You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by ma...@apache.org on 2016/05/26 18:11:54 UTC

incubator-mynewt-core git commit: bootutil; bug fix: if integrity check of an image fails, try the other one.

Repository: incubator-mynewt-core
Updated Branches:
  refs/heads/develop 92a5980b6 -> fd862aa80


bootutil; bug fix: if integrity check of an image fails, try the other one.


Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/commit/fd862aa8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/tree/fd862aa8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/diff/fd862aa8

Branch: refs/heads/develop
Commit: fd862aa80df71e96aaf96d61dd0b3c5902c19bb2
Parents: 92a5980
Author: Marko Kiiskila <ma...@runtime.io>
Authored: Thu May 26 11:10:52 2016 -0700
Committer: Marko Kiiskila <ma...@runtime.io>
Committed: Thu May 26 11:10:52 2016 -0700

----------------------------------------------------------------------
 libs/bootutil/src/loader.c | 40 ++++++++++++++++++++++++++++++----------
 1 file changed, 30 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/fd862aa8/libs/bootutil/src/loader.c
----------------------------------------------------------------------
diff --git a/libs/bootutil/src/loader.c b/libs/bootutil/src/loader.c
index b3704ee..f155779 100644
--- a/libs/bootutil/src/loader.c
+++ b/libs/bootutil/src/loader.c
@@ -126,6 +126,27 @@ boot_select_image_slot(void)
 }
 
 /*
+ * Validate image hash/signature in a slot.
+ */
+static int
+boot_image_check(struct image_header *hdr, struct boot_image_location *loc)
+{
+    static void *tmpbuf;
+
+    if (!tmpbuf) {
+        tmpbuf = malloc(BOOT_TMPBUF_SZ);
+        if (!tmpbuf) {
+            return BOOT_ENOMEM;
+        }
+    }
+    if (bootutil_img_validate(hdr, loc->bil_flash_id, loc->bil_address,
+        tmpbuf, BOOT_TMPBUF_SZ)) {
+        return BOOT_EBADIMAGE;
+    }
+    return 0;
+}
+
+/*
  * How many sectors starting from sector[idx] can fit inside scratch.
  *
  */
@@ -385,7 +406,6 @@ int
 boot_go(const struct boot_req *req, struct boot_rsp *rsp)
 {
     struct boot_image_location image_addrs[BOOT_NUM_SLOTS];
-    void *tmpbuf;
     int slot;
     int rc;
     int i;
@@ -441,16 +461,16 @@ boot_go(const struct boot_req *req, struct boot_rsp *rsp)
             return BOOT_EBADIMAGE;
         }
     }
-    tmpbuf = malloc(BOOT_TMPBUF_SZ);
-    if (!tmpbuf) {
-        return BOOT_ENOMEM;
-    }
-    if (bootutil_img_validate(&boot_img_hdrs[slot],
-        image_addrs[slot].bil_flash_id, image_addrs[slot].bil_address,
-        tmpbuf, BOOT_TMPBUF_SZ)) {
-        return BOOT_EBADIMAGE;
-    }
 
+    /*
+     * If the selected image fails integrity check, try the other one.
+     */
+    if (boot_image_check(&boot_img_hdrs[slot], &image_addrs[slot])) {
+        slot ^= 1;
+        if (boot_image_check(&boot_img_hdrs[slot], &image_addrs[slot])) {
+            return BOOT_EBADIMAGE;
+        }
+    }
     switch (slot) {
     case 0:
         rsp->br_hdr = &boot_img_hdrs[0];