FWEO-1481 app_storage: Update init API to return a status

Author: jarevalo-ledger

include/app_storage.h

@@ -34,9 +34,12 @@
 #define APP_STORAGE_HEADER_STRUCT_VERSION 1
 
 ///< Error codes
+#define APP_STORAGE_SUCCESS               0   ///< No error
 #define APP_STORAGE_ERR_INVALID_ARGUMENT  -1  ///< Invalid argument
 #define APP_STORAGE_ERR_NO_DATA_AVAILABLE -2  ///< Address not available for reading
 #define APP_STORAGE_ERR_OVERFLOW          -3  ///< Value too large to be stored
+#define APP_STORAGE_ERR_INVALID_HEADER    -4  ///< Invalid storage header
+#define APP_STORAGE_ERR_CORRUPTED         -5  ///< App storage is corrupted
 
 /// Initial app data storage version
 #define APP_STORAGE_INITIAL_APP_DATA_VERSION 1

lib_standard_app/app_storage.c

@@ -30,28 +30,29 @@ CONST app_storage_t app_storage_real __attribute__((section(".storage_section"))
 /**
  * @brief checks if the app storage struct is initialized and valid
  */
-STATIC bool app_storage_is_initalized(void)
+STATIC int32_t app_storage_is_initalized(void)
 {
-    bool is_initialized = false;
+    int32_t status = APP_STORAGE_ERR_INVALID_ARGUMENT;
     if (memcmp((const void *) &app_storage.header.tag, APP_STORAGE_TAG, APP_STORAGE_TAG_LEN) == 0) {
-        is_initialized = true;
+        status = APP_STORAGE_SUCCESS;
     }
     else {
+        status = APP_STORAGE_ERR_INVALID_HEADER;
         goto error;
     }
 
     uint32_t crc = cx_crc32((void *) &app_storage.header,
                             sizeof(app_storage.header) + app_storage.header.size);
     if (crc != app_storage.crc) {
         // Invalid CRC, force reset
-        is_initialized = false;
+        status = APP_STORAGE_ERR_CORRUPTED;
     }
     else {
-        is_initialized = true;
+        status = APP_STORAGE_SUCCESS;
     }
 
 error:
-    return is_initialized;
+    return status;
 }
 
 static inline void update_crc(void)
@@ -87,13 +88,31 @@ static inline void system_header_reset(void)
  *  - sets initial size (0)
  *  - sets struct and data versions (1)
  *  - sets properties (from Makefile)
+ *
+ * @returns int32_t
+ *
+ * @retval APP_STORAGE_SUCCESS Application storage is successfully initialized.
+ * @retval APP_STORAGE_ERR_CORRUPTED Error, application storage is corrupted.
  */
-void app_storage_init(void)
+int32_t app_storage_init(void)
 {
-    if (app_storage_is_initalized()) {
-        return;
+    int32_t status = app_storage_is_initalized();
+    switch (status) {
+        case APP_STORAGE_ERR_INVALID_HEADER:
+            // Invalid tag or uninitialized storage, reset the HEADER
+            system_header_reset();
+            status = APP_STORAGE_SUCCESS;
+            break;
+        case APP_STORAGE_ERR_CORRUPTED:
+            system_header_reset();
+            break;
+        case APP_STORAGE_SUCCESS:
+        default:
+            // Return status as-is
+            break;
     }
-    system_header_reset();
+
+    return status;
 }
 
 /**

lib_standard_app/app_storage_internal.h

@@ -28,6 +28,15 @@ typedef struct app_storage_s {
     uint8_t              data[APP_STORAGE_SIZE];
 } app_storage_t;
 
-void app_storage_init(void);
+/**
+ * @brief initializes the application storage.
+ *
+ * @returns int32_t Initialization status.
+ *
+ * @retval APP_STORAGE_SUCCESS Application storage is successfully initialized.
+ * @retval APP_STORAGE_ERR_CORRUPTED Error, application storage is corrupted.
+ *
+ */
+int32_t app_storage_init(void);
 
