Commit Graph

2034 Commits

Author SHA1 Message Date
Andrzej Puzdrowski 26d19d330a sim: Added test for over-sized image bootstrap
Added test for check whether the bootstrap will fail for too big
image.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-10-04 23:02:36 +02:00
Andrzej Puzdrowski 5b90dc891e sim: image trailer size differentiation
Differentiated image trailer size for swap-using-scratch with
max-align-32 feature and without it.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-10-04 23:02:36 +02:00
Andrzej Puzdrowski 5310d554dd sim: corrected maximal image size calculation
Corrected the maximal image size calculation for
the swap using scratch mode. Previously the vale which
is appropriate for the swap using move mode was used.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-10-04 23:02:36 +02:00
Andrzej Puzdrowski 334b6a60ab boot: add precise check of the image size
It is possible that image in the slot is so big
that MCUboot swap metadata will interfere with
its content during the swap operation.

This patch introduces additional check to the image
validation procedure.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-10-04 23:02:36 +02:00
Yonatan Schachter b22eb6a30d zephyr: Explicitly include cmsis.h
main.c uses CMSIS functions such as __set_MSP, which require
cmsis.h to be included. Up until now, that file was included
indirectly through other ARM headers. This patch explicitly
includes cmsis.h, for platforms on which those indirect includes
do not work.

Signed-off-by: Yonatan Schachter <yonatan.schachter@gmail.com>
Signed-off-by: David Brown <david.brown@linaro.org>
2022-10-04 12:42:36 -06:00
Jerzy Kasenberg b8801fc0ac zephyr/Kconfig: Add downgrade prevention to swaps
Downgrade prevention for swap upgrades that was added to
mcuboot is now configurable in zephyr.

It may be using software version number from image in slot 0,
or security counter from the image in slot 0 (for limited downgrade
availability).

Hardware base security counter check remains unchanged.

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
2022-10-04 08:52:57 -06:00
Jerzy Kasenberg e3f895d7ef Add downgrade prevention for swaps
Currently, downgrade prevention was limited to overwrite only
builds (version check) or devices with hardware storage for
security counter.

This extends downgrade prevention to be used when swap update
is selected.
Unlike MCUBOOT_HW_ROLLBACK_PROT option it does not require user
code to provide external way to store security counter.
Security counter from slot 1 image is used for comparison.
With security counter usage it is possible to have limited
software rollback if security counter was not incremented.

It is possible to use image version where strict rule for
image version comparison prevents any downgrades.

Downgrade prevention is also added to mynewt configuration.

If image in slot 1 is marked as pending and downgrade prevention
is in place, image will be deleted to avoid check on next boot.

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
2022-10-04 08:52:57 -06:00
Fabio Utzig 4e2cdfe82f imgtool: change getpub exporting format parameter
Update a previous PR were PEM exporting was added to the `--lang`
parameter, even though PEM is not a source code language per se.

This PR adds `--encoding/-e` to `getpub` command, for exporting
in formats other than a language source code. `--lang` is left with
a deprecation message, so it could be removed in a future version.
The default behavior of exporting source code in C was preserved.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-09-29 19:31:02 -03:00
Almir Okato 09cca3815a boot_serial: espressif: ESP32-C3 serial recovery mode
Signed-off-by: Almir Okato <almir.okato@espressif.com>
2022-09-29 11:37:13 -03:00
Almir Okato 707a69d40c boot_serial: espressif: enable erase progressively option on serial recovery
Signed-off-by: Almir Okato <almir.okato@espressif.com>
2022-09-29 11:37:13 -03:00
Almir Okato 0dcdbab886 boot_serial: espressif: split serial adapter implementation for each chip
This commit also fixes array access on serial console read.

Signed-off-by: Almir Okato <almir.okato@espressif.com>
2022-09-29 11:37:13 -03:00
Almir Okato 90be6e6001 boot_serial: adding missing errno.h header
Signed-off-by: Almir Okato <almir.okato@espressif.com>
2022-09-29 11:37:13 -03:00
Andrzej Puzdrowski b25ba4bfa5 zephyr/Kconfig: fixed BOOT_WATCHDOG_FEED default value
This property should be enabled by default only when watchdog
driver is available.
This fixed build with pristine configuration on targets
with CONFIG_WATCHDOG=n.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-09-28 15:45:27 -06:00
David Brown 08a30a4158 zephyr: Add a bool Kconfig option for swap move
The Kconfig system used by Zephyr does not allow the defaults for choice
options to be overridden.  To compensate for this, create a new boolean
config option that will determine what the default is for the boot mode.

