mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-23 23:08:14 +00:00
fix(core/bootloader): fix firmware update on stm32u5a
[no changelog]
This commit is contained in:
parent
a265b0f176
commit
dc276d1520
@ -175,8 +175,18 @@ static uint32_t check_sdcard(void) {
|
||||
_Static_assert(IMAGE_CHUNK_SIZE >= BOOTLOADER_IMAGE_MAXSIZE,
|
||||
"BOOTLOADER IMAGE MAXSIZE too large for IMAGE_CHUNK_SIZE");
|
||||
|
||||
if (sectrue != (check_single_hash(
|
||||
hdr->hashes, ((const uint8_t *)sdcard_buf) + hdr->hdrlen,
|
||||
const uint32_t headers_end_offset = hdr->hdrlen;
|
||||
const uint32_t code_start_offset = IMAGE_CODE_ALIGN(headers_end_offset);
|
||||
|
||||
for (uint32_t i = headers_end_offset; i < code_start_offset; i++) {
|
||||
if (((uint8_t *)sdcard_buf)[i] != 0) {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
if (sectrue !=
|
||||
(check_single_hash(hdr->hashes,
|
||||
(const uint8_t *)sdcard_buf + code_start_offset,
|
||||
hdr->codelen))) {
|
||||
return 0;
|
||||
}
|
||||
|
@ -576,6 +576,20 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size,
|
||||
|
||||
memcpy(&hdr, received_hdr, sizeof(hdr));
|
||||
|
||||
size_t headers_end = IMAGE_HEADER_SIZE + vhdr.hdrlen;
|
||||
headers_offset = IMAGE_CODE_ALIGN(IMAGE_HEADER_SIZE + vhdr.hdrlen);
|
||||
|
||||
// check padding between headers and the code
|
||||
for (size_t i = headers_end; i < headers_offset; i++) {
|
||||
if (CHUNK_BUFFER_PTR[i] != 0) {
|
||||
MSG_SEND_INIT(Failure);
|
||||
MSG_SEND_ASSIGN_VALUE(code, FailureType_Failure_ProcessError);
|
||||
MSG_SEND_ASSIGN_STRING(message, "Invalid chunk padding");
|
||||
MSG_SEND(Failure);
|
||||
return UPLOAD_ERR_INVALID_CHUNK_PADDING;
|
||||
}
|
||||
}
|
||||
|
||||
vendor_header current_vhdr;
|
||||
|
||||
secbool is_new = secfalse;
|
||||
@ -684,7 +698,6 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size,
|
||||
NULL);
|
||||
}
|
||||
|
||||
headers_offset = IMAGE_HEADER_SIZE + vhdr.hdrlen;
|
||||
read_offset = IMAGE_INIT_CHUNK_SIZE;
|
||||
|
||||
// request the rest of the first chunk
|
||||
|
@ -46,6 +46,7 @@ enum {
|
||||
UPLOAD_ERR_FIRMWARE_MISMATCH = -11,
|
||||
UPLOAD_ERR_NOT_FIRMWARE_UPGRADE = -12,
|
||||
UPLOAD_ERR_NOT_FULLTRUST_IMAGE = -13,
|
||||
UPLOAD_ERR_INVALID_CHUNK_PADDING = -14,
|
||||
};
|
||||
|
||||
enum {
|
||||
|
@ -558,7 +558,7 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size,
|
||||
|
||||
// no user confirmations, go directly to upload
|
||||
|
||||
headers_offset = IMAGE_HEADER_SIZE + vhdr.hdrlen;
|
||||
headers_offset = IMAGE_CODE_ALIGN(IMAGE_HEADER_SIZE + vhdr.hdrlen);
|
||||
read_offset = IMAGE_INIT_CHUNK_SIZE;
|
||||
|
||||
// request the rest of the first chunk
|
||||
|
@ -270,7 +270,7 @@ secbool check_image_contents(const image_header *const hdr, uint32_t firstskip,
|
||||
const uint8_t *addr =
|
||||
(uint8_t *)flash_area_get_address(area, firstskip, padding_size);
|
||||
for (size_t i = 0; i < padding_size; i++) {
|
||||
if (*addr != 0) {
|
||||
if (*addr++ != 0) {
|
||||
return secfalse;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user