mcuboot/boot/boot_serial
Michael Grand 5047f032c9 fih: Hardening of fault injection countermeasures
Returned values are now hardcoded. Indeed, while it is not
strictly needed (few return values different from SUCCESS
or FAILURE) complexity added by encoding return values might
cause the software to be vulnerable to fault attacks.

Return type changed from fih_int to fih_ret to make
the whole thing much simpler and therefore more robust
to fault attacks. In addition, its easier to predict
compiler behavior.

Affectation of sentive variables has been hardened using macro
FIH_SET (affectation + check wether write access has been properly
done). FIH_DECLARE() is added to ease the declaration of sentive
variables.

Equality tests fih_eq() and fih_not_eq() are now macros because
inlining produce more complex code (and weaker) than macros.
In addition fih_not_eq is modified to be the negation of fih_eq
which was not the case until now.

when FIH_NOT_EQ is used , FIH_SET(fih_rc, FIH_FAILURE) has been added
in some part of the code.

variable image_mask (bootutil_priv.h) is now volatile because a
double IF test is made on it.

some others parts of the code have been hardenned (eg. loop on images)

Signed-off-by: Michael Grand <m.grand@trustngo.tech>
2023-01-30 09:34:34 -07:00
..
include/boot_serial boot_serial: zephyr: Add optional timeout to enter serial recovery 2022-02-09 16:20:58 -07:00
src fih: Hardening of fault injection countermeasures 2023-01-30 09:34:34 -07:00
test boot_serial: Fix Mynewt tests compilation 2022-06-27 14:26:39 -06:00
pkg.yml boot_serial: Port encoding to use cddl-gen 2021-05-25 11:52:38 -03:00
syscfg.yml zephyr/serial_adapter; no need to inject \r on \n anymore. 2018-06-14 23:19:06 +03:00