Skip to content

Commit

Permalink
deprecate ImageHeader version and epoch
Browse files Browse the repository at this point in the history
  • Loading branch information
lzrd committed Sep 30, 2024
1 parent a50ba38 commit c11a051
Show file tree
Hide file tree
Showing 17 changed files with 319 additions and 132 deletions.
310 changes: 285 additions & 25 deletions Cargo.lock

Large diffs are not rendered by default.

12 changes: 3 additions & 9 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -120,20 +120,14 @@ zip = { version = "0.6", default-features = false, features = ["bzip2"] }
# Oxide forks and repos
attest-data = { git = "https://github.com/oxidecomputer/dice-util", default-features = false, version = "0.3.0" }
dice-mfg-msgs = { git = "https://github.com/oxidecomputer/dice-util", default-features = false, version = "0.2.1" }
#gateway-messages = { git = "https://github.com/oxidecomputer/management-gateway-service", default-features = false, features = ["smoltcp"] }
# XXX fix before push
gateway-messages = { path = "/home/stoltz/Oxide/src/mgs/epoch/gateway-messages", default-features = false, features = ["smoltcp"] }
gateway-messages = { git = "https://github.com/oxidecomputer/management-gateway-service", default-features = false, features = ["smoltcp"] }
gimlet-inspector-protocol = { git = "https://github.com/oxidecomputer/gimlet-inspector-protocol", version = "0.1.0" }
hif = { git = "https://github.com/oxidecomputer/hif", default-features = false }
humpty = { git = "https://github.com/oxidecomputer/humpty", default-features = false, version = "0.1.3" }
#hubtools = { git = "https://github.com/oxidecomputer/hubtools", default-features = false, version = "0.4.1" }
# XXX fix before push
# hubtools = { git = "https://github.com/oxidecomputer/hubtools", default-features = false, branch = "epoch", version = "0.4.7" }
hubtools = { path = "/home/stoltz/Oxide/src/hubtools/epoch/hubtools" }
hubtools = { git = "https://github.com/oxidecomputer/hubtools", default-features = false, version = "0.4.7" }
idol = { git = "https://github.com/oxidecomputer/idolatry.git", default-features = false }
idol-runtime = { git = "https://github.com/oxidecomputer/idolatry.git", default-features = false }
#lpc55_sign = { git = "https://github.com/oxidecomputer/lpc55_support", default-features = false }
lpc55_sign = { path = "/home/stoltz/Oxide/src/lpc55_support/lpc55_sign", default-features = false }
lpc55_sign = { git = "https://github.com/oxidecomputer/lpc55_support", default-features = false }
ordered-toml = { git = "https://github.com/oxidecomputer/ordered-toml", default-features = false }
pmbus = { git = "https://github.com/oxidecomputer/pmbus", default-features = false }
salty = { version = "0.3", default-features = false }
Expand Down
1 change: 0 additions & 1 deletion app/gimlet/base.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ chip = "../../chips/stm32h7"
memory = "memory-large.toml"
stacksize = 896
fwid = true
epoch = 0

[kernel]
name = "gimlet"
Expand Down
2 changes: 0 additions & 2 deletions app/gimletlet/base-gimletlet2.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,6 @@ target = "thumbv7em-none-eabihf"
chip = "../../chips/stm32h7"
memory = "memory-large.toml"
stacksize = 896
epoch = 0
version = 0
fwid = true

[kernel]
Expand Down
2 changes: 0 additions & 2 deletions app/grapefruit/app.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@ target = "thumbv7em-none-eabihf"
chip = "../../chips/stm32h7"
memory = "memory-large.toml"
stacksize = 896
epoch = 0
version = 0
fwid = true

[kernel]
Expand Down
2 changes: 0 additions & 2 deletions app/oxide-rot-1/app-dev.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@ board = "oxide-rot-1"
chip = "../../chips/lpc55"
stacksize = 1024
image-names = ["a", "b"]
epoch = 0
version = 0
fwid = true

