Boot: Align MCUboot to the latest version
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
Co-authored-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I256ab23d330bd45a93ff33f0cd93e45822c0ed2f
diff --git a/bl2/ext/mcuboot/bl2_main.c b/bl2/ext/mcuboot/bl2_main.c
index c45c3ba..901a94e 100644
--- a/bl2/ext/mcuboot/bl2_main.c
+++ b/bl2/ext/mcuboot/bl2_main.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2012-2014 Wind River Systems, Inc.
- * Copyright (c) 2017-2022 Arm Limited.
+ * Copyright (c) 2017-2023 Arm Limited.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -89,7 +89,7 @@
int main(void)
{
- fih_int fih_rc = FIH_FAILURE;
+ fih_ret fih_rc = FIH_FAILURE;
enum tfm_plat_err_t plat_err;
int32_t image_id;
@@ -127,7 +127,7 @@
}
FIH_CALL(boot_nv_security_counter_init, fih_rc);
- if (fih_not_eq(fih_rc, FIH_SUCCESS)) {
+ if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
BOOT_LOG_ERR("Error while initializing the security counter");
FIH_PANIC;
}
@@ -151,8 +151,13 @@
FIH_PANIC;
}
+ /* Primary goal to zeroize the 'rsp' is to avoid to accidentally load
+ * the NS image in case of a fault injection attack. However, it is
+ * done anyway as a good practice to sanitize memory.
+ */
+ memset(&rsp, 0, sizeof(struct boot_rsp));
FIH_CALL(boot_go_for_image_id, fih_rc, &rsp, image_id);
- if (fih_not_eq(fih_rc, FIH_SUCCESS)) {
+ if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
BOOT_LOG_ERR("Unable to find bootable image");
FIH_PANIC;
}
diff --git a/bl2/ext/mcuboot/include/fih.h b/bl2/ext/mcuboot/include/fih.h
index 5331dbb..20cb3b2 100644
--- a/bl2/ext/mcuboot/include/fih.h
+++ b/bl2/ext/mcuboot/include/fih.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -20,11 +20,11 @@
#include "stdint.h"
/*
- * FIH return type macro changes the function return types to fih_int.
+ * FIH return type macro changes the function return types to fih_ret.
* All functions that need to be protected by FIH and called via FIH_CALL must
- * return a fih_int type.
+ * return a fih_ret type.
*/
-#define FIH_RET_TYPE(type) fih_int
+#define FIH_RET_TYPE(type) fih_ret
#include "bootutil/fault_injection_hardening.h"
diff --git a/bl2/src/security_cnt.c b/bl2/src/security_cnt.c
index 95a61ec..918a4e4 100644
--- a/bl2/src/security_cnt.c
+++ b/bl2/src/security_cnt.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -36,19 +36,19 @@
return (enum tfm_nv_counter_t)nv_counter;
}
-fih_int boot_nv_security_counter_init(void)
+fih_ret boot_nv_security_counter_init(void)
{
- fih_int fih_rc = FIH_FAILURE;
+ FIH_DECLARE(fih_rc, FIH_FAILURE);
- fih_rc = fih_int_encode_zero_equality(tfm_plat_init_nv_counter());
+ fih_rc = fih_ret_encode_zero_equality(tfm_plat_init_nv_counter());
FIH_RET(fih_rc);
}
-fih_int boot_nv_security_counter_get(uint32_t image_id, fih_int *security_cnt)
+fih_ret boot_nv_security_counter_get(uint32_t image_id, fih_int *security_cnt)
{
enum tfm_nv_counter_t nv_counter;
- fih_int fih_rc = FIH_FAILURE;
+ FIH_DECLARE(fih_rc, FIH_FAILURE);
uint32_t security_cnt_soft;
/* Check if it's a null-pointer. */
@@ -61,7 +61,7 @@
FIH_RET(FIH_FAILURE);
}
- fih_rc = fih_int_encode_zero_equality(
+ fih_rc = fih_ret_encode_zero_equality(
tfm_plat_read_nv_counter(nv_counter,
sizeof(security_cnt_soft),
(uint8_t *)&security_cnt_soft));
diff --git a/config/config_base.cmake b/config/config_base.cmake
index e02ea54..21a8fa5 100755
--- a/config/config_base.cmake
+++ b/config/config_base.cmake
@@ -136,7 +136,7 @@
set(TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH "" CACHE PATH "Config to append to standard Mbed Crypto config, used by platforms to cnfigure feature support")
set(MCUBOOT_PATH "DOWNLOAD" CACHE PATH "Path to MCUboot (or DOWNLOAD to fetch automatically")
-set(MCUBOOT_VERSION "v1.9.0" CACHE STRING "The version of MCUboot to use")
+set(MCUBOOT_VERSION "7453075" CACHE STRING "The version of MCUboot to use")