 #endif /* HAVE_APP_STORAGE || HAVE_BOLOS */

unit-tests/app_storage/test_app_storage.c

@@ -79,7 +79,6 @@ _Static_assert(sizeof(app_storage_data_t) <= APP_STORAGE_SIZE,
 
 // app_storage.h private
 extern app_storage_t app_storage_real;
-bool                 app_storage_is_initalized(void);
 
 /* Local prototypes */
 static void test_write_read_from_empty(void **state __attribute__((unused)));
@@ -88,7 +87,7 @@ static void test_app_style_from_empty(void **state __attribute__((unused)));
 /* Functions */
 static int setup_from_empty(void **state)
 {
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
     return 0;
 }
 
@@ -101,23 +100,23 @@ static int teardown(void **state)
 static int setup_from_prepared(void **state)
 {
     /* Prepare storage */
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
     test_write_read_from_empty(state);
 
     /* Reinit storage */
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
 
     return 0;
 }
 
 static int setup_from_prepared_app_style(void **state)
 {
     /* Prepare storage */
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
     test_app_style_from_empty(state);
 
     /* Reinit storage */
-    app_storage_init();
+    assert_int_equal(app_storage_init(), APP_STORAGE_SUCCESS);
     return 0;
 }
 
@@ -135,50 +134,46 @@ static void test_getters_from_empty(void **state __attribute__((unused)))
 /* Test that corruption from empty storage is detected */
 static void test_corrupted_storage_from_empty(void **state __attribute__((unused)))
 {
-    assert_true(app_storage_is_initalized());
     // --- Simulate corrupted header
     app_storage_header_t header = app_storage_real.header;
     header.data_version += 1;
     // Change header with no CRC update
     nvm_write((void *) &app_storage_real.header, &header, sizeof(header));
     // Ensure invalid CRC
-    assert_false(app_storage_is_initalized());
+    assert_int_equal(app_storage_init(), APP_STORAGE_ERR_CORRUPTED);
 
     // --- Simulate corrupted data
     setup_from_empty(NULL);
-    assert_true(app_storage_is_initalized());
     uint8_t buf[20] = {0};
     memset(buf, 0xAA, sizeof(buf));
     assert_int_equal(app_storage_write(buf, sizeof(buf), 0), sizeof(buf));
     // Change data with no CRC update
     buf[sizeof(buf) - 1] = 0xAB;
     nvm_write((void *) &app_storage_real.data, buf, sizeof(buf));
     // Ensure invalid CRC
-    assert_false(app_storage_is_initalized());
+    assert_int_equal(app_storage_init(), APP_STORAGE_ERR_CORRUPTED);
 }
 
 /* Test that corruption from prepared storage is detected */
 static void test_corrupted_storage_from_prepared(void **state __attribute__((unused)))
 {
-    assert_true(app_storage_is_initalized());
     // --- Simulate corrupted header
     app_storage_header_t header = app_storage_real.header;
     header.data_version += 1;
     // Change header with no CRC update
     nvm_write((void *) &app_storage_real.header, &header, sizeof(header));
     // Ensure invalid CRC
-    assert_false(app_storage_is_initalized());
+    assert_int_equal(app_storage_init(), APP_STORAGE_ERR_CORRUPTED);
 
     // --- Simulate corrupted data
     setup_from_prepared(NULL);
-    assert_true(app_storage_is_initalized());
     uint8_t data[INITIAL_SIZE + ADDITIONALL_SIZE] = {0};
     app_storage_read(data, INITIAL_SIZE + ADDITIONALL_SIZE, 0);
     // Change data with no CRC update
     data[INITIAL_SIZE + ADDITIONALL_SIZE - 1]++;
     nvm_write((void *) &app_storage_real.data, data, INITIAL_SIZE + ADDITIONALL_SIZE);
     // Ensure invalid CRC
-    assert_false(app_storage_is_initalized());
+    assert_int_equal(app_storage_init(), APP_STORAGE_ERR_CORRUPTED);
 }
 
 /* Read error cases with initially empty storage */