[kernel]
Expand Down
2 changes: 0 additions & 2 deletions app/oxide-rot-1/app.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,6 @@ board = "oxide-rot-1"
chip = "../../chips/lpc55"
stacksize = 1024
image-names = ["a", "b"]
epoch = 0
version = 0
fwid = true

[kernel]
Expand Down
2 changes: 0 additions & 2 deletions app/rot-carrier/app.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@ board = "rot-carrier-2"
chip = "../../chips/lpc55"
stacksize = 1024
image-names = ["a", "b"]
epoch = 0
version = 0
fwid = true

[kernel]
Expand Down
13 changes: 0 additions & 13 deletions build/xtask/src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,6 @@ struct RawConfig {
board: String,
chip: String,
#[serde(default)]
epoch: u32,
#[serde(default)]
version: u32,
#[serde(default)]
fwid: bool,
memory: Option<String>,
#[serde(default)]
Expand All @@ -50,8 +46,6 @@ pub struct Config {
pub target: String,
pub board: String,
pub chip: String,
pub epoch: u32,
pub version: u32,
pub fwid: bool,
pub image_names: Vec<String>,
pub signing: Option<RoTMfgSettings>,
Expand Down Expand Up @@ -174,8 +168,6 @@ impl Config {
board: toml.board,
image_names: img_names,
chip: toml.chip,
epoch: toml.epoch,
version: toml.version,
fwid: toml.fwid,
signing: toml.signing,
stacksize: toml.stacksize,
Expand Down Expand Up @@ -254,11 +246,6 @@ impl Config {
let task_names =
self.tasks.keys().cloned().collect::<Vec<_>>().join(",");
env.insert("HUBRIS_TASKS".to_string(), task_names);
env.insert(
"HUBRIS_BUILD_VERSION".to_string(),
format!("{}", self.version),
);
env.insert("HUBRIS_BUILD_EPOCH".to_string(), format!("{}", self.epoch));
env.insert("HUBRIS_BOARD".to_string(), self.board.to_string());
env.insert(
"HUBRIS_APP_TOML".to_string(),
Expand Down
12 changes: 2 additions & 10 deletions build/xtask/src/dist.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1251,7 +1251,7 @@ fn build_kernel(
/// Returns true if the header was found and updated,
/// false otherwise.
fn update_image_header(
cfg: &PackageConfig,
_cfg: &PackageConfig,
input: &Path,
output: &Path,
map: &IndexMap<String, Range<u32>>,
Expand Down Expand Up @@ -1290,16 +1290,8 @@ fn update_image_header(
// `xtask build kernel`, we need a result from this calculation
// but `end` will be `None`. Substitute a placeholder:
let end = end.unwrap_or(flash.start);

let len = end - flash.start;

let header = abi::ImageHeader {
version: cfg.toml.version,
epoch: cfg.toml.epoch,
magic: abi::HEADER_MAGIC,
total_image_len: len,
..Default::default()
};
let header = abi::ImageHeader::new(len);

header
.write_to_prefix(
Expand Down
13 changes: 0 additions & 13 deletions drv/lpc55-update-server/build.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,6 @@
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at https://mozilla.org/MPL/2.0/.

use std::fs::File;
use std::io::Write;

fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
build_util::expose_target_board();
build_util::build_notifications()?;
Expand All @@ -18,15 +15,5 @@ fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
"server_stub.rs",
idol::server::ServerStyle::InOrder,
)?;

let out = build_util::out_dir();
let mut ver_file = File::create(out.join("consts.rs")).unwrap();

let version: u32 = build_util::env_var("HUBRIS_BUILD_VERSION")?.parse()?;
let epoch: u32 = build_util::env_var("HUBRIS_BUILD_EPOCH")?.parse()?;

writeln!(ver_file, "const HUBRIS_BUILD_VERSION: u32 = {};", version)?;
writeln!(ver_file, "const HUBRIS_BUILD_EPOCH: u32 = {};", epoch)?;

