From c51c49588b72fd7e25e1e504ec613114167a8652 Mon Sep 17 00:00:00 2001 From: GroM Date: Wed, 8 Jan 2025 15:29:41 +0100 Subject: [PATCH 1/7] Pin code management: when device is locked, returned 0x5515 error --- ledger_device_sdk/src/io.rs | 8 ++++++++ ledger_device_sdk/src/ui/gadgets.rs | 6 +----- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/ledger_device_sdk/src/io.rs b/ledger_device_sdk/src/io.rs index a187bc7e..63e1d368 100644 --- a/ledger_device_sdk/src/io.rs +++ b/ledger_device_sdk/src/io.rs @@ -432,6 +432,14 @@ impl Comm { } if unsafe { G_io_app.apdu_state } != APDU_IDLE && unsafe { G_io_app.apdu_length } > 0 { + unsafe { + if os_perso_is_pin_set() == BOLOS_TRUE.try_into().unwrap() + && os_global_pin_is_validated() != BOLOS_TRUE.try_into().unwrap() + { + self.reply(StatusWords::DeviceLocked); + return None; + } + } self.rx = unsafe { G_io_app.apdu_length as usize }; self.event_pending = true; return self.check_event(); diff --git a/ledger_device_sdk/src/ui/gadgets.rs b/ledger_device_sdk/src/ui/gadgets.rs index f2de19d7..236d2879 100644 --- a/ledger_device_sdk/src/ui/gadgets.rs +++ b/ledger_device_sdk/src/ui/gadgets.rs @@ -608,11 +608,7 @@ impl<'a> MultiPageMenu<'a> { io::Event::Ticker => { if UxEvent::Event.request() != BOLOS_UX_OK { // pin lock management - let (_res, ins) = UxEvent::block_and_get_event::(self.comm); - if let Some(_e) = ins { - self.comm - .reply::(io::StatusWords::DeviceLocked); - } + UxEvent::block_and_get_event::(self.comm); // notify Ticker event only when redisplay is required return EventOrPageIndex::Event(io::Event::Ticker); } From e85f931a0a7bb651eb6570020f98a28b774c0fe3 Mon Sep 17 00:00:00 2001 From: GroM Date: Wed, 8 Jan 2025 16:40:05 +0100 Subject: [PATCH 2/7] Update build all apps workflow --- .github/workflows/build_all_apps.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build_all_apps.yml b/.github/workflows/build_all_apps.yml index 63073567..87183174 100644 --- a/.github/workflows/build_all_apps.yml +++ b/.github/workflows/build_all_apps.yml @@ -91,6 +91,17 @@ jobs: echo "path=$path" >> $cargo_toml_path echo "Patch added to Cargo.toml" fi + # Patch include_gif + if grep -Fxq "[patch.crates-io.include_gif]" $cargo_toml_path; then + echo "The patch already exists in the file." + exit 1 + else + echo "" >> $cargo_toml_path + echo "[patch.crates-io.include_gif]" >> $cargo_toml_path + path=\"$GITHUB_WORKSPACE/sdk/include_gif\" + echo "path=$path" >> $cargo_toml_path + echo "Patch added to Cargo.toml" + fi - name: Build run: | @@ -100,8 +111,9 @@ jobs: cd $build_directory for device in $devices; do # Required as patch has a different version from what is locked in Cargo.lock - cargo +$RUST_NIGHTLY update ledger_device_sdk + cargo +$RUST_NIGHTLY update include_gif cargo +$RUST_NIGHTLY update ledger_secure_sdk_sys + cargo +$RUST_NIGHTLY update ledger_device_sdk echo "Build for "$device cargo ledger build $device done From c8d5062e8571e026a8367637457a6ec7dfa2b263 Mon Sep 17 00:00:00 2001 From: GroM Date: Wed, 8 Jan 2025 16:50:39 +0100 Subject: [PATCH 3/7] Remove nanos from CI tests --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index afba35fe..7791c5e7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ jobs: image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest strategy: matrix: - target: ["nanos", "nanox", "nanosplus", "stax", "flex"] + target: ["nanox", "nanosplus", "stax", "flex"] package: [include_gif, testmacro, ledger_secure_sdk_sys, ledger_device_sdk] steps: - name: Print Environment variables @@ -66,7 +66,7 @@ jobs: image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest strategy: matrix: - target: ["nanos", "nanox", "nanosplus", "stax", "flex"] + target: ["nanox", "nanosplus", "stax", "flex"] steps: - name: Clone uses: actions/checkout@v4 @@ -95,7 +95,7 @@ jobs: image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest strategy: matrix: - target: ["nanos", "nanox", "nanosplus", "stax", "flex"] + target: ["nanox", "nanosplus", "stax", "flex"] steps: - name: Clone uses: actions/checkout@v4 From 58b6c20cdfc29745a088ea7ba688d00016043eb6 Mon Sep 17 00:00:00 2001 From: GroM Date: Wed, 8 Jan 2025 17:02:03 +0100 Subject: [PATCH 4/7] Exclude Nano S for pin management --- ledger_device_sdk/src/io.