2017-07-06 03:36:37 +08:00
|
|
|
###########################################################################
|
|
|
|
# Sample multi-part application Makefile
|
|
|
|
#
|
|
|
|
# Copyright (c) 2017 Linaro Limited
|
2017-11-14 08:43:46 +08:00
|
|
|
# Copyright (c) 2017 Open Source Foundries Limited
|
2017-07-06 03:36:37 +08:00
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
###########################################################################
|
|
|
|
|
|
|
|
# This is an example Makefile to demonstrate how to use mcuboot to
|
|
|
|
# deploy and upgrade images. The image building should work on any
|
|
|
|
# supported target, however flashing will likely require changes to
|
|
|
|
# the flash addresses, depending on the partition layout of the device
|
|
|
|
# in question.
|
|
|
|
#
|
|
|
|
# running
|
2017-08-02 03:09:44 +08:00
|
|
|
#
|
2017-07-06 03:36:37 +08:00
|
|
|
# make BOARD=frdm_k64f all
|
|
|
|
#
|
|
|
|
# should generate three "*.bin" files in this directory:
|
|
|
|
#
|
|
|
|
# mcuboot.bin: The bootloader itself
|
|
|
|
# signed-hello1.bin: A signed sample.
|
|
|
|
# signed-hello2.bin: An upgrade image, signed and marked for
|
|
|
|
# upgrade.
|
|
|
|
#
|
|
|
|
# "make flash_boot" should flash the bootloader into the flash,
|
|
|
|
# erasing the rest of the device. If you examine the device at this
|
|
|
|
# time, you should see a message about the bootloader not being able
|
|
|
|
# to find a bootable image.
|
|
|
|
#
|
2019-02-18 18:50:22 +08:00
|
|
|
# "make flash_hello1" will then flash the first application into the
|
|
|
|
# "primary slot". This should boot into this app, print a small message, and
|
2017-07-06 03:36:37 +08:00
|
|
|
# give the zephyr console.
|
|
|
|
#
|
2019-02-18 18:50:22 +08:00
|
|
|
# "make flash_hello2" will flash hello2 into the "secondary slot". The
|
2017-07-06 03:36:37 +08:00
|
|
|
# reset should upgrade and run the new image. Resetting again should
|
|
|
|
# then revert back to the first app, since we did not mark this image
|
|
|
|
# as good.
|
|
|
|
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
# Extra .conf fragments to merge into the MCUboot .config, as a
|
|
|
|
# semicolon-separated list (i.e., a CMake list).
|
|
|
|
BOOTLOADER_OVERLAY_CONFIG ?=
|
|
|
|
|
2017-11-14 08:43:46 +08:00
|
|
|
BOARD ?= frdm_k64f
|
2022-08-17 11:23:04 +08:00
|
|
|
SLOT_SIZE ?= 0x60000
|
|
|
|
BOOT_ADDR ?= 0x0
|
|
|
|
IMG0_ADDR ?= 0x20000
|
|
|
|
IMG1_ADDR ?= 0x80000
|
2017-11-14 08:43:46 +08:00
|
|
|
|
2017-07-06 03:36:37 +08:00
|
|
|
.PHONY: check boot hello1 clean_boot clean_hello1 \
|
|
|
|
hello2 clean_hello2 flash_boot flash_hello1 flash_hello2
|
|
|
|
|
|
|
|
# For signing, use the default RSA demo key, to match the default in
|
