Skip to content

Commit

Permalink
Merge pull request #469 from danielinux/nvm-unit-tests
Browse files Browse the repository at this point in the history
New unit tests for NVM_FLASH_WRITEONCE, fix bug in offset calculation
  • Loading branch information
dgarske authored Jul 16, 2024
2 parents b9dc7ee + 8f0c090 commit 35db4cf
Show file tree
Hide file tree
Showing 5 changed files with 345 additions and 11 deletions.
12 changes: 2 additions & 10 deletions src/libwolfboot.c
Original file line number Diff line number Diff line change
Expand Up @@ -176,18 +176,10 @@ static const uint32_t wolfboot_magic_trail = WOLFBOOT_MAGIC_TRAIL;
#include <string.h>
static uint8_t NVM_CACHE[NVM_CACHE_SIZE] __attribute__((aligned(16)));
static int nvm_cached_sector = 0;

#ifdef __GNUC__
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Warray-bounds"
#endif
static uint8_t get_base_offset(uint8_t *base, uintptr_t off)
{
return *(base - off); /* ignore array bounds error */
}
#ifdef __GNUC__
#pragma GCC diagnostic pop
#endif

void WEAKFUNCTION hal_cache_invalidate(void)
{
Expand Down Expand Up @@ -308,8 +300,8 @@ static int RAMFUNCTION nvm_select_fresh_sector(int part)
break;
}
/* Examine previous position one byte ahead */
byte_0 = get_base_offset(base, (1 - off));
byte_1 = get_base_offset(base, (1 - (WOLFBOOT_SECTOR_SIZE + off)));
byte_0 = get_base_offset(base, (off - 1));
byte_1 = get_base_offset(base, ((WOLFBOOT_SECTOR_SIZE + off) - 1));

sel = FLAG_CMP(byte_0, byte_1);
break;
Expand Down
6 changes: 5 additions & 1 deletion tools/unit-tests/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ WOLFCRYPT=../../lib/wolfssl/


TESTS:=unit-parser unit-extflash unit-aes128 unit-aes256 unit-chacha20 unit-pci \
unit-mock-state unit-sectorflags unit-image
unit-mock-state unit-sectorflags unit-image unit-nvm

all: $(TESTS)

Expand All @@ -39,6 +39,7 @@ unit-aes128:CFLAGS+=-DEXT_ENCRYPTED -DENCRYPT_WITH_AES128
unit-aes256:CFLAGS+=-DEXT_ENCRYPTED -DENCRYPT_WITH_AES256
unit-chacha20:CFLAGS+=-DEXT_ENCRYPTED -DENCRYPT_WITH_CHACHA
unit-parser:CFLAGS+=-DNVM_FLASH_WRITEONCE
unit-nvm:CFLAGS+=-DNVM_FLASH_WRITEONCE -DMOCK_PARTITIONS


WOLFCRYPT_SRC:=$(WOLFCRYPT)/wolfcrypt/src/sha.c \
Expand Down Expand Up @@ -86,6 +87,9 @@ unit-sectorflags: ../../include/target.h unit-sectorflags.c
unit-image: unit-image.c unit-common.c $(WOLFCRYPT_SRC)
gcc -o $@ $^ $(CFLAGS) $(WOLFCRYPT_CFLAGS) $(LDFLAGS)

unit-nvm: ../../include/target.h unit-nvm.c
gcc -o $@ unit-nvm.c $(CFLAGS) $(LDFLAGS)

%.o:%.c
gcc -c -o $@ $^ $(CFLAGS)

Expand Down
8 changes: 8 additions & 0 deletions tools/unit-tests/target.h
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,13 @@

#define WOLFBOOT_SECTOR_SIZE 0x400

#ifdef MOCK_PARTITIONS
#define WOLFBOOT_PARTITION_BOOT_ADDRESS 0xCD000000
#define WOLFBOOT_PARTITION_SIZE 0x8000
#define WOLFBOOT_PARTITION_UPDATE_ADDRESS 0xCC000000
#define WOLFBOOT_PARTITION_SWAP_ADDRESS 0xCE000000
#else