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/ledger_device_sdk/src/io.rs b/ledger_device_sdk/src/io.rs index 63e1d368..f689a7b4 100644 --- a/ledger_device_sdk/src/io.rs +++ b/ledger_device_sdk/src/io.rs @@ -432,6 +432,7 @@ impl Comm { } if unsafe { G_io_app.apdu_state } != APDU_IDLE && unsafe { G_io_app.apdu_length } > 0 { + #[cfg(not(any(target_os = "nanos")))] unsafe { if os_perso_is_pin_set() == BOLOS_TRUE.try_into().unwrap() && os_global_pin_is_validated() != BOLOS_TRUE.try_into().unwrap() From 83573d87ae6f7180d5cfd77ddb1c92ebb1dbbfb4 Mon Sep 17 00:00:00 2001 From: GroM Date: Wed, 8 Jan 2025 17:09:47 +0100 Subject: [PATCH 5/7] Revert remove Nano S (should be done in another PR --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7791c5e7..afba35fe 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ jobs: image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest strategy: matrix: - target: ["nanox", "nanosplus", "stax", "flex"] + target: ["nanos", "nanox", "nanosplus", "stax", "flex"] package: [include_gif, testmacro, ledger_secure_sdk_sys, ledger_device_sdk] steps: - name: Print Environment variables @@ -66,7 +66,7 @@ jobs: image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest strategy: matrix: - target: ["nanox", "nanosplus", "stax", "flex"] + target: ["nanos", "nanox", "nanosplus", "stax", "flex"] steps: - name: Clone uses: actions/checkout@v4 @@ -95,7 +95,7 @@ jobs: image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest strategy: matrix: - target: ["nanox", "nanosplus", "stax", "flex"] + target: ["nanos", "nanox", "nanosplus", "stax", "flex"] steps: - name: Clone uses: actions/checkout@v4 From ec33697cf4e33a141dd9cc0cad0ec688f10cc5f5 Mon Sep 17 00:00:00 2001 From: GroM Date: Thu, 9 Jan 2025 15:52:58 +0100 Subject: [PATCH 6/7] Implement heartbeat function in sys crate --- ledger_secure_sdk_sys/src/seph.rs | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/ledger_secure_sdk_sys/src/seph.rs b/ledger_secure_sdk_sys/src/seph.rs index b6ed8e75..0a83fcb1 100644 --- a/ledger_secure_sdk_sys/src/seph.rs +++ b/ledger_secure_sdk_sys/src/seph.rs @@ -34,6 +34,17 @@ pub fn send_general_status() { } } +/// Function to ensure a I/O channel is not timeouting waiting +/// for operations after a long time without SEPH packet exchanges +pub fn heartbeat() { + send_general_status(); + let mut spi_buffer = [0u8; 128]; + seph_recv(&mut spi_buffer, 0); + while is_status_sent() { + seph_recv(&mut spi_buffer, 0); + } +} + #[repr(u8)] pub enum SephTags { ScreenDisplayStatus = SEPROXYHAL_TAG_SCREEN_DISPLAY_STATUS as u8, From ba1211492e639b3067f358b2d38757992ddd4a45 Mon Sep 17 00:00:00 2001 From: GroM Date: Wed, 22 Jan 2025 08:22:26 +0100 Subject: [PATCH 7/7] Bump versions --- Cargo.lock | 4 ++-- ledger_device_sdk/Cargo.toml | 2 +- ledger_secure_sdk_sys/Cargo.toml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1e65fdd0..fe3de21f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -474,7 +474,7 @@ checksum = "03087c2bad5e1034e8cace5926dec053fb3790248370865f5117a7d0213354c8" [[package]] name = "ledger_device_sdk" -version = "1.19.4" +version = "1.19.5" dependencies = [ "const-zero", "include_gif", @@ -489,7 +489,7 @@ dependencies = [ [[package]] name = "ledger_secure_sdk_sys" -version = "1.6.1" +version = "1.6.2" dependencies = [ "bindgen", "cc", diff --git a/ledger_device_sdk/Cargo.toml b/ledger_device_sdk/Cargo.toml index 328cd0e7..508b09a2 100644 --- a/ledger_device_sdk/Cargo.toml +++ b/ledger_device_sdk/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "ledger_device_sdk" -version = "1.19.4" +version = "1.19.5" authors = ["yhql", "yogh333", "agrojean-ledger", "kingofpayne"] edition = "2021" license.workspace = true diff --git a/ledger_secure_sdk_sys/Cargo.toml b/ledger_secure_sdk_sys/Cargo.toml index 378e37a8..29a673e8 100644 --- a/ledger_secure_sdk_sys/Cargo.toml +++ b/ledger_secure_sdk_sys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "ledger_secure_sdk_sys" -version = "1.6.1" +version = "1.6.2" authors = ["yhql", "agrojean-ledger", "yogh333"] edition = "2021" license.workspace = true