|
|
|
# the mcuboot Makefile.
|
2017-09-15 05:10:24 +08:00
|
|
|
SIGNING_KEY ?= ../../root-rsa-2048.pem
|
2017-07-06 03:36:37 +08:00
|
|
|
|
|
|
|
# The header size should match that in hello1/prj.conf
|
|
|
|
# CONFIG_TEXT_SECTION_OFFSET. This value needs to be a power of two
|
|
|
|
# that is at least as large as the size of the vector table. The
|
|
|
|
# value given here of 0x200 should be sufficient for any supported
|
|
|
|
# devices, but it can be made smaller, as long as this value matches
|
|
|
|
# that used to build the app.
|
|
|
|
BOOT_HEADER_LEN = 0x200
|
|
|
|
|
|
|
|
# For upgrades, the signing tool needs to know the device alignment.
|
|
|
|
# This requirement will be going away soon.
|
|
|
|
FLASH_ALIGNMENT = 8
|
|
|
|
|
|
|
|
IMGTOOL = ../../scripts/imgtool.py
|
2017-07-18 05:38:54 +08:00
|
|
|
ASSEMBLE = ../../scripts/assemble.py
|
2019-02-19 07:20:00 +08:00
|
|
|
PYOCD = pyocd
|
2017-07-06 03:36:37 +08:00
|
|
|
|
2017-11-14 08:43:46 +08:00
|
|
|
SOURCE_DIRECTORY := $(CURDIR)
|
|
|
|
BUILD_DIRECTORY := $(CURDIR)/build/$(BOARD)
|
|
|
|
BUILD_DIR_BOOT := $(BUILD_DIRECTORY)/mcuboot
|
|
|
|
BUILD_DIR_HELLO1 := $(BUILD_DIRECTORY)/hello1
|
|
|
|
BUILD_DIR_HELLO2 := $(BUILD_DIRECTORY)/hello2
|
|
|
|
|
2017-07-06 03:36:37 +08:00
|
|
|
help:
|
|
|
|
@echo "make <target> BOARD=<board>"
|
2017-07-18 05:38:54 +08:00
|
|
|
@echo "<target>: all, boot, hello1, full.bin"
|
2017-11-14 08:43:46 +08:00
|
|
|
@echo "<board>: frdm_k64f only for now"
|
2017-07-06 03:36:37 +08:00
|
|
|
|
|
|
|
all: boot hello1 hello2
|
|
|
|
|
2017-07-18 05:38:54 +08:00
|
|
|
full.bin: boot hello1 hello2
|
2017-11-14 08:43:46 +08:00
|
|
|
$(ASSEMBLE) -b $(BUILD_DIR_BOOT) \
|
2020-06-04 02:21:13 +08:00
|
|
|
-z $(ZEPHYR_BASE) \
|
2017-07-18 05:38:54 +08:00
|
|
|
-p signed-hello1.bin \
|
|
|
|
-s signed-hello2.bin \
|
|
|
|
-o full.bin
|
|
|
|
|
2017-07-06 03:36:37 +08:00
|
|
|
clean: clean_boot clean_hello1 clean_hello2
|
|
|
|
@rm -f signed-hello1.bin
|
|
|
|
@rm -f signed-hello2.bin
|
|
|
|
@rm -f mcuboot.bin
|
|
|
|
|
|
|
|
boot: check
|
|
|
|
@rm -f mcuboot.bin
|
2017-11-14 08:43:46 +08:00
|
|
|
(mkdir -p $(BUILD_DIR_BOOT) && \
|
|
|
|
cd $(BUILD_DIR_BOOT) && \
|
2018-04-13 01:12:06 +08:00
|
|
|
cmake -DOVERLAY_CONFIG=$(BOOTLOADER_OVERLAY_CONFIG) \
|
2019-06-26 00:13:20 +08:00
|
|
|
-G"Ninja" \
|
2017-11-14 08:43:46 +08:00
|
|
|
-DBOARD=$(BOARD) \
|
|
|
|
$(SOURCE_DIRECTORY)/../../boot/zephyr && \
|
2019-06-26 00:13:20 +08:00
|
|
|
ninja)
|
2017-11-14 08:43:46 +08:00
|
|
|
cp $(BUILD_DIR_BOOT)/zephyr/zephyr.bin mcuboot.bin
|
2017-07-06 03:36:37 +08:00
|
|
|
|
|
|
|
clean_boot: check
|
2017-11-14 08:43:46 +08:00
|
|
|
rm -rf $(BUILD_DIR_BOOT)