Ok(())
}
39 changes: 10 additions & 29 deletions drv/lpc55-update-server/src/images.rs
Original file line number Diff line number Diff line change
Expand Up @@ -185,7 +185,7 @@ impl TryFrom<&[u8]> for ImageVectorsLpc55 {
/// the end of optional caboose and the beginning of the signature block.
pub fn validate_header_block(
header_access: &ImageAccess<'_>,
) -> Result<(Option<Epoch>, u32), UpdateError> {
) -> Result<u32, UpdateError> {
let mut vectors = ImageVectorsLpc55::new_zeroed();
let mut header = ImageHeader::new_zeroed();

Expand All @@ -212,17 +212,14 @@ pub fn validate_header_block(
// Note that `ImageHeader.epoch` is used by rollback protection for early
// rejection of invalid images.
// TODO: Improve estimate of where the first executable instruction can be.
let (code_offset, epoch) = if header.magic == HEADER_MAGIC {
let code_offset = if header.magic == HEADER_MAGIC {
if header.total_image_len != vectors.nxp_offset_to_specific_header {
// ImageHeader disagrees with LPC55 vectors.
return Err(UpdateError::InvalidHeaderBlock);
}
(
IMAGE_HEADER_OFFSET + (core::mem::size_of::<ImageHeader>() as u32),
Some(Epoch::from(header.epoch)),
)
IMAGE_HEADER_OFFSET + (core::mem::size_of::<ImageHeader>() as u32)
} else {
(IMAGE_HEADER_OFFSET, None)
IMAGE_HEADER_OFFSET
};

if vectors.nxp_image_length as usize > header_access.at_runtime().len() {
Expand All @@ -249,7 +246,7 @@ pub fn validate_header_block(
return Err(UpdateError::InvalidHeaderBlock);
}

Ok((epoch, vectors.nxp_offset_to_specific_header))
Ok(vectors.nxp_offset_to_specific_header)
}

/// Get the range of the caboose contained within an image if it exists.
Expand All @@ -266,7 +263,7 @@ pub fn caboose_slice(
//
// In this context, NoImageHeader actually means that the image
// is not well formed.
let (_epoch, image_end_offset) = validate_header_block(image)
let image_end_offset = validate_header_block(image)
.map_err(|_| RawCabooseError::NoImageHeader)?;

// By construction, the last word of the caboose is its size as a `u32`
Expand Down Expand Up @@ -651,33 +648,17 @@ pub fn check_rollback_policy(
fn get_image_epoch(
image: &ImageAccess<'_>,
) -> Result<Option<Epoch>, UpdateError> {
let (header_epoch, _caboose_offset) = validate_header_block(image)?;

if let Ok(span) = caboose_slice(image) {
let mut block = [0u8; BLOCK_SIZE_BYTES];
let caboose = block[0..span.len()].as_bytes_mut();
image.read_bytes(span.start, caboose)?;
let reader = CabooseReader::new(caboose);
let caboose_epoch = if let Ok(epoc) = reader.get(CABOOSE_TAG_EPOC) {
Some(Epoch::from(epoc))
if let Ok(epoc) = reader.get(CABOOSE_TAG_EPOC) {
Ok(Some(Epoch::from(epoc)))
} else {
None
};
match (header_epoch, caboose_epoch) {
(None, None) => Ok(None),
(Some(header_epoch), None) => Ok(Some(header_epoch)),
(None, Some(caboose_epoch)) => Ok(Some(caboose_epoch)),
(Some(header_epoch), Some(caboose_epoch)) => {
if caboose_epoch == header_epoch {
Ok(Some(caboose_epoch))
} else {
// Epochs present in both and not matching is invalid.
// The image will be rejected after epoch 0.
Ok(Some(Epoch::from(0u32)))
}
}
Ok(None)
}
} else {
Ok(header_epoch)
Ok(None)
}
}
6 changes: 3 additions & 3 deletions drv/lpc55-update-server/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -289,13 +289,14 @@ impl idl::InOrderUpdateImpl for ServerImpl<'_> {

