retention subsystem.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-27 07:49:25 +01:00
Roland Mikhel 9bef51ce4a bootutil/crypto: Do not include import key with PSA
This fixes a build error when PSA Crypto API is being used
as it has no need for bootutil_import_key but it's included
currently since it's allowed to have both Mbed TLS and PSA defined.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: If38d3011fc4fa2d317f8be65df9e231d7d57dcbf
2023-09-26 07:55:30 +02:00
Roland Mikhel 03c9ad0781 bootutil: Replace hash with SHA384 when P384 is used
Currently all the hashing functionality is done with SHA256
but if we would like to use ECDSA-P384 that requires SHA384
as the hashing algorithm, but MCUboot is using SHA256
for image hashing and public key hashing. This commit modifies
the hashing operations to use SHA384 thus SHA256 can be omitted
which is beneficial from a code size standpoint.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I59230f76f88e0b42ad6383b2c9b71b73f33d7dd7
2023-09-12 16:29:11 +02:00
Roland Mikhel 274547ce06 bootutil: PSA Crypto ECDSA enablement
This commit enables ECDSA signature verification using
PSA Crypto API.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I51c7aadba03348f335e89d9252e70c09f8787f30
2023-09-12 16:29:11 +02:00
Dominik Ermel 4ff95da6f6 bootuil: Replace flash_area_id_to_image with flash_area_to_image
Move flash_area_get_id inside the function and rename it.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-22 14:24:03 +02:00
Dominik Ermel 2c61caf606 bootutil: Move flash_area_id_to_image under ifdef
The commit moves the flash_area_id_to_image to section compiled
only when not in DirectXIP mode, to prevent warnings about unused
static functions.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-22 10:52:52 +02:00
Dominik Ermel 904d0c4608 bootutil: Add DirectXIP version of boot_set_next
The commit adds DirectXIP version of bootutil boot_set_next
function.
The function is enabled by configuration option:
MCUBOOT_BOOTUTIL_LIB_FOR_DIRECT_XIP.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-18 11:10:19 +02:00
Jamie McCrae 258a6c7dc2 bootutil: Fix support for more than 2 flash areas
Fixes a function which converts from an ID to an image number
to support more than 2 images.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-17 16:00:12 +02:00
Jamie McCrae c9fa60886b boot: boot_serial: Fix issue with encrypted second slot images
Fixes issues whereby encrypted images were not properly listed due
to not treating them as encrypted, also removes a piece of wrong
hack code that would never run as the primary slot cannot be
encrypted.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-09 07:45:22 +01:00
Michael Grand 99613c672f bootutil: fix downgrade prevention
Downgrade prevention check moved to secure both TEST
and PERMANENT upgrade modes. Downgrade can still be
performed during REVERT.

Signed-off-by: Michael Grand <m.grand@trustngo.tech>
2023-08-08 09:02:39 +01:00
Jamie McCrae 5b1d5116a9 boot: bootutil: Add optional boot info shared data saving
Adds the ability to share MCUboot configuration with
applications via shared memory.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-08 08:02:25 +01:00
Jamie McCrae ea88860904 bootutil: Add bootloader info TLV entries
Adds TLV defines for use with the bootloader shared data
feature.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-08 08:02:25 +01:00
Jamie McCrae 3016d00cd7 bootutil: Add active slot number and max app size to shared data
This allows the currently executing slot number to be checked by
the external function, which can be used by XIP images to know
which slot is currently being executed from to allow for correct
uploading/positioning of firmware files, and also provides the
maximum size of an upgrade that can be loaded so that applications
can reject images that are too large.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-08 08:02:25 +01:00
Dominik Ermel 0540d0fb3f bootutil: Fix for flash_area_id_to_image
The function was incorrectly identifying partition of secondary slot
of image 0 as belonging to image 1, at the same time failing to
identify partition of primary slot of image 1.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-07 14:35:39 +02:00
Dominik Ermel f17b005ca1 bootutil: Fix boot_set_next passing wrong image number
The commit fixes boot_set_next always passing image 0 to
boot_write_swap_info, instead of the proper image number.
This has been affecting applications that tried to call boot_set_next
in multi-image MCUboot configuration using scratch-swap algorithm.

Fixes #1762

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-04 16:17:38 +02:00
Jamie McCrae 76d19b3b88 boot: bootutil: Fix missing packed attributes, add hash size define
Fixes an issue with missing packed attributes on image.h's
structures which would lead to faults on some devices e.g. ARM
Cortex M0, and adds a define for the SHA256 hash size.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-07-25 09:10:14 +01:00
Roland Mikhel c5c2b4d7a7 bootutil: Revert changes to cap values
This commit reverts the changes to the cap values made in 206b914.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: Ie47c3f253409932b960f4fc12e3b722b000b3093
2023-06-30 18:02:20 +02:00
Roland Mikhel 82670c71f6 bootutil: Add capability to test hw-rollback-prot
Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I3dee0baf27b8cae78b87135ea7447556b06fdefd
2023-06-27 14:42:34 +02:00
Roland Mikhel 61962b94f3 bootutil: fix FIH int conversion for security_cnt
Currently there's a compile error when building MCUboot
with HW_ROLLBACK_PROT due to a comparison
when decoding the security_cnt fih_int value. In the security_cnt.h
it is stated that this value must be between 0 and UINT32_MAX
so this cast would not cause any undefined behaviour.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: Iee158a31955ff43b73e67a0c08e7a086077b9eb5
2023-06-27 14:42:34 +02:00