You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by ma...@apache.org on 2016/05/26 18:11:54 UTC
incubator-mynewt-core git commit: bootutil;
bug fix: if integrity check of an image fails, try the other one.
Repository: incubator-mynewt-core
Updated Branches:
refs/heads/develop 92a5980b6 -> fd862aa80
bootutil; bug fix: if integrity check of an image fails, try the other one.
Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/commit/fd862aa8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/tree/fd862aa8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/diff/fd862aa8
Branch: refs/heads/develop
Commit: fd862aa80df71e96aaf96d61dd0b3c5902c19bb2
Parents: 92a5980
Author: Marko Kiiskila <ma...@runtime.io>
Authored: Thu May 26 11:10:52 2016 -0700
Committer: Marko Kiiskila <ma...@runtime.io>
Committed: Thu May 26 11:10:52 2016 -0700
----------------------------------------------------------------------
libs/bootutil/src/loader.c | 40 ++++++++++++++++++++++++++++++----------
1 file changed, 30 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/fd862aa8/libs/bootutil/src/loader.c
----------------------------------------------------------------------
diff --git a/libs/bootutil/src/loader.c b/libs/bootutil/src/loader.c
index b3704ee..f155779 100644
--- a/libs/bootutil/src/loader.c
+++ b/libs/bootutil/src/loader.c
@@ -126,6 +126,27 @@ boot_select_image_slot(void)
}
/*
+ * Validate image hash/signature in a slot.
+ */
+static int
+boot_image_check(struct image_header *hdr, struct boot_image_location *loc)
+{
+ static void *tmpbuf;
+
+ if (!tmpbuf) {
+ tmpbuf = malloc(BOOT_TMPBUF_SZ);
+ if (!tmpbuf) {
+ return BOOT_ENOMEM;
+ }
+ }
+ if (bootutil_img_validate(hdr, loc->bil_flash_id, loc->bil_address,
+ tmpbuf, BOOT_TMPBUF_SZ)) {
+ return BOOT_EBADIMAGE;
+ }
+ return 0;
+}
+
+/*
* How many sectors starting from sector[idx] can fit inside scratch.
*
*/
@@ -385,7 +406,6 @@ int
boot_go(const struct boot_req *req, struct boot_rsp *rsp)
{
struct boot_image_location image_addrs[BOOT_NUM_SLOTS];
- void *tmpbuf;
int slot;
int rc;
int i;
@@ -441,16 +461,16 @@ boot_go(const struct boot_req *req, struct boot_rsp *rsp)
return BOOT_EBADIMAGE;
}
}
- tmpbuf = malloc(BOOT_TMPBUF_SZ);
- if (!tmpbuf) {
- return BOOT_ENOMEM;
- }
- if (bootutil_img_validate(&boot_img_hdrs[slot],
- image_addrs[slot].bil_flash_id, image_addrs[slot].bil_address,
- tmpbuf, BOOT_TMPBUF_SZ)) {
- return BOOT_EBADIMAGE;
- }
+ /*
+ * If the selected image fails integrity check, try the other one.
+ */
+ if (boot_image_check(&boot_img_hdrs[slot], &image_addrs[slot])) {
+ slot ^= 1;
+ if (boot_image_check(&boot_img_hdrs[slot], &image_addrs[slot])) {
+ return BOOT_EBADIMAGE;
+ }
+ }
switch (slot) {
case 0:
rsp->br_hdr = &boot_img_hdrs[0];