Skip to content

Extend mitigations against glitch injections#816

Merged
dgarske merged 3 commits into
wolfSSL:masterfrom
danielinux:hardening-fixes
Jul 2, 2026
Merged

Extend mitigations against glitch injections#816
dgarske merged 3 commits into
wolfSSL:masterfrom
danielinux:hardening-fixes

Conversation

@danielinux

Copy link
Copy Markdown
Member

zd22067

Copilot AI review requested due to automatic review settings July 2, 2026 18:16
@danielinux danielinux self-assigned this Jul 2, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR extends wolfBoot’s fault-injection/glitch hardening by adding redundant constant-time comparisons for critical hash checks and by hardening the firmware entry-point (“fw_base”) value used for the final boot jump.

Changes:

  • Replace selected image_CT_compare() call sites with a new wolfBoot_hardened_CT_compare() that repeats the comparison to resist single-fault instruction skips.
  • Introduce wolfBoot_image_set_fw_base() to record fw_base alongside its complement, and add FW_BASE_SANITY_CHECK() immediately before do_boot().
  • Update image-opening/entry-setting paths to use the new wolfBoot_image_set_fw_base() helper.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File Description
src/update_flash.c Uses hardened compare for delta base hash checks; uses wolfBoot_image_set_fw_base() and adds FW_BASE_SANITY_CHECK() before do_boot().
src/image.c Adds wolfBoot_hardened_CT_compare() and uses it for ELF scattered-image digest verification.
include/image.h Adds not_fw_base, introduces wolfBoot_image_set_fw_base(), and defines FW_BASE_SANITY_CHECK() (no-op on non-armored builds).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/image.c Outdated
Comment thread include/image.h Outdated

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #816

Scan targets checked: wolfboot-bugs, wolfboot-src

No new issues found in the changed files. ✅

@danielinux danielinux assigned dgarske and unassigned danielinux Jul 2, 2026
@danielinux danielinux requested a review from dgarske July 2, 2026 19:06
@dgarske dgarske merged commit e81761e into wolfSSL:master Jul 2, 2026
389 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants