2017-01-07 02:16:53 +08:00
|
|
|
CONFIG_CONSOLE_HANDLER=y
|
|
|
|
CONFIG_DEBUG=y
|
2017-02-28 10:00:31 +08:00
|
|
|
CONFIG_SYSTEM_CLOCK_DISABLE=y
|
2018-06-15 18:42:26 +08:00
|
|
|
CONFIG_SYS_POWER_MANAGEMENT=n
|
2017-01-07 02:16:53 +08:00
|
|
|
|
|
|
|
CONFIG_MAIN_STACK_SIZE=10240
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
CONFIG_MBEDTLS_CFG_FILE="mcuboot-mbedtls-cfg.h"
|
2017-01-07 02:16:53 +08:00
|
|
|
|
2019-12-20 18:06:04 +08:00
|
|
|
CONFIG_BOOT_SWAP_SAVE_ENCTLV=n
|
2018-08-31 18:41:50 +08:00
|
|
|
CONFIG_BOOT_ENCRYPT_RSA=n
|
2019-11-05 18:54:41 +08:00
|
|
|
CONFIG_BOOT_ENCRYPT_EC256=n
|
2020-04-03 00:25:01 +08:00
|
|
|
CONFIG_BOOT_ENCRYPT_X25519=n
|
2018-08-31 18:41:50 +08:00
|
|
|
|
2019-11-28 21:30:01 +08:00
|
|
|
CONFIG_BOOT_UPGRADE_ONLY=n
|
2018-12-19 17:56:33 +08:00
|
|
|
CONFIG_BOOT_BOOTSTRAP=n
|
|
|
|
|
2017-10-20 06:45:09 +08:00
|
|
|
### mbedTLS has its own heap
|
|
|
|
# CONFIG_HEAP_MEM_POOL_SIZE is not set
|
2017-01-07 02:16:53 +08:00
|
|
|
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
### We never want Zephyr's copy of tinycrypt. If tinycrypt is needed,
|
|
|
|
### MCUboot has its own copy in tree.
|
|
|
|
# CONFIG_TINYCRYPT is not set
|
|
|
|
# CONFIG_TINYCRYPT_ECC_DSA is not set
|
|
|
|
# CONFIG_TINYCRYPT_SHA256 is not set
|
|
|
|
|
2017-01-07 02:16:53 +08:00
|
|
|
CONFIG_FLASH=y
|
2017-01-18 21:34:47 +08:00
|
|
|
|
2018-09-06 02:54:06 +08:00
|
|
|
### Various Zephyr boards enable features that we don't want.
|
2017-08-31 06:39:07 +08:00
|
|
|
# CONFIG_BT is not set
|
2018-09-06 02:54:06 +08:00
|
|
|
# CONFIG_BT_CTLR is not set
|
2017-08-31 06:39:07 +08:00
|
|
|
# CONFIG_I2C is not set
|
2019-02-02 03:19:47 +08:00
|
|
|
|
2019-04-09 04:48:15 +08:00
|
|
|
CONFIG_LOG=y
|
2019-02-02 03:19:47 +08:00
|
|
|
### Ensure Zephyr logging changes don't use more resources
|
|
|
|
CONFIG_LOG_DEFAULT_LEVEL=0
|
2020-10-06 01:21:04 +08:00
|
|
|
|
|
|
|
CONFIG_HW_STACK_PROTECTION=n
|