This allows the kconfig override file for various Zephyr boards to
change the default to swap move.

Signed-off-by: David Brown <david.brown@linaro.org>
2022-09-23 17:19:26 +02:00
Fabio Utzig 6f286779a6 imgtool: add option to export public PEM
Update `getpub` with new `lang` option, "pem", which allows exporting a
public key as a PEM file. This can later be distributed to be used for
encrypting an image, and gets away with having to use openssl for this
step.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-09-22 11:34:43 -06:00
Sigvart Hovland 3fd4cd4fac bootutil: loader: Add post copy hook to swap function
Currently the post copy hook is only called from the `copy_region`
function. However when another update method than `BOOT_UPGRADE_ONLY` is
selected this function is not called. This adds post copy hook to the
end of `boot_swap_image` when we know the swap is complete.

Signed-off-by: Sigvart Hovland <sigvart.hovland@nordicsemi.no>
2022-09-19 15:58:53 +02:00
Andrzej Puzdrowski 6e116e4340 zephyr/sample.yaml Limit allowed build platforms
Building sample.bootloader.mcuboot for many platforms
is not possible (for instance a qemu). The limit is need
as otherwise zephyr-rtos/zephyr CI is failing on any push to
main branch or nightly CI run.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-09-19 09:48:56 +02:00
Marek Pieta f1fd510563 boot: zephyr: Remove legacy serial recovery GPIO configuration
Change removes the legacy configuration. The legacy configuration
became problematic, because GPIO DTS nodes no longer support labels
that were used to identify nodes in MCUboot. Therefore we need to
use GPIO DTS node name with the legacy approach.

The GPIO should be configured by board's DTS, which is simpler.

Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
2022-09-13 16:33:43 +02:00
Marek Pieta 2fa1190ff3 boot: zephyr: Add default values of boot detect pins
Change introduces default values of CONFIG_BOOT_SERIAL_DETECT_PIN
and CONFIG_BOOT_USB_DFU_DETECT_PIN. This is needed to prevent build
issues caused by uninitialized Kconfig.

Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
2022-09-13 16:33:43 +02:00
Fabio Utzig 73d69e9b56 boot: zephyr: fix watchdog device typos
Fix typos for IWDG and watchdog0 alias feeding paths.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-09-12 11:13:54 +02:00
Fabio Utzig 4b90dfcf71 zephyr: ci: enable testing more watchdog paths
Enable tests to be run on frdm_k64f and disco_l475_iot1. The l475 uses
the STM32 IWDG by default, and the k64f can be used for the generic
watchdog path. Both boards also received a config to enable the
watchdog.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-09-12 11:13:54 +02:00
Georgij Cernysiov 4030aac594 boot: zephyr: fix xtensa define condition
Adds missing bracket to the xtensa node
exists condition.

Signed-off-by: Georgij Cernysiov <geo.cgv@gmail.com>
2022-09-09 11:16:15 +02:00
Dominik Ermel 2c5393423c zephyr/boot_serial_extension: Switch to using FIXED_PARTITION_
Switching from FLASH_AREA_ to FIXED_PARTITION_ macros.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-09-08 12:44:58 +02:00
Dominik Ermel 3a82b6ff1e zephyr: Switch to using FIXED_PARTITION_ macros
The FLASH_AREA_ macros, which have been using DTS node label property
to identify partitions, have been replaced with FIXED_PARTITION_
macros that use DTS node label to identify partitions.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-09-08 12:44:58 +02:00
dependabot[bot] e00f24baf6 build(deps): bump nokogiri from 1.12.5 to 1.13.8 in /docs
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.8.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.8)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-09-05 17:48:58 -03:00
dependabot[bot] 45811234d8 build(deps): bump tzinfo from 1.2.9 to 1.2.10 in /docs
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.9 to 1.2.10.
- [Release notes](https://github.com/tzinfo/tzinfo/releases)
- [Changelog](https://github.com/tzinfo/tzinfo/blob/master/CHANGES.md)
- [Commits](https://github.com/tzinfo/tzinfo/compare/v1.2.9...v1.2.10)

---
updated-dependencies:
- dependency-name: tzinfo
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-09-05 17:48:58 -03:00
Andrés Sánchez Pascual 414ac87cfd boot: nuttx: main: add suport for board late
initialization.

