check_config.h was included manually by custom configuration files.
This caused compilation errors when updating MbedTLS to 3.6.0
because check_config.h was processed too early, before the whole
configuration is defined, effectively causing configuration check errors.
MbedTLS already takes care of including check_config.h at the right time.
Remove those erroneous manual check_config.h includes.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
The defines have been taken from the Zephyr flash_map.h
but as they are provided there for MCUboot only, they can be just
defined here.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The static declaration of 'led0' was moved to 'io.c' which broke
building with the 'MCUBOOT_INDICATION_LED' enabled:
mcuboot/boot/zephyr/main.c:380:22: error:
'led0' undeclared (first use in this function)
380 | gpio_pin_set_dt(&led0, 1);
| ^~~~
This adds simple function 'io_led_set()' for changing LED's value.
Fixes: 433b8480 ("zephyr: Move IO functions out of main to separate file")
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Adds a new operation style in which the secondary slot has an
image which is used to update the primary image only.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This allows for out-of-tree modules to define their own boot serial
functions by using iterable sections.
Note that this also removes the custom img list command, which was
not used in-tree.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds the ability to share mcuboot configuration with the
application using Zephyr's retention subsystem.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The commit adds DirectXIP version of bootutil boot_set_next
function.
The function is enabled by configuration option:
MCUBOOT_BOOTUTIL_LIB_FOR_DIRECT_XIP.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fixes issues whereby encrypted images were not properly listed due
to not treating them as encrypted, also removes a piece of wrong
hack code that would never run as the primary slot cannot be
encrypted.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds optional image state set/get functionality to serial recovery
mode which allows for listing image states and marking images to
be tested or as confirmed.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The stm32 defines is somewhat redundant due to the generic watchdog
defines which uses the watchdog0 alias. Therefore they are removed in
this commit.
Signed-off-by: Jeppe Odgaard <jeppe.odgaard@prevas.dk>
The Zephyr watchdog API defines a setup function. This function needs to
be executed before the watchdog is functional in some cases. This commit
adds MCUBOOT_WATCHDOG_SETUP when using the generic watchdog0 alias
otherwise it is an empty define.
Fixes https://github.com/mcu-tools/mcuboot/issues/1659
Signed-off-by: Jeppe Odgaard <jeppe.odgaard@prevas.dk>
Adds support for outputting the image hash TLV in serial recovery
mode, which is needed to comply with the img_mgmt MCUmgr group
requirements.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Commits adds implementation of flash_area_get_sector that
is supposed to replace flash_area_sector_from_off.
The flash_area_get_sector gets additional parameter of flash_area
type, while flash_area_sector_from_off uses hardcoded flash_area.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The sysflash.h defines FLASH_AREA_ macros using FIXED_PARTITION
macros that are provided by flash_map.h, but it does not include
the required header.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Returned values are now hardcoded. Indeed, while it is not
strictly needed (few return values different from SUCCESS
or FAILURE) complexity added by encoding return values might
cause the software to be vulnerable to fault attacks.
Return type changed from fih_int to fih_ret to make
the whole thing much simpler and therefore more robust
to fault attacks. In addition, its easier to predict
compiler behavior.
Affectation of sentive variables has been hardened using macro
FIH_SET (affectation + check wether write access has been properly
done). FIH_DECLARE() is added to ease the declaration of sentive
variables.
Equality tests fih_eq() and fih_not_eq() are now macros because
inlining produce more complex code (and weaker) than macros.
In addition fih_not_eq is modified to be the negation of fih_eq
which was not the case until now.
when FIH_NOT_EQ is used , FIH_SET(fih_rc, FIH_FAILURE) has been added
in some part of the code.
variable image_mask (bootutil_priv.h) is now volatile because a
double IF test is made on it.
some others parts of the code have been hardenned (eg. loop on images)
Signed-off-by: Michael Grand <m.grand@trustngo.tech>
Fixes a bug when writing to devices which have memory alignment
requirements with data being using directly from a zcbor-response
whereby the alignment of the buffer data does not meet the
requirements of the flash driver.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
There are 3 levels of buffers and only the first one seems to be
configurable, this fixes that issue.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Downgrade prevention for swap upgrades that was added to
mcuboot is now configurable in zephyr.
It may be using software version number from image in slot 0,
or security counter from the image in slot 0 (for limited downgrade
availability).
Hardware base security counter check remains unchanged.
Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
The FLASH_AREA_ macros, which have been using DTS node label property
to identify partitions, have been replaced with FIXED_PARTITION_
macros that use DTS node label to identify partitions.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Since we have support for nRF and STM32 families,
and non-vendor watchdog implementation let's enable
this functionality by default.
