rustBoot is a standalone bootloader written entirely in `Rust`, designed to run on anything from a microcontroller to a system on chip. It can be used to boot into bare-metal firmware or Linux.
MIT License
214
stars
21
forks
source link
Disable the defmt feature in the BootInSuccessState #81
This PR addresses critical issues in rustBoot related to the improper handling of the integrity and authenticity checks, which allowed compromised firmware to run without proper validation
panic() Function Behavior: The panic() function, intended to halt the system if all boot options are exhausted or an emergency update fails, was not triggering due to a condition related to the defmt feature. This allowed execution to continue outside of the match statement, leading to BootInSuccessState being executed each time. This has been resolved, ensuring the system halts as expected when a critical failure occurs, preventing compromised firmware from running.
nihalpasham
commented
2 months ago
This PR addresses critical issues in rustBoot related to the improper handling of the integrity and authenticity checks, which allowed compromised firmware to run without proper validation
panic()Function Behavior: Thepanic()function, intended to halt the system if all boot options are exhausted or an emergency update fails, was not triggering due to a condition related to thedefmtfeature. This allowed execution to continue outside of the match statement, leading to BootInSuccessState being executed each time. This has been resolved, ensuring the system halts as expected when a critical failure occurs, preventing compromised firmware from running.Fixes: #79