When using nuttx MCUBoot app as a main entry point in
place of nsh_main it is necesary to perform board-specific
driver initialization through boardctl().

Signed-off-by: Andrés Sánchez Pascual <tito97_sp@hotmail.com>

boot: nuttx: main: fix minor errors according

Signed-off-by: Andrés Sánchez Pascual <tito97_sp@hotmail.com>
2022-09-05 15:50:06 -03:00
Mike Szczys a93188e7bb boot: zephyr: Configure mimxrt1060_evkb boards
Configure larger slots on the mimxrt1060_evkb

Signed-off-by: Mike Szczys <mike@golioth.io>
2022-09-03 14:37:27 -03:00
Bartosz Bilas a1c8c8e632 boot: zephyr: enable watchdog feed by default
Since we have support for nRF and STM32 families,
and non-vendor watchdog implementation let's enable
this functionality by default.
Imply NRFX_WDT && NRFX_WDT0 && NRFX_WDT1 only when
SOC_FAMILY_NRF is being used.

Signed-off-by: Bartosz Bilas <bartosz.bilas@hotmail.com>
2022-09-02 13:08:07 -03:00
Dominik Ermel 245de8156d bootutil: Add missing flash_area_close
boot_remove_image_from_flash has been missing flash_area_close.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2022-09-02 12:59:00 -03:00
Bartosz Bilas a83715ba54 boot: zephyr: return NULL if stm32 watchdog is not enabled
Return the device pointer if the node identifier
refers to a watchdog node with status “okay”,
otherwise return NULL.

Signed-off-by: Bartosz Bilas <bartosz.bilas@hotmail.com>
2022-09-01 21:38:10 -03:00
Bartosz Bilas 71ae335750 ci: zephyr: update to Zephyr SDK 0.15.0
Updates the CI workflows to use the Zephyr SDK 0.15.0 for
building and testing Zephyr in the CI.

Fixes:
  E: CMake Error at cmake/modules/verify-toolchain.cmake:79 (find_package):
  Could not find a configuration file for package "Zephyr-sdk" that is
  compatible with requested version "0.15".

  The following configuration files were considered but not accepted:

Signed-off-by: Bartosz Bilas <bartosz.bilas@hotmail.com>
2022-08-31 14:32:57 -03:00
Bartosz Bilas be7e2b1a54 ci: zephyr: switch to CI image 0.24.2
Let's bump CI image to be up-to-date with the upstream.

Signed-off-by: Bartosz Bilas <bartosz.bilas@hotmail.com>
2022-08-31 14:32:57 -03:00
heinwessels 66cdd46b44 zephyr: flash: support 32byte block write size
Signed-off-by: heinwessels <heinwessels93@gmail.com>
2022-08-28 19:16:11 -03:00
Andrés Sánchez Pascual 1595488a92 Update for C++ compiler compatibility
Update flash_map_backend.h to be compatible with a C++ compiler

Signed-off-by: Andrés Sánchez Pascual <tito97_sp@hotmail.com>
Signed-off-by: GitHub <noreply@github.com>
2022-08-23 19:10:44 +02:00
Alexander Mihajlovic f4df58f347 imgtool: Fix output of confirmed image in HEX format
The image_ok was written to the wrong offset
when outputting HEX format. This commit fixes that.

Drive-by change: Use actual length of boot magic
instead of assuming it's 16 bytes long.

Signed-off-by: Alexander Mihajlovic <alexander@eub.se>
2022-08-22 10:56:12 +02:00
Kumar Gala 02a3edd24f zephyr: Remove devicetree 'label' property from flash nodes
zephyr is transition away from devicetree label property for nodes
that are associated with devices.  So remove it from flash nodes.

Signed-off-by: Kumar Gala <galak@kernel.org>
2022-08-16 16:50:03 +02:00
Piotr Dymacz 067f30ae96 boot_serial: explain disabled idle state in timeout based recovery
This adds short explanation (in form of a comment) why CPU shouldn't
enter idle state in timeout based serial recovery.

Ref: 3942e9bf8f ("boot_serial: fix serial recovery mode with timeout")
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2022-08-13 16:02:53 +02:00
Piotr Dymacz 3942e9bf8f boot_serial: fix serial recovery mode with timeout
If 'BOOT_SERIAL_WAIT_FOR_DFU' is selected, the CPU shouldn't enter idle
state, waiting for interrupt from the console because we expect booting
if no mcumgr command is received within a configured timeout (with the
'CONFIG_BOOT_SERIAL_WAIT_FOR_DFU_TIMEOUT').