// TODO(AJS): Remove this in favor of `status`, once SP code is updated.
// This has ripple effects up through control-plane-agent.
/// Deprecated. The version and epoch are in the Caboose
fn current_version(
&mut self,
_: &RecvMessage,
) -> Result<ImageVersion, RequestError<Infallible>> {
Ok(ImageVersion {
epoch: HUBRIS_BUILD_EPOCH,
version: HUBRIS_BUILD_VERSION,
epoch: 0,
version: 0,
})
}

Expand Down Expand Up @@ -1312,7 +1313,6 @@ fn main() -> ! {
}
}

include!(concat!(env!("OUT_DIR"), "/consts.rs"));
include!(concat!(env!("OUT_DIR"), "/notifications.rs"));
mod idl {
use super::{
Expand Down
2 changes: 1 addition & 1 deletion drv/sprot-api/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -461,7 +461,7 @@ SpRot.status() => Status {
}
```
Update API, retrieve current version.
Update API, retrieve current version (deprecated)
This information is redundant with information in the Status structure.
```sh
$ humility hiffy -c SpRot.current_version
Expand Down
13 changes: 0 additions & 13 deletions drv/stm32h7-update-server/build.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,6 @@
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at https://mozilla.org/MPL/2.0/.

use std::fs::File;
use std::io::Write;

fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
build_util::build_notifications()?;
idol::Generator::new()
Expand All @@ -16,15 +13,5 @@ fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
"server_stub.rs",
idol::server::ServerStyle::InOrder,
)?;

let out = build_util::out_dir();
let mut ver_file = File::create(out.join("consts.rs")).unwrap();

let version: u32 = build_util::env_var("HUBRIS_BUILD_VERSION")?.parse()?;
let epoch: u32 = build_util::env_var("HUBRIS_BUILD_EPOCH")?.parse()?;

writeln!(ver_file, "const HUBRIS_BUILD_VERSION: u32 = {};", version)?;
writeln!(ver_file, "const HUBRIS_BUILD_EPOCH: u32 = {};", epoch)?;

Ok(())
}
6 changes: 3 additions & 3 deletions drv/stm32h7-update-server/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -416,13 +416,14 @@ impl idl::InOrderUpdateImpl for ServerImpl<'_> {
Ok(BLOCK_SIZE_BYTES)
}

/// Deprecated. The version and epoch values are in the Caboose.
fn current_version(
&mut self,
_: &RecvMessage,
) -> Result<ImageVersion, RequestError<Infallible>> {
Ok(ImageVersion {
epoch: HUBRIS_BUILD_EPOCH,
version: HUBRIS_BUILD_VERSION,
epoch: 0,
version: 0,
})
}

Expand Down Expand Up @@ -569,7 +570,6 @@ fn main() -> ! {
}
}

include!(concat!(env!("OUT_DIR"), "/consts.rs"));
mod idl {
use super::{CabooseError, ImageVersion, SlotId};

Expand Down
14 changes: 12 additions & 2 deletions sys/abi/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -521,8 +521,18 @@ pub struct ImageHeader {
pub magic: u32,
pub total_image_len: u32,
pub _pad: [u32; 16], // previous location of SAU entries
pub version: u32,
pub epoch: u32,
pub _version: u32,
pub _epoch: u32,
}

impl ImageHeader {
pub fn new(total_image_len: u32) -> Self {
ImageHeader {
magic: HEADER_MAGIC,
total_image_len,
..Default::default()
}
}
}

// Corresponds to the ARM vector table, limited to what we need
Expand Down

0 comments on commit c11a051

Please sign in to comment.