#ifdef WOLFBOOT_FIXED_PARTITIONS

#ifdef PULL_LINKER_DEFINES
Expand Down Expand Up @@ -66,6 +73,7 @@
/* Load address in RAM for staged OS (update_ram only) */
#define WOLFBOOT_LOAD_ADDRESS 0x200000
#define WOLFBOOT_LOAD_DTS_ADDRESS 0x400000
#endif /* MOCK_PARTITIONS */


#endif /* !H_TARGETS_TARGET_ */
233 changes: 233 additions & 0 deletions tools/unit-tests/unit-nvm.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,233 @@
#define WOLFBOOT_HASH_SHA256
#define IMAGE_HEADER_SIZE 256
#define UNIT_TEST
#define WC_NO_HARDEN
#define MOCK_ADDRESS 0xCC000000
#include <stdio.h>
#include "libwolfboot.c"
#include <fcntl.h>
#include <unistd.h>
#include <sys/mman.h>
#include <check.h>

static int locked = 0;
static int erased_boot = 0;
static int erased_update = 0;
static int erased_nvm_bank0 = 0;
static int erased_nvm_bank1 = 0;





/* Mocks */
void hal_init(void)
{
}
int hal_flash_write(haladdr_t address, const uint8_t *data, int len)
{
int i;
uint8_t *a = (uint8_t *)address;
if ((address >= WOLFBOOT_PARTITION_UPDATE_ADDRESS) &&
(address < WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE)) {
for (i = 0; i < len; i++) {
a[i] = data[i];
}
}
return 0;
}
int hal_flash_erase(haladdr_t address, int len)
{
if ((address >= WOLFBOOT_PARTITION_BOOT_ADDRESS) &&
(address < WOLFBOOT_PARTITION_BOOT_ADDRESS + WOLFBOOT_PARTITION_SIZE)) {
erased_boot++;
} else if ((address >= WOLFBOOT_PARTITION_UPDATE_ADDRESS) &&
(address < WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE)) {
erased_update++;
memset(address, 0xFF, len);
if (address >= WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE - WOLFBOOT_SECTOR_SIZE) {
erased_nvm_bank0++;
} else if (address >= WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE - 2 * WOLFBOOT_SECTOR_SIZE) {
erased_nvm_bank1++;
}
} else {
fail("Invalid address\n");
return -1;
}
return 0;
}
void hal_flash_unlock(void)
{
fail_unless(locked, "Double unlock detected\n");
locked--;
}
void hal_flash_lock(void)
{
fail_if(locked, "Double lock detected\n");
locked++;
}

void hal_prepare_boot(void)
{
}

/* A simple mock memory */
static int mmap_file(const char *path, uint8_t *address, uint8_t** ret_address)
{
struct stat st = { 0 };
uint8_t *mmaped_addr;
int ret;
int fd;
int i;

if (path == NULL)
return -1;

fd = open(path, O_RDWR|O_CREAT|O_TRUNC, 0666);
if (fd == -1) {
fprintf(stderr, "can't open %s\n", path);
return -1;
}
fprintf(stderr, "Open file: %s success.\n", path);
for (i = 0; i < WOLFBOOT_PARTITION_SIZE; i+=4) {
const uint32_t erased_word = 0xBADBADBA;
write(fd, &erased_word, 4);
}
lseek(fd, SEEK_SET, 0);

mmaped_addr = mmap(address, WOLFBOOT_PARTITION_SIZE, PROT_READ | PROT_WRITE,
MAP_SHARED, fd, 0);
if (mmaped_addr == MAP_FAILED) {
fprintf(stderr, "MMAP failed.\n");
return -1;
}

fprintf(stderr, "Simulator assigned %s to base %p\n", path, mmaped_addr);

if (ret_address)
*ret_address = mmaped_addr;

close(fd);
return 0;
}


/* End Mocks */

Suite *wolfboot_suite(void);


