FWEO-1481 app_storage: Update init API to return a status

jarevalo-ledger · jarevalo-ledger · commit 47c70f7eeb1f · 2025-09-01T16:05:04.000+02:00
diff --git a/include/app_storage.h b/include/app_storage.h
@@ -34,9 +34,12 @@
 #define APP_STORAGE_HEADER_STRUCT_VERSION 1
 
 ///< Error codes
+#define APP_STORAGE_SUCCESS               0   ///< No error
 #define APP_STORAGE_ERR_INVALID_ARGUMENT  -1  ///< Invalid argument
 #define APP_STORAGE_ERR_NO_DATA_AVAILABLE -2  ///< Address not available for reading
 #define APP_STORAGE_ERR_OVERFLOW          -3  ///< Value too large to be stored
+#define APP_STORAGE_ERR_INVALID_HEADER    -4  ///< Invalid storage header
+#define APP_STORAGE_ERR_CORRUPTED         -4  ///< App storage is corrupted
 
 /// Initial app data storage version
 #define APP_STORAGE_INITIAL_APP_DATA_VERSION 1
diff --git a/lib_standard_app/app_storage.c b/lib_standard_app/app_storage.c
@@ -30,28 +30,29 @@ CONST app_storage_t app_storage_real __attribute__((section(".storage_section"))
 /**
  * @brief checks if the app storage struct is initialized and valid
  */
-STATIC bool app_storage_is_initalized(void)
+STATIC int32_t app_storage_is_initalized(void)
 {
-    bool is_initialized = false;
+    int32_t status = APP_STORAGE_ERR_INVALID_ARGUMENT;
     if (memcmp((const void *) &app_storage.header.tag, APP_STORAGE_TAG, APP_STORAGE_TAG_LEN) == 0) {
-        is_initialized = true;
+        status = APP_STORAGE_SUCCESS;
     }
     else {
+        status = APP_STORAGE_ERR_INVALID_HEADER;
         goto error;
     }
 
     uint32_t crc = cx_crc32((void *) &app_storage.header,
                             sizeof(app_storage.header) + app_storage.header.size);
     if (crc != app_storage.crc) {
         // Invalid CRC, force reset
-        is_initialized = false;
+        status = APP_STORAGE_ERR_CORRUPTED;
     }
     else {
-        is_initialized = true;
+        status = APP_STORAGE_SUCCESS;
     }
 
 error:
-    return is_initialized;
+    return status;
 }
 
 static inline void update_crc(void)
@@ -87,13 +88,24 @@ static inline void system_header_reset(void)
  *  - sets initial size (0)
  *  - sets struct and data versions (1)
  *  - sets properties (from Makefile)
+ *
+ * @returns int32_t
+ *
+ * @retval APP_STORAGE_SUCCESS Application storage is successfully initialized.
+ * @retval APP_STORAGE_ERR_CORRUPTED Erroc, application storage is corrupted.
  */
-void app_storage_init(void)
+int32_t app_storage_init(void)
 {
-    if (app_storage_is_initalized()) {
-        return;
+    int32_t status = app_storage_is_initalized();
+    if (status == APP_STORAGE_SUCCESS) {
+        goto exit;
     }
+
     system_header_reset();
+    status = status == APP_STORAGE_ERR_INVALID_HEADER ? APP_STORAGE_SUCCESS : status;
+
+exit:
+    return status;
 }
 
 /**
diff --git a/lib_standard_app/app_storage_internal.h b/lib_standard_app/app_storage_internal.h
@@ -28,6 +28,15 @@ typedef struct app_storage_s {
     uint8_t              data[APP_STORAGE_SIZE];
 } app_storage_t;
 
-void app_storage_init(void);
+/**
+ * @brief initializes the application storage.
+ *
+ * @returns int32_t Initialization status.
+ *
+ * @retval APP_STORAGE_SUCCESS Application storage is successfully initialized.
+ * @retval APP_STORAGE_ERR_CORRUPTED Erroc, application storage is corrupted.
+ *
+ */
+int32_t app_storage_init(void);
 
