Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

B0 self lock before jump #20110

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

B0 self lock before jump #20110

wants to merge 1 commit into from
+60 −0

Conversation

michalek-no
Copy link
Contributor

@michalek-no michalek-no commented Jan 29, 2025
edited
Loading

Disables read and execute on memory containing NSIB
right before jumping to application.

@github-actions github-actions bot added the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Jan 29, 2025
@NordicBuilder
Copy link
Contributor

NordicBuilder commented Jan 29, 2025
edited
Loading

CI Information

To view the history of this post, clich the 'edited' button above
Build number: 8

Inputs:

Sources:

sdk-nrf: PR head: e12aa788d4cecaa28a9df2fbab070db7960a49ea

more details

sdk-nrf:

PR head: e12aa788d4cecaa28a9df2fbab070db7960a49ea
merge base: 436fd2f18f54ee032a18ab8693362de19310f8ff
target head (main): 571676740aacb35db0cc99ee67a5598820ed1c59
Diff

Github labels

Enabled Name Description
ci-disabled Disable the ci execution
ci-all-test Run all of ci, no test spec filtering will be done
ci-force-downstream Force execution of downstream even if twister fails
ci-run-twister Force run twister
ci-run-zephyr-twister Force run zephyr twister
List of changed files detected by CI (2) 
subsys
│  ├── bootloader
│  │  ├── Kconfig
│  │  ├── bl_boot
│  │  │  │ bl_boot.c

Outputs:

Toolchain

Version: 342151af73
Build docker image: docker-dtr.nordicsemi.no/sw-production/ncs-build:342151af73_912848a074

Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped; ⚠️ Quarantine

  • ◻️ Toolchain - Skipped: existing toolchain is used
  • ✅ Build twister
    • sdk-nrf test count: 539
  • ✅ Integration tests
    • ✅ test-fw-nrfconnect-boot
    • ✅ test-fw-nrfconnect-chip
    • ✅ test-fw-nrfconnect-tfm
    • ✅ test-fw-nrfconnect-zigbee
    • ✅ test-sdk-find-my
    • ✅ test-sdk-sidewalk
    • ✅ test-sdk-mcuboot
    • ⚠️ test-fw-nrfconnect-fw-update
    • ⚠️ test-fw-nrfconnect-nrf-iot_cloud
Disabled integration tests
    • desktop52_verification
    • doc-internal
    • test_ble_nrf_config
    • test-fw-nrfconnect-ble_mesh
    • test-fw-nrfconnect-ble_samples
    • test-fw-nrfconnect-fem
    • test-fw-nrfconnect-nfc
    • test-fw-nrfconnect-nrf-iot_lwm2m
    • test-fw-nrfconnect-nrf-iot_mosh
    • test-fw-nrfconnect-nrf-iot_positioning
    • test-fw-nrfconnect-nrf-iot_samples
    • test-fw-nrfconnect-nrf-iot_serial_lte_modem
    • test-fw-nrfconnect-nrf-iot_thingy91
    • test-fw-nrfconnect-nrf-iot_zephyr_lwm2m
    • test-fw-nrfconnect-nrf_crypto
    • test-fw-nrfconnect-ps
    • test-fw-nrfconnect-rpc
    • test-fw-nrfconnect-rs
    • test-fw-nrfconnect-thread
    • test-low-level
    • test-sdk-audio
    • test-sdk-dfu
    • test-sdk-pmic-samples
    • test-sdk-wifi
    • test-secdom-samples-public

Note: This message is automatically posted and updated by the CI

@NordicBuilder
Copy link
Contributor

You can find the documentation preview for this PR at this link.

Note: This comment is automatically posted by the Documentation Publish GitHub Action.

@michalek-no michalek-no force-pushed the mb-b0-self-lock branch 2 times, most recently from b064fa9 to 056c521 Compare January 30, 2025 08:17
@michalek-no michalek-no changed the title wip B0 self lock before jump B0 self lock before jump Jan 30, 2025
@michalek-no michalek-no marked this pull request as ready for review January 30, 2025 08:19
@michalek-no michalek-no requested review from a team as code owners January 30, 2025 08:19
@michalek-no michalek-no force-pushed the mb-b0-self-lock branch 2 times, most recently from 2abe768 to 60d24dd Compare January 30, 2025 08:26
@michalek-no
Copy link
Contributor Author

rebase

@michalek-no michalek-no force-pushed the mb-b0-self-lock branch 3 times, most recently from c1e69e4 to cf1c54a Compare January 30, 2025 09:40
@michalek-no
bootloader: self lock at the end of execution
e12aa78 
Disables read and execute on memory containing NSIB
right before jumping to application.

Signed-off-by: Mateusz Michalek <[email protected]>
nvlsianpu
nvlsianpu reviewed Jan 31, 2025
View reviewed changes
subsys/bootloader/bl_boot/bl_boot.c
:
: "r" (vector_table[1]), "i" (CONFIG_SRAM_BASE_ADDRESS),
"i" (CONFIG_SRAM_SIZE * 1024), "i" (0)
: "r0", "r1", "r2", "r3", "memory"
);
#elif defined(CONFIG_SB_DISABLE_SELF_R_X)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
#elif defined(CONFIG_SB_DISABLE_SELF_R_X)
#if defined(CONFIG_SB_DISABLE_SELF_R_X)

This option is not supposed to be an alternative to CONFIG_SB_CLEANUP_RAM.

subsys/bootloader/bl_boot/bl_boot.c
:
: "r" (vector_table[1]), "i" (CONFIG_SRAM_BASE_ADDRESS),
"i" (CONFIG_SRAM_SIZE * 1024), "i" (0)
: "r0", "r1", "r2", "r3", "memory"
);
#elif defined(CONFIG_SB_DISABLE_SELF_R_X)

relocate_bootconf_disable_r_x_and_jump()(vector_table[1]);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

strange syntax. Is that r0 might contain value of reset_vector, if not (vector_table[1]) does the job of populating r0?
I would rather create two alternatives of relocate_bootconf_disable_r_x_and_jump() function.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, that might be a problem since at the point of execution of the relocate_bootconf_disable_r_x_and_jump, the vector_table, which is not constant, has already been wiped.
I think the relocate_bootconf_disable_r_x_and_jump should combine both the cleanup and lock.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch.

nvlsianpu
nvlsianpu reviewed Jan 31, 2025
View reviewed changes
subsys/bootloader/bl_boot/bl_boot.c
);
}

static ram_fn_ptr relocate_bootconf_disable_r_x_and_jump(void)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how this function preserves r0 value?

de-nordic
de-nordic reviewed Jan 31, 2025
View reviewed changes
subsys/bootloader/bl_boot/bl_boot.c
@@ -174,13 +223,18 @@ void bl_boot(const struct fw_info *fw_info)
" b clear\n"
"out:\n"
" dsb\n"
#ifndef CONFIG_SB_DISABLE_SELF_R_X
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you disable the jump to vector, r0 is not needed here so the line 211 can be commented out and in line 233 the r0 does not have to be on list. I suspect that impact on size is not that great, but code will get uglier.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@de-nordic de-nordic de-nordic left review comments

@nvlsianpu nvlsianpu nvlsianpu left review comments

@fundakol fundakol Awaiting requested review from fundakol

@nordicjm nordicjm Awaiting requested review from nordicjm

@gchwier gchwier Awaiting requested review from gchwier

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@michalek-no @NordicBuilder @nvlsianpu @de-nordic