Without this fix, when using 'BOOT_SERIAL_WAIT_FOR_DFU' the boot process
hangs forever, waiting for input from console.

Fixes: e3822f8180 ("boot_serial: zephyr: Add optional timeout to enter serial recovery")
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2022-08-12 13:35:51 +02:00
Kumar Gala 5130d1dcca zephyr: Remove devicetree 'label' property
zephyr is transition away from devicetree label property for nodes
that are associated with devices.  So remove it from
"zephyr,cdc-acm-uart" nodes.

Signed-off-by: Kumar Gala <galak@kernel.org>
2022-08-12 11:18:24 +02:00
Bartosz Bilas b03c098534 boot: zephyr: get rid of device_get_binding for stm32 watchdog
Replace the `device_get_binding` usage with
a `DEVICE_DT_GET` which is being deprecated in the upstream zephyr.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
2022-08-04 17:17:33 +02:00
Andrzej Puzdrowski 1c150c6092 zephyr: direct inclusion of the hooks file
This patch removes CONFIG_BOOT_IMAGE_ACCESS_HOOKS_FILE option
which was used to point to hooks implementation file.
It is better that the project customization is up to add required
files instead. This gives more flexibility in provisioning these
sources (there may be multiple files).
This also simplifies Kconfig options.

In order to keep possibility for build-test the Hooks feature
hooks_sample.c will be included into the build if commandline
will specify -DTEST_BOOT_IMAGE_ACCESS_HOOKS=Y option.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-08-04 11:17:19 +02:00
Stephanos Ioannidis 09e2bd70fd boot_serial: Fix incorrect format specifier for off_t
The `BOOT_LOG_INF` function, which uses the format specifiers defined
by the C standard, was incorrectly printing a variable with the type of
`off_t` using the `%x` format specifier, which is intended to be used
with the `int` type.

The `off_t` type, specified by the POSIX standard, is not guaranteed to
be `int`, and it may be defined as `long` or `long long` depending on
the toolchain and the target architecture.

This commit updates the print routine such that it casts the arguments
of the `off_t` type to `intmax_t` and prints them out using the
corresponding `%jx` format specifier.

Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
2022-08-04 09:28:17 +02:00
Bartosz Bilas b4c04d3393 boot: zephyr: add support for generic watchdog alias
Add possibility to pass generic watchdog alias
no matter what vendor is used.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
2022-08-03 17:08:22 +02:00
Kumar Gala 8eadf8c2d0 zephyr: remove flash_device_get_binding
remove flash_device_get_binding as we can utilizes DEVICE_DT_GET to
get the flash_dev pointer set at build time.  This removes usage of
device_get_binding and handles the lack of 'label' properties in
the devicetree better.

Signed-off-by: Kumar Gala <galak@kernel.org>
2022-07-29 09:05:29 +02:00
Martin Jäger 3175182f81 boot: zephyr: main: fix log_process call after Zephyr change
The legacy logging subsystem was removed in below commit:
https://github.com/zephyrproject-rtos/zephyr/commit/c5f2cde

This commit maintains compatibility with Zephyr upstream before
and after the change by using the now removed CONFIG_LOG1 and
CONFIG_LOG2 defines.

Signed-off-by: Martin Jäger <martin@libre.solar>
2022-07-27 08:02:11 +02:00
Martin Jäger 477ed816ec boot: zephyr: main: fix indentation
No functional changes.

Signed-off-by: Martin Jäger <martin@libre.solar>
2022-07-27 08:02:11 +02:00
Fabio Baltieri 888e261a76 boot_serial: add "zephyr/" prefix to __ZEPHYR__ includes
Add relevant "zephyr/" prefixes to allow building with the Zephyr
option CONFIG_LEGACY_INCLUDE_PATH=n.

Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
2022-07-26 19:20:21 +02:00
Dominik Ermel 864d104e42 boot_serial: zephyr: Fix zcbor encoding in extensions
Extensions missed cddl to zcbor update and were not compiling.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2022-07-26 16:33:19 +02:00
Andrzej Puzdrowski f1fd225bbb zephyr: disable qspi-nor on nrf52840
Sine https://github.com/zephyrproject-rtos/zephyr/pull/47629 was
merged the qspi nod driver is enabled by default. This cause unwanted
flash footprint rise for configurations which are not using the qspi.

This patch disables it back.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-07-26 09:52:01 -03:00