1 /*
2 * SPDX-License-Identifier: Apache-2.0
3 *
4 * Copyright (c) 2019 JUUL Labs
5 *
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 */
18
19 #ifndef H_SWAP_PRIV_
20 #define H_SWAP_PRIV_
21
22 #include "mcuboot_config/mcuboot_config.h"
23
24 #if defined(MCUBOOT_SWAP_USING_SCRATCH) || defined(MCUBOOT_SWAP_USING_MOVE)
25
26 /**
27 * Calculates the amount of space required to store the trailer, and erases
28 * all sectors required for this storage in the given flash_area.
29 */
30 int swap_erase_trailer_sectors(const struct boot_loader_state *state,
31 const struct flash_area *fap);
32
33 /**
34 * Initialize the given flash_area with the metadata required to start a new
35 * swap upgrade.
36 */
37 int swap_status_init(const struct boot_loader_state *state,
38 const struct flash_area *fap,
39 const struct boot_status *bs);
40
41 /**
42 * Tries to locate an interrupted swap status (metadata). If not metadata
43 * was found returns BOOT_STATUS_SOURCE_NONE.
44 *
45 * Must return one of:
46 * - BOOT_STATUS_SOURCE_NONE
47 * - BOOT_STATUS_SOURCE_SCRATCH
48 * - BOOT_STATUS_SOURCE_PRIMARY_SLOT
49 */
50 int swap_status_source(struct boot_loader_state *state);
51
52 /**
53 * Reads the boot status from the flash. The boot status contains
54 * the current state of an interrupted image copy operation. If the boot
55 * status is not present, or it indicates that previous copy finished,
56 * there is no operation in progress.
57 */
58 int swap_read_status(struct boot_loader_state *state, struct boot_status *bs);
59
60 /**
61 * Iterate over the swap status bytes in the given flash_area and populate
62 * the given boot_status with the calculated index where a swap upgrade was
63 * interrupted.
64 */
65 int swap_read_status_bytes(const struct flash_area *fap,
66 struct boot_loader_state *state,
67 struct boot_status *bs);
68
69 /**
70 * Marks the image in the primary slot as fully copied.
71 */
72 int swap_set_copy_done(uint8_t image_index);
73
74 /**
75 * Marks a reverted image in the primary slot as confirmed. This is necessary to
76 * ensure the status bytes from the image revert operation don't get processed
77 * on a subsequent boot.
78 *
79 * NOTE: image_ok is tested before writing because if there's a valid permanent
80 * image installed on the primary slot and the new image to be upgrade to has a
81 * bad sig, image_ok would be overwritten.
82 */
83 int swap_set_image_ok(uint8_t image_index);
84
85 /**
86 * Start a new or resume an interrupted swap according to the parameters
87 * found in the given boot_status.
88 */
89 void swap_run(struct boot_loader_state *state,
90 struct boot_status *bs,
91 uint32_t copy_size);
92
93 #if MCUBOOT_SWAP_USING_SCRATCH
94 #define BOOT_SCRATCH_AREA(state) ((state)->scratch.area)
95
boot_scratch_area_size(const struct boot_loader_state * state)96 static inline size_t boot_scratch_area_size(const struct boot_loader_state *state)
97 {
98 return flash_area_get_size(BOOT_SCRATCH_AREA(state));
99 }
100 #endif
101
102 #endif /* defined(MCUBOOT_SWAP_USING_SCRATCH) || defined(MCUBOOT_SWAP_USING_MOVE) */
103
104 /**
105 * Returns the maximum size of an application that can be loaded to a slot.
106 */
107 int app_max_size(struct boot_loader_state *state);
108
109 #endif /* H_SWAP_PRIV_ */
110
