Always calculate the firmware measurement even if there is no valid i… #1521
Conversation
|
This PR does not plumb the fwid up to the control plane when the image is not valid. |
|
With the minor kernel size increase, the other app.toml files will need to be updated as well. |
| let programmed = Range { | ||
| start: flash.start, | ||
| end: end.unwrap_or(flash.start), | ||
| }; |
There was a problem hiding this comment.
Not sure if this is intentional but given a range of 3 blocks with the middle block not programmed the programmed range will be reported as Range { start: 0, end: 1 }. Is the intention to ignore all pages after an unprogrammed one is encountered? It will include the 2 programmed page in the hash so the important behavior has been preserved. Representing the programmed pages as a contiguous range when it may not be could cause confusion though.
There was a problem hiding this comment.
This is intentional. Maybe "programmed" should be renamed for clarity though.
The intent is to know the contiguous programmed region starting from offset zero.
This range will be used to test that pointers and offsets in the NXP executable image have no erased gap pages.
The first test is that the NXP length field is in that region. Later tests are bounded by that
NXP image length value.
There was a problem hiding this comment.
I updated the comment on Image{programmed: } since I didn't come up with a more descriptive name that wasn't awkward. Does that work?
| // | ||
| // Note: if partially programmed pages is a possibility then that could be | ||
| // a problem with respect to catching exfiltration attempts. | ||
| pub fn new(dev: &mut Flash, flash: Range<u32>) -> Image { |
| } | ||
| } | ||
|
|
||
| pub fn is_programmed(&self, addr: &u32) -> bool { |
There was a problem hiding this comment.
does this need to be pub:
|
|
||
| // True if the flash slot's span of contiguous programmed pages | ||
| // starting at offset zero includes the given span. | ||
| pub fn is_span_programmed(&self, start: u32, length: u32) -> bool { |
There was a problem hiding this comment.
does this need to be pub:
| } | ||
|
|
||
| pub fn image_details(img: Image, flash: &mut Flash) -> RotImageDetails { | ||
| impl Image { |
There was a problem hiding this comment.
You've got a second impl block here
…mage. Note: The measurement is not plumbed through to the management plane at this time. It will wait for other API changes. Also, figure out the programmed pages once while performing the slot measurement and use those results when the image is being verified. Tweak .gitignore for tags and cscope users.
Remove personal .gititnore patterns and move them to the file specified by ~/.gitconfig: excludesfile = ... Various app.toml updates to accommodate flash/ram requirements Set fwid = true in app.toml files.
|
Closed by #1675 |
…mage.
Note: The measurement is not plumbed through to the management plane at this time. It will wait for other API changes.
Also, figure out the programmed pages once while performing the slot measurement and use those results when the image is being verified.
Tweak .gitignore for tags and cscope users.