 #endif /* HAVE_APP_STORAGE || HAVE_BOLOS */
diff --git a/unit-tests/app_storage/test_app_storage.c b/unit-tests/app_storage/test_app_storage.c
@@ -79,7 +79,7 @@ _Static_assert(sizeof(app_storage_data_t) <= APP_STORAGE_SIZE,
 
 // app_storage.h private
 extern app_storage_t app_storage_real;
-bool                 app_storage_is_initalized(void);
+int32_t              app_storage_is_initalized(void);
 
 /* Local prototypes */
 static void test_write_read_from_empty(void **state __attribute__((unused)));
@@ -88,7 +88,7 @@ static void test_app_style_from_empty(void **state __attribute__((unused)));
 /* Functions */
 static int setup_from_empty(void **state)
 {
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
     return 0;
 }
 
@@ -101,23 +101,23 @@ static int teardown(void **state)
 static int setup_from_prepared(void **state)
 {
     /* Prepare storage */
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
     test_write_read_from_empty(state);
 
     /* Reinit storage */
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
 
     return 0;
 }
 
 static int setup_from_prepared_app_style(void **state)
 {
     /* Prepare storage */
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
     test_app_style_from_empty(state);
 
     /* Reinit storage */
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
     return 0;
 }
 
@@ -135,50 +135,46 @@ static void test_getters_from_empty(void **state __attribute__((unused)))
 /* Test that corruption from empty storage is detected */
 static void test_corrupted_storage_from_empty(void **state __attribute__((unused)))
 {
-    assert_true(app_storage_is_initalized());
     // --- Simulate corrupted header
     app_storage_header_t header = app_storage_real.header;
     header.data_version += 1;
     // Change header with no CRC update
     nvm_write((void *) &app_storage_real.header, &header, sizeof(header));
     // Ensure invalid CRC
-    assert_false(app_storage_is_initalized());
+    assert_int_equal(app_storage_is_initalized(), APP_STORAGE_ERR_CORRUPTED);
 
     // --- Simulate corrupted data
     setup_from_empty(NULL);
-    assert_true(app_storage_is_initalized());
     uint8_t buf[20] = {0};
     memset(buf, 0xAA, sizeof(buf));
     assert_int_equal(app_storage_write(buf, sizeof(buf), 0), sizeof(buf));
     // Change data with no CRC update
     buf[sizeof(buf) - 1] = 0xAB;
     nvm_write((void *) &app_storage_real.data, buf, sizeof(buf));
     // Ensure invalid CRC
-    assert_false(app_storage_is_initalized());
+    assert_int_equal(app_storage_is_initalized(), APP_STORAGE_ERR_CORRUPTED);
 }
 
 /* Test that corruption from prepared storage is detected */
 static void test_corrupted_storage_from_prepared(void **state __attribute__((unused)))
 {
-    assert_true(app_storage_is_initalized());
     // --- Simulate corrupted header
     app_storage_header_t header = app_storage_real.header;
     header.data_version += 1;
     // Change header with no CRC update
     nvm_write((void *) &app_storage_real.header, &header, sizeof(header));
     // Ensure invalid CRC
-    assert_false(app_storage_is_initalized());
+    assert_int_equal(app_storage_is_initalized(), APP_STORAGE_ERR_CORRUPTED);
 
     // --- Simulate corrupted data
     setup_from_prepared(NULL);
-    assert_true(app_storage_is_initalized());
     uint8_t data[INITIAL_SIZE + ADDITIONALL_SIZE] = {0};
     app_storage_read(data, INITIAL_SIZE + ADDITIONALL_SIZE, 0);
     // Change data with no CRC update
     data[INITIAL_SIZE + ADDITIONALL_SIZE - 1]++;
     nvm_write((void *) &app_storage_real.data, data, INITIAL_SIZE + ADDITIONALL_SIZE);
     // Ensure invalid CRC
-    assert_false(app_storage_is_initalized());
+    assert_int_equal(app_storage_is_initalized(), APP_STORAGE_ERR_CORRUPTED);
 }
 
 /* Read error cases with initially empty storage */
