feat(srv/flash-updater): Add support for verifying update ELF signature

Author: iqyx

applications/bootloader/app.c

@@ -1,5 +1,6 @@
 #include <main.h>
 
+#include <libopencm3/cm3/scb.h>
 #include <services/chainloader/chainloader.h>
 #include <interfaces/flash.h>
 
@@ -19,11 +20,14 @@ static const char *bl_states[] = {
 	"check-signature",
 	"find-update",
 	"validate-update",
+	"flash-update",
+	"disable-update",
+	"reset",
 };
 
 
 static void bl_set_state(App *self, enum bl_state state) {
-	u_log(system_log, LOG_TYPE_DEBUG, U_LOG_MODULE_PREFIX("state '%s' -> '%s'"), bl_states[self->state], bl_states[state]);
+	u_log(system_log, LOG_TYPE_INFO, U_LOG_MODULE_PREFIX("\x1b[1mstate '%s' -> '%s'"), bl_states[self->state], bl_states[state]);
 	self->state = state;
 }
 
@@ -78,8 +82,6 @@ static app_ret_t bl_step(App *self) {
 		}
 
 		case BL_STATE_FIND_UPDATE: {
-			u_log(system_log, LOG_TYPE_INFO, U_LOG_MODULE_PREFIX("Trying to initialize flash-updater"));
-
 			Flash *target = NULL;
 			if (iservicelocator_query_name_type(locator, "app", ISERVICELOCATOR_TYPE_FLASH, (Interface **)&target) != ISERVICELOCATOR_RET_OK) {
 				u_log(system_log, LOG_TYPE_INFO, U_LOG_MODULE_PREFIX("no update target found, skipping update check"));
@@ -92,26 +94,72 @@ static app_ret_t bl_step(App *self) {
 				bl_set_state(self, BL_STATE_FIND_APP);
 			}
 
-			if (flash_updater_init(&self->updater, target) == FLASH_UPDATER_RET_OK &&
-			    flash_updater_set_source_flash(&self->updater, update) == FLASH_UPDATER_RET_OK) {
-				bl_set_state(self, BL_STATE_VALIDATE_UPDATE);
+			if (flash_updater_init(&self->updater, target) != FLASH_UPDATER_RET_OK ||
+			    flash_updater_set_source_flash(&self->updater, update) != FLASH_UPDATER_RET_OK) {
+				bl_set_state(self, BL_STATE_FIND_APP);
+
+			}
 
+			Stream *console = NULL;
+			if (iservicelocator_query_name_type(locator, "console", ISERVICELOCATOR_TYPE_STREAM, (Interface **)&console) == ISERVICELOCATOR_RET_OK) {
+				/* Set only if found. */
+				if (flash_updater_set_console(&self->updater, console) != FLASH_UPDATER_RET_OK) {
+					bl_set_state(self, BL_STATE_FIND_APP);
+				}
 			}
+
+			bl_set_state(self, BL_STATE_VALIDATE_UPDATE);
 			break;
 		}
 
 		case BL_STATE_VALIDATE_UPDATE: {
-			u_log(system_log, LOG_TYPE_INFO, U_LOG_MODULE_PREFIX("validating update sources"));
-			if (flash_updater_validate_source(&self->updater) == FLASH_UPDATER_RET_OK) {
+			const char pubkey_b64[] = CONFIG_BL_PUBKEY;
+			size_t keylen = 32;
+			uint8_t pubkey[32] = {0};
+			base64decode(pubkey_b64, strlen(pubkey_b64), pubkey, &keylen);
+			if (keylen != 32) {
+				u_log(system_log, LOG_TYPE_ERROR, U_LOG_MODULE_PREFIX("wrong pubkey size %d"), keylen);
+				bl_set_state(self, BL_STATE_ALL_FAILED);
+				break;
+			}
+
+			if (flash_updater_validate_source(&self->updater) == FLASH_UPDATER_RET_OK &&
+			    flash_updater_find_signature(&self->updater) == FLASH_UPDATER_RET_OK &&
+			    flash_updater_check_signature(&self->updater, pubkey) == FLASH_UPDATER_RET_OK) {
 				/* Continue with the update process. */
-				bl_set_state(self, BL_STATE_FIND_APP);
+				bl_set_state(self, BL_STATE_FLASH_UPDATE);
 				break;
 			}
-			u_log(system_log, LOG_TYPE_INFO, U_LOG_MODULE_PREFIX("cannot find update image, continuing boot"));
+			u_log(system_log, LOG_TYPE_INFO, U_LOG_MODULE_PREFIX("cannot validate update image, continuing boot"));
 			bl_set_state(self, BL_STATE_FIND_APP);
 			break;
 		}
 
