modules/mcuboot/nrf53_hooks: fix boot_image_check_hook() #12846
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
changelog-entry-required
Test specificationCI/Jenkins/NRF
CI/Jenkins/integration
Detailed information of selected test modules Note: This message is automatically posted and updated by the CI |
de-nordic
approved these changes
Oct 24, 2023
rakons
approved these changes
Oct 24, 2023
nordicjm
approved these changes
Oct 25, 2023
boot_image_check_hook() implementation shall return fih_ret value type. The function should return FIH_BOOT_HOOK_REGULAR instead of BOOT_HOOK_REGULAR. If the Fault Injection Hardening (FIH) is enabled then fih_int type is different than fih_ret type. Also BOOT_HOOK_REGULAR and FIH_BOOT_HOOK_REGULAR are not the same things. Signed-off-by: Andrzej Puzdrowski <[email protected]>
nvlsianpu
force-pushed
the
bugfix/ncsdk-24203
branch
from
314925f
to
afdb83a
Compare
|
PR Rebased - CI issues were related to platform which are not affected by this patch, so probably it must have been fixed aside. |
jumi-nordic
approved these changes
Oct 25, 2023
|
@nvlsianpu please get changelog update and/or known issue update requested in #12657 |
|
Not really reviewing code. In case of potential need to update rel notes or known issues, we have a PR open for both. Please add such needs as comments in respective PRs. |
This was referenced Oct 25, 2023
|
Removed from the 2.5.0 scope - agreed to have known issues update: #12657 (review) |
30 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
boot_image_check_hook() implementation shall return fih_ret value type. The function should return FIH_BOOT_HOOK_REGULAR instead of BOOT_HOOK_REGULAR.
If the Fault Injection Hardening (FIH) is enabled then fih_int type is different than fih_ret type. Also BOOT_HOOK_REGULAR and FIH_BOOT_HOOK_REGULAR are not the same things.
ref. NCSDK-24203
Consequence of this is that when FIH is enabled, the standard boot_image_check() call is never performed by the mcuboot (for real images) and subsequent checks gets BOOT_HOOK_REGULAR as its results. In mcuboot loader.c this prematurely cause identification of invalid image.