set(PSA_ARCH_TESTS_PATH "DOWNLOAD" CACHE PATH "Path to PSA arch tests (or DOWNLOAD to fetch automatically")
set(PSA_ARCH_TESTS_VERSION "cf8bd71" CACHE STRING "The version of PSA arch tests to use")
diff --git a/lib/ext/tf-m-tests/repo_config_default.cmake b/lib/ext/tf-m-tests/repo_config_default.cmake
index 3b3e21a..94a98fe 100644
--- a/lib/ext/tf-m-tests/repo_config_default.cmake
+++ b/lib/ext/tf-m-tests/repo_config_default.cmake
@@ -10,5 +10,5 @@
# Default configs of tf-m-tests repo
set(TFM_TEST_REPO_PATH "DOWNLOAD" CACHE PATH "Path to TFM-TEST repo (or DOWNLOAD to fetch automatically")
-set(TFM_TEST_REPO_VERSION "bb479b1" CACHE STRING "The version of tf-m-tests to use")
+set(TFM_TEST_REPO_VERSION "40096730" CACHE STRING "The version of tf-m-tests to use")
set(CMSIS_5_PATH "DOWNLOAD" CACHE PATH "Path to CMSIS_5 (or DOWNLOAD to fetch automatically")
diff --git a/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt b/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
index 5f83bc3..f67c729 100644
--- a/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
+++ b/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
@@ -159,6 +159,7 @@
PRIVATE
${MCUBOOT_PATH}/boot/bootutil/src/loader.c
${MCUBOOT_PATH}/boot/bootutil/src/bootutil_misc.c
+ ${MCUBOOT_PATH}/boot/bootutil/src/bootutil_public.c
${MCUBOOT_PATH}/boot/bootutil/src/image_validate.c
${MCUBOOT_PATH}/boot/bootutil/src/image_rsa.c
${MCUBOOT_PATH}/boot/bootutil/src/tlv.c
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c b/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
index e56defa..32c1481 100644
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
+++ b/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
@@ -13,18 +13,18 @@
#include "tfm_plat_provisioning.h"
#include "fwu_agent.h"
-fih_int boot_nv_security_counter_init(void)
+fih_ret boot_nv_security_counter_init(void)
{
- fih_int fih_rc = FIH_FAILURE;
+ FIH_DECLARE(fih_rc, FIH_FAILURE);
- fih_rc = fih_int_encode_zero_equality(tfm_plat_init_nv_counter());
+ fih_rc = fih_ret_encode_zero_equality(tfm_plat_init_nv_counter());
FIH_RET(fih_rc);
}
-fih_int boot_nv_security_counter_get(uint32_t image_id, fih_int *security_cnt)
+fih_ret boot_nv_security_counter_get(uint32_t image_id, fih_int *security_cnt)
{
- fih_int fih_rc = FIH_FAILURE;
+ FIH_DECLARE(fih_rc, FIH_FAILURE);
uint32_t security_cnt_soft;
/* Check if it's a null-pointer. */
@@ -36,7 +36,7 @@
FIH_RET(FIH_FAILURE);
}
- fih_rc = fih_int_encode_zero_equality(
+ fih_rc = fih_ret_encode_zero_equality(
tfm_plat_read_nv_counter(PLAT_NV_COUNTER_BL1_0,
sizeof(security_cnt_soft),
(uint8_t *)&security_cnt_soft));
diff --git a/platform/ext/target/arm/corstone1000/bl2_security_cnt.c b/platform/ext/target/arm/corstone1000/bl2_security_cnt.c
index 8fedbce..da9f74e 100644
--- a/platform/ext/target/arm/corstone1000/bl2_security_cnt.c
+++ b/platform/ext/target/arm/corstone1000/bl2_security_cnt.c
@@ -37,19 +37,19 @@
return (enum tfm_nv_counter_t)nv_counter;
}
-fih_int boot_nv_security_counter_init(void)
+fih_ret boot_nv_security_counter_init(void)
{
- fih_int fih_rc = FIH_FAILURE;
+ FIH_DECLARE(fih_rc, FIH_FAILURE);
- fih_rc = fih_int_encode_zero_equality(tfm_plat_init_nv_counter());
+ fih_rc = fih_ret_encode_zero_equality(tfm_plat_init_nv_counter());
FIH_RET(fih_rc);
}
-fih_int boot_nv_security_counter_get(uint32_t image_id, fih_int *security_cnt)
+fih_ret boot_nv_security_counter_get(uint32_t image_id, fih_int *security_cnt)
{
enum tfm_nv_counter_t nv_counter;
- fih_int fih_rc = FIH_FAILURE;
+ FIH_DECLARE(fih_rc, FIH_FAILURE);
uint32_t security_cnt_soft;
/* Check if it's a null-pointer. */
@@ -62,7 +62,7 @@
FIH_RET(FIH_FAILURE);
}
- fih_rc = fih_int_encode_zero_equality(
+ fih_rc = fih_ret_encode_zero_equality(
tfm_plat_read_nv_counter(nv_counter,
sizeof(security_cnt_soft),
(uint8_t *)&security_cnt_soft));