|
2017-07-06 03:36:37 +08:00
|
|
|
|
|
|
|
# Build and sign "hello1".
|
|
|
|
hello1: check
|
2017-11-14 08:43:46 +08:00
|
|
|
(mkdir -p $(BUILD_DIR_HELLO1) && \
|
|
|
|
cd $(BUILD_DIR_HELLO1) && \
|
|
|
|
cmake -DFROM_WHO=hello1 \
|
2019-06-26 00:13:20 +08:00
|
|
|
-G"Ninja" \
|
2017-11-14 08:43:46 +08:00
|
|
|
-DBOARD=$(BOARD) \
|
|
|
|
$(SOURCE_DIRECTORY)/hello-world && \
|
2019-06-26 00:13:20 +08:00
|
|
|
ninja)
|
2017-07-06 03:36:37 +08:00
|
|
|
$(IMGTOOL) sign \
|
|
|
|
--key $(SIGNING_KEY) \
|
|
|
|
--header-size $(BOOT_HEADER_LEN) \
|
|
|
|
--align $(FLASH_ALIGNMENT) \
|
|
|
|
--version 1.2 \
|
2022-08-17 11:23:04 +08:00
|
|
|
--slot-size $(SLOT_SIZE) \
|
2017-11-14 08:43:46 +08:00
|
|
|
$(BUILD_DIR_HELLO1)/zephyr/zephyr.bin \
|
2017-07-06 03:36:37 +08:00
|
|
|
signed-hello1.bin
|
|
|
|
|
|
|
|
clean_hello1: check
|
2017-11-14 08:43:46 +08:00
|
|
|
rm -rf $(BUILD_DIR_HELLO1)
|
2017-07-06 03:36:37 +08:00
|
|
|
|
|
|
|
# Build and sign "hello2".
|
|
|
|
# This is the same signing command as above, except that it adds the
|
|
|
|
# "--pad" argument. This will also add the trailer that indicates
|
|
|
|
# this image is intended to be an upgrade. It should be flashed into
|
2019-02-18 18:50:22 +08:00
|
|
|
# the secondary slot instead of the primary slot.
|
2017-07-06 03:36:37 +08:00
|
|
|
hello2: check
|
2017-11-14 08:43:46 +08:00
|
|
|
(mkdir -p $(BUILD_DIR_HELLO2) && \
|
|
|
|
cd $(BUILD_DIR_HELLO2) && \
|
|
|
|
cmake -DFROM_WHO=hello2 \
|
2019-06-26 00:13:20 +08:00
|
|
|
-G"Ninja" \
|
2017-11-14 08:43:46 +08:00
|
|
|
-DBOARD=$(BOARD) \
|
|
|
|
$(SOURCE_DIRECTORY)/hello-world && \
|
2019-06-26 00:13:20 +08:00
|
|
|
ninja)
|
2017-07-06 03:36:37 +08:00
|
|
|
$(IMGTOOL) sign \
|
|
|
|
--key $(SIGNING_KEY) \
|
|
|
|
--header-size $(BOOT_HEADER_LEN) \
|
|
|
|
--align $(FLASH_ALIGNMENT) \
|
|
|
|
--version 1.2 \
|
2022-08-17 11:23:04 +08:00
|
|
|
--slot-size $(SLOT_SIZE) \
|
2018-06-05 21:37:35 +08:00
|
|
|
--pad \
|
2017-11-14 08:43:46 +08:00
|
|
|
$(BUILD_DIR_HELLO2)/zephyr/zephyr.bin \
|
2017-07-06 03:36:37 +08:00
|
|
|
signed-hello2.bin
|
|
|
|
|
|
|
|
clean_hello2: check
|
2017-11-14 08:43:46 +08:00
|
|
|
rm -rf $(BUILD_DIR_HELLO2)