Imply NRFX_WDT && NRFX_WDT0 && NRFX_WDT1 only when
SOC_FAMILY_NRF is being used.
Signed-off-by: Bartosz Bilas <bartosz.bilas@hotmail.com>
Return the device pointer if the node identifier
refers to a watchdog node with status “okay”,
otherwise return NULL.
Signed-off-by: Bartosz Bilas <bartosz.bilas@hotmail.com>
Replace the `device_get_binding` usage with
a `DEVICE_DT_GET` which is being deprecated in the upstream zephyr.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
remove flash_device_get_binding as we can utilizes DEVICE_DT_GET to
get the flash_dev pointer set at build time. This removes usage of
device_get_binding and handles the lack of 'label' properties in
the devicetree better.
Signed-off-by: Kumar Gala <galak@kernel.org>
Since #1383 the configuration translation header and
the logging translation header are not used by the simiulator.
Thanks to that __BOOTSIM__ dependence might be removed - what is done
in this patch.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Zephyr has prefixed all of its includes with <zephyr/...>. While the
_old_ mode can still be used (CONFIG_LEGACY_INCLUDE_PATH) and is still
enabled by default, it's better to be prepared for its removal in the
future.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
According to mbedTLS' Changelog "Mbed TLS 3.0.0 branch released
2021-07-07" -> "Removals":
MBEDTLS_ECP_MAX_BITS is no longer a configuration option because it
is now determined automatically based on supported curves.
Hence remove MBEDTLS_ECP_MAX_BITS from configuration files to fix build
issues with Zephyr when there is unfortunate order of include
statements, like:
/__w/zephyr/zephyr/modules/mbedtls/zephyr_init.c
In file included from /__w/zephyr/modules/crypto/mbedtls/include/mbedtls/ssl.h:30,
from /__w/zephyr/modules/crypto/mbedtls/include/mbedtls/debug.h:27,
from /__w/zephyr/zephyr/modules/mbedtls/zephyr_init.c:16:
/__w/zephyr/modules/crypto/mbedtls/include/mbedtls/ecp.h:314: error: "MBEDTLS_ECP_MAX_BITS" redefined [-Werror]
314 | #define MBEDTLS_ECP_MAX_BITS 1
|
In file included from /__w/zephyr/bootloader/mcuboot/boot/zephyr/include/mcuboot-mbedtls-cfg.h:25,
from /__w/zephyr/modules/crypto/mbedtls/include/mbedtls/build_info.h:59,
from /__w/zephyr/modules/crypto/mbedtls/include/mbedtls/debug.h:25,
from /__w/zephyr/zephyr/modules/mbedtls/zephyr_init.c:16:
/__w/zephyr/bootloader/mcuboot/boot/zephyr/include/config-rsa.h:72: note: this is the location of the previous definition
72 | #define MBEDTLS_ECP_MAX_BITS 2048
|
cc1: all warnings being treated as errors
Signed-off-by: Marcin Niestroj <m.niestroj@emb.dev>
Move formatting of version string to use snprintf, which Zephyr
provides, instead defining utility function for that purpose.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The RAM loading mode wasn't wrapped in Zephyr configs like the other boot modes.
Added a config to enable RAM loading as well as two configs to set
IMAGE_EXECUTABLE_RAM_START and IMAGE_EXECUTABLE_RAM_SIZE, respectively. These
two values default to the values from the chosen node sram in the dts.
Signed-off-by: Johan Öhman <johan.ohman@softube.com>
DT_CHOSEN_ZEPHYR_FLASH_CONTROLLER_LABEL is going to be deprecated, so
remove its usages from the Zephyr port. Definition checks have been
replaced with DT_HAS_CHOSEN(zephyr_flash_controller), and the macro
itself has been replaced by
DT_LABEL(DT_CHOSEN(zephyr_flash_controller)). Note that the code could
likely be refactored to make use of compile time device references, ie
use DEVICE_DT_GET, but that task has been left for the maintainers.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
This PR adds the possibility to only enter the bootloader's
serial recovery mode when a mcumgr command is received within a
given timeout.
Signed-off-by: Wouter Cappelle <wouter.cappelle@crodeon.com>
Reduce the size of the sha256 implementation by 1300 bytes by using a
slower implementation.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Kconfig macro was converted with typo to not a MCUboot's
internal macro switch. It was MCBOOT_ERASE_PROGRESSIVELY instead
of MCUBOOT_ERASE_PROGRESSIVELY.
Bug was introduced in
42c985cead
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Tomi Fontanilles