multiboot: Refactor boot data validation, add version numbers

Instead of verifying the CRC before every access of the boot data, verify the CRC once at startup and set a flag to indicate the boot data is valid. Also add a framework to support multiple boot protocol versions. Firmware declares the maximum supported protocol version using a version byte in the boot data header. The bootloader chooses the highest version supported by it and the firmware when deciding what boot protocol to use. Change-Id: I810194625dc0833f026d2a23b8d64ed467fa6aca
2022-12-22 19:23:29 +00:00 · 2022-12-22 19:23:29 +00:00 · 6ffd42548b
commit 6ffd42548b
parent af644e02a1
11 changed files with 150 additions and 59 deletions
--- a/firmware/common/bootdata.c
+++ b/firmware/common/bootdata.c
@ -0,0 +1,74 @@
+/***************************************************************************
+ *             __________               __   ___.
+ *   Open      \______   \ ____   ____ |  | _\_ |__   _______  ___
+ *   Source     |       _//  _ \_/ ___\|  |/ /| __ \ /  _ \  \/  /
+ *   Jukebox    |    |   (  <_> )  \___|    < | \_\ (  <_> > <  <
+ *   Firmware   |____|_  /\____/ \___  >__|_ \|___  /\____/__/\_ \
+ *                     \/            \/     \/    \/            \/
+ *
+ * Copyright (C) 2022 by Aidan MacDonald
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ****************************************************************************/
+
+#include "bootdata.h"
+#include "crc32.h"
+#include <stddef.h>
+
+#ifdef BOOTLOADER
+# error "not to be included in bootloader builds"
+#endif
+
+bool boot_data_valid;
+
+static bool verify_boot_data_v0(void) INIT_ATTR;
+static bool verify_boot_data_v0(void)
+{
+    /* validate protocol version */
+    if (boot_data.version != 0)
+        return false;
+
+    /* validate length */
+    if (boot_data.length != 4)
+        return false;
+
+    return true;
+}
+
+struct verify_bd_entry
+{
+    int version;
+    bool (*verify) (void);
+};
+
+static const struct verify_bd_entry verify_bd[] INITDATA_ATTR = {
+    { 0, verify_boot_data_v0 },
+};
+
+void verify_boot_data(void)
+{
+    /* verify payload with checksum - all protocol versions */
+    uint32_t crc = crc_32(boot_data.payload, boot_data.length, 0xffffffff);
+    if (crc != boot_data.crc)
+        return;
+
+    /* apply verification specific to the protocol version */
+    for (size_t i = 0; i < ARRAYLEN(verify_bd); ++i)
+    {
+        const struct verify_bd_entry *e = &verify_bd[i];
+        if (e->version == boot_data.version)
+        {
+            if (e->verify())
+                boot_data_valid = true;
+
+            return;
+        }
+    }
+}