|
2017-07-06 03:36:37 +08:00
|
|
|
|
2017-09-15 05:10:24 +08:00
|
|
|
# These flash_* targets use pyocd to flash the images. The addresses
|
|
|
|
# are hardcoded at this time.
|
|
|
|
|
2017-07-06 03:36:37 +08:00
|
|
|
flash_boot:
|
2022-08-17 11:23:04 +08:00
|
|
|
$(PYOCD) flash -e chip -a $(BOOT_ADDR) mcuboot.bin
|
2017-07-06 03:36:37 +08:00
|
|
|
|
|
|
|
flash_hello1:
|
2022-08-17 11:23:04 +08:00
|
|
|
$(PYOCD) flash -a $(IMG0_ADDR) signed-hello1.bin
|
2017-07-06 03:36:37 +08:00
|
|
|
|
|
|
|
flash_hello2:
|
2022-08-17 11:23:04 +08:00
|
|
|
$(PYOCD) flash -a $(IMG1_ADDR) signed-hello2.bin
|
2017-07-06 03:36:37 +08:00
|
|
|
|
2017-07-26 14:36:02 +08:00
|
|
|
flash_full:
|
2022-08-17 11:23:04 +08:00
|
|
|
$(PYOCD) flash -e chip -a $(BOOT_ADDR) full.bin
|
2017-07-26 14:36:02 +08:00
|
|
|
|
2017-09-15 05:10:24 +08:00
|
|
|
# These test- targets reinvoke make with the configuration set to test
|
|
|
|
# various configurations. This will generally be followed by using
|
|
|
|
# the above flash targets.
|
|
|
|
|
|
|
|
# Test a good image, with a good upgrade, using RSA signatures.
|
|
|
|
# flash_boot: Unable to find bootable image
|
|
|
|
# flash_hello1: hello1 runs
|
|
|
|
# flash_hello2: hello2 runs
|
|
|
|
# reset: hello1 runs
|
2017-11-14 08:43:46 +08:00
|
|
|
test-good-rsa: clean
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-rsa.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
all
|
2017-09-15 05:10:24 +08:00
|
|
|
|
|
|
|
# Test a good image, with a good upgrade, using ECDSA signatures.
|
|
|
|
# flash_boot: Unable to find bootable image
|
|
|
|
# flash_hello1: hello1 runs
|
|
|
|
# flash_hello2: hello2 runs
|
|
|
|
# reset: hello1 runs
|
2017-11-14 08:43:46 +08:00
|
|
|
test-good-ecdsa: clean
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-ecdsa-p256.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
SIGNING_KEY=../../root-ec-p256.pem \
|
|
|
|
all
|
2017-09-15 05:10:24 +08:00
|
|
|
|
|
|
|
# Test (with RSA) that overwrite-only works. This should boot,
|
|
|
|
# upgrade correctly, but not revert once the upgrade has been done.
|
|
|
|
# flash_boot: Unable to find bootable image
|
|
|
|
# flash_hello1: hello1 runs
|
|
|
|
# flash_hello2: hello2 runs
|
|
|
|
# reset: hello2 runs
|
2017-11-14 08:43:46 +08:00
|
|
|
test-overwrite: clean
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
2018-04-13 01:12:06 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-upgrade-only.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
all
|
2017-09-15 05:10:24 +08:00
|
|
|
|
|
|
|
# Test that when configured for RSA, a wrong signature in the upgrade
|
|
|
|
# image will fail to upgrade.
|
|
|
|
# flash_boot: Unable to find bootable image
|
|
|
|
# flash_hello1: hello1 runs
|
|
|
|
# flash_hello2: hello1 runs
|
|
|
|
# reset: hello1 runs
|
2017-11-14 08:43:46 +08:00
|
|
|
test-bad-rsa-upgrade: clean
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-rsa.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
boot hello1
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-rsa.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