START_TEST (test_nvm_select_fresh_sector)
{
int ret;
const char BOOT[] = "BOOT";
const uint32_t *boot_word = (const uint32_t *)BOOT;
uint8_t st;
uint32_t *magic;
ret = mmap_file("/tmp/wolfboot-unit-file.bin", MOCK_ADDRESS, NULL);

erased_update = 0;
wolfBoot_erase_partition(PART_UPDATE);
fail_if(erased_update != 1);
/* Erased flag sectors: select '0' by default */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select default fresh sector\n");

/* Force a good 'magic' at the end of sector 1 by setting the magic word */
wolfBoot_set_partition_state(PART_UPDATE, IMG_STATE_NEW);
magic = get_partition_magic(PART_UPDATE);
fail_if(*magic != *boot_word,
"Failed to read back 'BOOT' trailer at the end of the partition");

/* Current selected should now be 1 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 1, "Failed to select good fresh sector\n");

erased_nvm_bank1 = 0;
erased_nvm_bank0 = 0;

/* Calling 'set_partition_state' should change the current sector */
wolfBoot_set_partition_state(PART_UPDATE, IMG_STATE_UPDATING);

/* Current selected should now be 0 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select updating fresh sector\n");
fail_if(erased_nvm_bank1 == 0, "Did not erase the non-selected bank");

erased_nvm_bank1 = 0;
erased_nvm_bank0 = 0;

/* Check state is read back correctly */
ret = wolfBoot_get_partition_state(PART_UPDATE, &st);
fail_if(ret != 0, "Failed to read back state\n");
fail_if(st != IMG_STATE_UPDATING, "Bootloader in the wrong state\n");

/* Check that reading did not change the current sector */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select right sector after reading\n");

/* Update one sector flag, it should change nvm sector */
wolfBoot_set_update_sector_flag(0, SECT_FLAG_SWAPPING);

/* Current selected should now be 1 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 1, "Failed to select updating fresh sector\n");
fail_if(erased_nvm_bank0 == 0, "Did not erase the non-selected bank");

/* Check sector state is read back correctly */
ret = wolfBoot_get_update_sector_flag(0, &st);
fail_if (ret != 0, "Failed to read sector flag state\n");
fail_if (st != SECT_FLAG_SWAPPING, "Wrong sector flag state\n");

/* Check that reading did not change the current sector (1) */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 1, "Failed to select right sector after reading sector state\n");

/* Update sector flag, again. it should change nvm sector */
erased_nvm_bank1 = 0;
erased_nvm_bank0 = 0;
wolfBoot_set_update_sector_flag(0, SECT_FLAG_UPDATED);

/* Current selected should now be 0 */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select updating fresh sector\n");
fail_if(erased_nvm_bank1 == 0, "Did not erase the non-selected bank");

/* Check sector state is read back correctly */
ret = wolfBoot_get_update_sector_flag(0, &st);
fail_if (ret != 0, "Failed to read sector flag state\n");
fail_if (st != SECT_FLAG_UPDATED, "Wrong sector flag state\n");

/* Check that reading did not change the current sector (0) */
ret = nvm_select_fresh_sector(PART_UPDATE);
fail_if(ret != 0, "Failed to select right sector after reading sector state\n");

}
END_TEST


Suite *wolfboot_suite(void)
{

/* Suite initialization */
Suite *s = suite_create("wolfBoot-NVM-workarounds");

/* Test cases */
TCase *nvm_select_fresh_sector = tcase_create("NVM select fresh sector");
tcase_add_test(nvm_select_fresh_sector, test_nvm_select_fresh_sector);
suite_add_tcase(s, nvm_select_fresh_sector);

return s;
}


int main(void)
{
int fails;
Suite *s = wolfboot_suite();
SRunner *sr = srunner_create(s);
srunner_run_all(sr, CK_NORMAL);
fails = srunner_ntests_failed(sr);
srunner_free(sr);
return fails;
}
Loading

0 comments on commit 35db4cf

Please sign in to comment.