When building images for testing they are aligned to a flash write size,
which works fine for flash based comparisons, but since RAM is always
reset to 0, if the flash is erased to 0xff, the final bytes of the
alignment will differ even though they are not relevant (not part of the
image itself).
This commit adds a real image size parameter to the ImageData, so it can
be used by the RAM load to compare only the relevant bits of the image
(ignore the padding), and also updates the RAM test routine to use the
correct image size.
Signed-off-by: Fabio Utzig <utzig@apache.org>
When building mcuboot-sys, the build script currently adds some
duplicate files. When used as a library, this works, because the code
is linked in as a library. However, when mcuboot-sys is tested itself,
all specified files will be brought in, which results in duplicate
symbols for these files.
Fix this by keeping track of all of the files that we've added, and
making sure to add each file once. Additionally, instead of using the
orphaned files in mbedtls-asn1, just always use the verions in the main
mbedtls library. There are some configurations of the code that end up
using both the extracted files and the full mbed TLS. Avoid that
conflict by just always using the full tree.
Signed-off-by: David Brown <david.brown@linaro.org>
When collected together as a workspace, the test framework ends up
running all of the configurations on each project. One configuration
option `large-write` doesn't really mean anything to mcuboot-sys, but
adding support for the feature allows this package to be tested along
with all of the other packages.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of having to cd into the 'sim' directory, create a top-level
Cargo.toml file that adds the sim as a workspace.
For the most part, this doesn't change how the simulator works. It is
still possible to run `cargo test ...` within the `sim` directory.
However, the `target` directory will reside at the top-level of the tree
instead of within the sim directory.
One change is that running cargo commands at the top of the tree will
run those commands on all of the packages found within the tree.
Specific packages can be tested by either changing to the directory of
that package, or passing `-p <dir>` to the cargo test command (i.e.
`cargo test -p bootsim`).
The other visible change from this commit is that the 'target' directory
will always be at the top of the tree, rather than in particular
directory where the test is run. Any scripts or tools that expect this
to be in a certainly location, will have to be modified.
Signed-off-by: David Brown <david.brown@linaro.org>
Update the dependencies in the main sim to the latest versions. There
are some minor changes in a few of the packages, and a fairly
significant change to the aes. The aes_ctr crate has been merged into
the aes crate, along with some changes to how it initialized.
Signed-off-by: David Brown <david.brown@linaro.org>
This reverts commit 78e4441bd3.
Although it shouldn't, this change is provoking numerous errors in
CI. In order to allow CI to continue, revert this change, and it can be
redone later, after fixing whatever is causing the CI build failures.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of requiring cargo to be run in the sim directory, create a
top-level "workspace" Cargo file, that references the others. The main
result of this is that cargo can now be run in the top of the workspace,
and the 'target' directory will be placed there, rather than in the sim
directory.
This is primarily of benefit to tools such as RLS, Rust-analyzer and
various IDEs that expect a crate at the top level of the tree.
Signed-off-by: David Brown <david.brown@linaro.org>
Combine all of the pieces to be able to test ram loading with multiple
images. We construct a model `RamData` that indicates where each image
should be loaded into RAM. This has to be made early enough to compute
signatures on the images, and then used later to verify that the images
were loaded properly.
Signed-off-by: David Brown <david.brown@linaro.org>
This RamData is filled in with a mapping between partitions and
information about where the data should be loaded into RAM when booting
in RamLoad mode. This commit creates the data, but does not yet use it.
Signed-off-by: David Brown <david.brown@linaro.org>
Test the basic configuration for ram loading. Instead of a fixed
address for RAM, the values come dynamically from a thread-local
variable (allowing the tests to run in parallel). The size of the ram
along with the address of the buffer in the test address space are
passed in this way.
This tests the single-image configurations of ram loading. Testing
multi-image will take additional work, as the RAM will need to be large
enough for both images, and the second image will need a meaningful
offset address in RAM.
Signed-off-by: David Brown <david.brown@linaro.org>
Perform simplistic test of the DIRECT_XIP configuration (both with
single and multi-images). This verifies that the bootloader indicates
the upgrade image should be booted.
Signed-off-by: David Brown <david.brown@linaro.org>
Add simulator support for building the direct-xip configuration.
Although this builds, there are no tests that test any of the
functionality, so all current tests trivially pass.
Signed-off-by: David Brown <david.brown@linaro.org>
Allow the sim to test configurations with MCUBOOT_RAM_LOAD defined.
This does not define any tests for this mode.
This adds definitions for simulated RAM offsets to the simulator. This
will define the offset (from `IMAGE_RAM_BASE`) to where the simulated
RAM will be located. For now, just give these somewhat reasonable
values so that we are able to at least compile the RAM_LOADING code in
the simulator.