SIGNING_KEY=../../root-ec-p256.pem \
|
|
|
|
hello2
|
2017-09-15 05:10:24 +08:00
|
|
|
|
|
|
|
# Test that when configured for ECDSA, a wrong signature in the upgrade
|
|
|
|
# image will fail to upgrade.
|
|
|
|
# flash_boot: Unable to find bootable image
|
|
|
|
# flash_hello1: hello1 runs
|
|
|
|
# flash_hello2: hello1 runs
|
|
|
|
# reset: hello1 runs
|
2017-11-14 08:43:46 +08:00
|
|
|
test-bad-ecdsa-upgrade: clean
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-ecdsa-p256.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
SIGNING_KEY=../../root-ec-p256.pem \
|
|
|
|
boot hello1
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-ecdsa-p256.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
SIGNING_KEY=../../root-rsa-2048.pem \
|
|
|
|
hello2
|
2017-09-15 05:10:24 +08:00
|
|
|
|
2019-02-18 18:50:22 +08:00
|
|
|
# Test that when configured to not validate the primary slot, we still boot, but
|
2017-09-15 05:10:24 +08:00
|
|
|
# don't upgrade.
|
|
|
|
# flash_boot: tries to boot and resets
|
|
|
|
# flash_hello1: hello1 runs
|
|
|
|
# flash_hello2: hello1 runs
|
|
|
|
# reset: hello1 runs
|
2017-11-14 08:43:46 +08:00
|
|
|
test-no-bootcheck: clean
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
2019-02-18 18:50:22 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-skip-primary-slot-validate.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
SIGNING_KEY=../../root-ec-p256.pem \
|
|
|
|
all
|
2017-09-15 05:10:24 +08:00
|
|
|
|
|
|
|
# Test a good image, with a wrong-signature upgrade, using RSA signatures.
|
|
|
|
# flash_boot: Unable to find bootable image
|
|
|
|
# flash_hello1: hello1 runs
|
|
|
|
# flash_hello2: hello1 runs
|
|
|
|
# reset: hello1 runs
|
2017-11-14 08:43:46 +08:00
|
|
|
test-wrong-rsa: clean
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-rsa.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
boot hello1
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-rsa.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
SIGNING_KEY=bad-keys/bad-rsa-2048.pem \
|
|
|
|
hello2
|
2017-09-15 05:10:24 +08:00
|
|
|
|
|
|
|
# Test a good image, with a wrong-signature upgrade, using ECDSA signatures.
|
|
|
|
# flash_boot: Unable to find bootable image
|
|
|
|
# flash_hello1: hello1 runs
|
|
|
|
# flash_hello2: hello1 runs
|
|
|
|
# reset: hello1 runs
|
2017-11-14 08:43:46 +08:00
|
|
|
test-wrong-ecdsa: clean
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-ecdsa-p256.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
SIGNING_KEY=../../root-ec-p256.pem \
|
|
|
|
boot hello1
|
2017-09-15 05:10:24 +08:00
|
|
|
$(MAKE) \
|
zephyr: migrate signature type to Kconfig
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-04-13 01:02:38 +08:00
|
|
|
BOOTLOADER_OVERLAY_CONFIG=$(PWD)/overlay-ecdsa-p256.conf \
|
2017-11-14 08:43:46 +08:00
|
|
|
SIGNING_KEY=bad-keys/bad-ec-p256.pem \
|
|
|
|
hello2
|
2017-09-15 05:10:24 +08:00
|
|
|
|
2017-07-06 03:36:37 +08:00
|
|
|
check:
|
|
|
|
@if [ -z "$$ZEPHYR_BASE" ]; then echo "Zephyr environment not set up"; false; fi
|
2017-08-02 03:09:44 +08:00
|
|
|
@if [ -z "$(BOARD)" ]; then echo "You must specify BOARD=<board>"; false; fi
|