+		case BL_STATE_FLASH_UPDATE: {
+			/* If something failed, we cannot do more. */
+			flash_updater_write(&self->updater);
+			bl_set_state(self, BL_STATE_DISABLE_UPDATE);
+
+			break;
+		}
+
+		case BL_STATE_DISABLE_UPDATE: {
+			flash_updater_disable_update(&self->updater);
+			bl_set_state(self, BL_STATE_FIND_APP);
+
+			break;
+		}
+
+
+		case BL_STATE_RESET: {
+			SCB_AIRCR = (SCB_AIRCR_VECTKEY | SCB_AIRCR_SYSRESETREQ);
+			while (true) {
+				;
+			}
+
+			break;
+		}
+
 		case BL_STATE_INIT:
 		default:
 			bl_set_state(self, BL_STATE_FIND_UPDATE);

applications/bootloader/app.h

@@ -35,6 +35,9 @@ enum bl_state {
 
 	BL_STATE_FIND_UPDATE,
 	BL_STATE_VALIDATE_UPDATE,
+	BL_STATE_FLASH_UPDATE,
+	BL_STATE_DISABLE_UPDATE,
+	BL_STATE_RESET,
 };
 
 typedef struct {

ports/nwdaq-s2-main-g4/port.c

@@ -145,16 +145,29 @@ Stm32Flash iflash;
 FlashVolStatic pv_iflash;
 
 Flash *lv_bl;
+Flash *lv_conf;
+Flash *lv_mib;
 Flash *lv_app;
 Flash *lv_update;
 
 static void port_flash_init(void) {
 	stm32_flash_init(&iflash);
 
 	flash_vol_static_init(&pv_iflash, &iflash.flash);
-	flash_vol_static_create(&pv_iflash, "bootloader", 0, 64 * 1024, &lv_bl);
-	flash_vol_static_create(&pv_iflash, "app", 64 * 1024, 128 * 1024, &lv_app);
-	flash_vol_static_create(&pv_iflash, "update", 192 * 1024, 64 * 1024, &lv_update);
+	flash_vol_static_create(&pv_iflash, "bootloader", 0,          60 * 1024,  &lv_bl);
+	iservicelocator_add(locator, ISERVICELOCATOR_TYPE_FLASH, (Interface *)lv_bl, "bootloader");
+
+	flash_vol_static_create(&pv_iflash, "bootconf",   60 * 1024,  2 * 1024,   &lv_conf);
+	iservicelocator_add(locator, ISERVICELOCATOR_TYPE_FLASH, (Interface *)lv_conf, "bootconf");
+
+	flash_vol_static_create(&pv_iflash, "mib",        62 * 1024,  2 * 1024,   &lv_mib);
+	iservicelocator_add(locator, ISERVICELOCATOR_TYPE_FLASH, (Interface *)lv_mib, "mib");
+
+	flash_vol_static_create(&pv_iflash, "app",        64 * 1024,  128 * 1024, &lv_app);
+	iservicelocator_add(locator, ISERVICELOCATOR_TYPE_FLASH, (Interface *)lv_app, "app");
+
+	flash_vol_static_create(&pv_iflash, "update",     192 * 1024, 64 * 1024,  &lv_update);
+	iservicelocator_add(locator, ISERVICELOCATOR_TYPE_FLASH, (Interface *)lv_update, "update");
 }
 
 
@@ -236,7 +249,7 @@ int32_t port_init(void) {
 	port_setup_default_gpio();
 	console_init();
 	port_flash_init();
-	xz_test();
+	//xz_test();
 
 	#if !defined(CONFIG_APP_BL)
 		gpio_set(GPIOA, GPIO5);