Signed-off-by: David Brown <david.brown@linaro.org>
The function `flash_area_id_from_image_slot` is used in the RAM_LOAD and
DIRECT_XIP configurations. Define a version for use in the simulator.
Signed-off-by: David Brown <david.brown@linaro.org>
Some configurations of MCUboot do not modify the flash, but instead
MCUboot operates in a mode where it detects the best image to run.
Detect this, and skip what is currently a majority of the tests that
expect the upgrade to be moving data around in flash.
Signed-off-by: David Brown <david.brown@linaro.org>
The MCUBOOT_RAM_LOAD feature supports configurations where code is
loaded from flash into RAM before execution. As such, it is not
necessary for upgrades to move data around in flash.
Signed-off-by: David Brown <david.brown@linaro.org>
When the bootloader completes, it fills a response structure with
various information. Move this into the BootGoResult and provide an
accessor for it.
Signed-off-by: David Brown <david.brown@linaro.org>
Now that this result is abstracted, take the special case for a sim stop
and make it its own field. This hides the magic number we use to
indicate this to be entirely within mcuboot-sys.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of a tuple of values that is matched, return an abstract type
that has methods for querying the information we need. Abstracting this
will allow us to return additional information without having to change
all of the code that matches against these patterns.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of having this struct at a fairly low level in the simulator,
with the filled-in values effectively discarded after each call, pass
the value from higher up in the simulator. This prepares us for being
able to use the resulting data in upcoming tests.
Signed-off-by: David Brown <david.brown@linaro.org>
commit c304a7f84a
(refs/bisect/good-c304a7f84a7e7e345457e23b179fa302b8732fb9)
Author: Dominik Ermel <dominik.ermel@nordicsemi.no>
Date: Mon Jun 14 16:08:42 2021 +0000
sim: Add flash_area_get_device_id implementation
Adds an implementation for this function in the simulator that just
returns 0. Fix this to return the proper ID so that when tests start
checking for this, it will return the right value.
Signed-off-by: David Brown <david.brown@linaro.org>
Emits either MCUBOOT_SWAP_USING_SCRATCH and
CONFIG_BOOT_SWAP_USING_SCRATCH when swap using scratch
algorithm is expected.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Add new feature that allows testing EC256 encrypted images using the
Mbed TLS backend.
Move config-ecdsa.h to config-ec.h because definitions are very similar
between ECDSA and ECDH with Mbed TLS so resort to a single config file.
Add new feature and fix the build; add proper Mbed TLS memory
initialization when enc-ec256-mbedtls is used.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This padding field is defined as a u8 and a u16. Clarify the marshaling
code to match instead of just looping over bytes.
Signed-off-by: David Brown <david.brown@linaro.org>
This lifetime can be inferred by the compiler, so remove the explicit
one. This makes the code a little easier to read.
Signed-off-by: David Brown <david.brown@linaro.org>
Clippy suggests that having a closure in the condition of an if can be
confusing in regards to code formatting. Move the conditional outside
of the if into a temp variable.
Signed-off-by: David Brown <david.brown@linaro.org>
From a clippy suggestion, replace an index iterator over a slice, and
directly use a mutable iterator over the slice.
Signed-off-by: David Brown <david.brown@linaro.org>
Clippy suggests using a range with `contains` in situations where we
test if a value is within a range.
Signed-off-by: David Brown <david.brown@linaro.org>
Apply clippy suggestions to directly result in values instead of
returning those values at the end of a function. Better matches common
Rust style.
Signed-off-by: David Brown <david.brown@linaro.org>
In rust, if a struct field is initialized with a variable with the same
name as the field, it is redundant to say `field: field` as the
initializer, and just `field` is sufficient. Fix the instances of this
that clippy suggests.
Signed-off-by: David Brown <david.brown@linaro.org>
Cleanup some of the unsafe usage in mcuboot-sys. In one case, add a
safety comment to the function documentation. In the other, move the
unsafe to a narrower scope, reducing the number of instances of unsafe
needed. From clippy suggestions.
Signed-off-by: David Brown <david.brown@linaro.org>
Clippy suggests implementing Default when the `new` function for that
type just initializes the type to default values.
Signed-off-by: David Brown <david.brown@linaro.org>
According to clippy, `&'static` can just be `&` for static definitions,
which always have a static lifetime. Clean this up in the arrays in the
code, as well as generation code in imgtool.
Signed-off-by: David Brown <david.brown@linaro.org>
This incorporates changes both from the dependency changes in simflash,
as well as some minor changes that recent versions of Cargo make.
Signed-off-by: David Brown <david.brown@linaro.org>
The thiserror crate seems to be getting more momentum in the community
than failure. Switch to this for deriving our own error type.
Signed-off-by: David Brown <david.brown@linaro.org>
Fabio Utzig