Commit Graph

254 Commits

Author SHA1 Message Date
David Brown 1151714a68 Create CNAME 2020-10-30 09:13:13 -06:00
Andrzej Puzdrowski dfc7c5f9a4 doc/release: Describe development version designation
After each release version will be changed to
MAJOR.MINOR.PATCH-dev.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2020-10-30 16:12:38 +01:00
Fabio Utzig b94c985a26 Delete CNAME 2020-10-30 12:07:54 -03:00
Fabio Utzig 8084e8beaa Create CNAME 2020-10-30 12:06:39 -03:00
Martí Bolívar a6a0e0e77c doc: clean up multi-image documentation
Some design.md content is causing build errors when they are included
in a .rst based documentation tree in Sphinx.

Adjust the format to make it work in both systems.

Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
2020-10-22 17:46:06 -03:00
Fabio Utzig 05722f4a01 doc: PORTING: drop flash_area_read_is_empty()
Update PORTING guide dropping `flash_area_read_is_empty`.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2020-10-08 20:47:56 -03:00
Fabio Utzig 8ebe53537b doc: fix link to external page in PORTING
Remove a footnote that is not generating a proper link and add an inline
link to the mbed TLS referece for platform.h. This also fixes a warning
when running through recommonmark==0.6.0 because it is unable to parse the
old syntax.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2020-10-01 09:16:47 -03:00
Tamas Ban 67e3fff047 docs: Revert the moving of design.md
This commit fix the issue reported in #803:
https://github.com/JuulLabs-OSS/mcuboot/issues/803

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2020-09-18 10:51:22 +02:00
Tamas Ban fe03109ab1 boot: Add ram-load upgrade mode
This patch introduces the ram-load mode in addition to the other
upgrade modes (swap strategies, overwrite-only, direct-XIP). When
ram-load is enabled with the MCUBOOT_RAM_LOAD option, mcuboot
selects the newest valid image based on the image version numbers from
the image header, thereafter the selected image loaded to the RAM and
executed from there. Load address is extracted from the image header.
Therefore the images must be linked to the RAM memory region.
The ram-load mode is very similar to the direct-XIP mode, main
difference is to load the newest image to the RAM beforehand the
authentication and execution. Similar to direct-XIP mode either
of the primary and the secondary slots can hold the active image.

Ram-load can be useful in case of a bit more powerful SoC, which
is not constrained in terms of internal RAM. It could be that image
is stored in external and therefore untrusted flash. Loading image
to internal (trusted) RAM is essential from the security point
of view the system. Furthermore execution from internal RAM is much
faster than from external flash.

This patch is based on the RAM_LOADING upgrade strategy which was
first introduced in the Trusted Firmware-M project.
Source TF-M version: TF-Mv1.0.

Change-Id: I95f02ff07c1dee51244ac372284f449c2efab362
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2020-09-16 11:06:30 +02:00
David Vincze e574f2d617 boot: Introduce direct execute-in-place (XIP) mode
This patch introduces the direct execute-in-place (XIP) mode in addition
to the other upgrade modes (swap strategies, overwrite-only). When
direct-XIP is enabled with the MCUBOOT_DIRECT_XIP option, mcuboot
selects the newest valid image based on the image version numbers from
the image header, thereafter the selected image runs directly from its
flash partition (slot) instead of moving it. Therefore the images must
be linked to be executed from the given image slot. It means that in
direct-XIP mode either of the primary and the secondary slots can hold
the active image.

This patch is based on the NO_SWAP upgrade strategy which was first
introduced in the Trusted Firmware-M project.
Source TF-M version: TF-Mv1.0.

Change-Id: If584cf01ae5aa7208845f6a6fa206f0595e0e61e
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-08-12 09:39:44 +02:00
Fabio Utzig a468fce1ed Fix kramdown CVE-2020-14001
https://github.com/advisories/GHSA-mqm2-cgpr-p4m6

Run "bundle update" and upgrade most ruby gems.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2020-08-11 13:40:25 +02:00
Harry Jiang 6828151973 docs: Fix the typo for imgtool keygen command
Signed-off-by: Harry Jiang <explora26@gmail.com>
2020-07-06 06:36:12 -03:00
David Brown 50d24a5751 Preps for v1.6.0 release
Update README, release notes the mynewt repository file, and imgtool for
the v1.6.0 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-05-22 11:59:39 -06:00
David Brown 82c5f7c65c Preps for 1.6.0-rc2 release
Update various version fields.  Also include a note in the release notes
describing Zephyr compatibility.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-05-06 08:40:22 -06:00
David Brown 342e875d0f Preps for 1.6.0-rc1
Update version fields, and add release notes for the 1.6.0-rc1 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-04-22 18:27:00 -06:00
David Brown aac7111b02 boot: Update copyrights and licenses
To make contributions easier, place explicit copyrights by the major
contributors, along with an SPDX license identifier.  Files that came
from the mynewt project, which was an Apache project will retain the
Apache project license text, although this does not apply to new
contributions, which are being made by individual contributors.

Hopefully, this will keep everyone happy, but allow contributors that
need to add an explicit copyright to have a place they can add that.

Fixes #501

Signed-off-by: David Brown <david.brown@linaro.org>
2020-04-22 15:07:28 -06:00
David Vincze 25459bffcc docs: Provide description for multiple features
- Update documentation of 'HW based downgrade prevention'
- Add description for the following features:
      MCUBOOT_MEASURED_BOOT
      MCUBOOT_DATA_SHARING
      MCUBOOT_HW_KEY

Change-Id: If7247e906de3028d44cdd9d14a5004661fb955af
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-04-22 14:25:21 -06:00
David Vincze 4e3c47bfca docs: Fix Markdown rendering issues
- Fix rendering issues of multi-line HTML comments (license headers)
- Fix rendering issues of footnotes

Change-Id: I06c8ad3454a62187e9d527df62560b897ec478f4
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-04-21 15:42:29 -06:00
Fabio Utzig 20e747c920 mynewt: remove version.yml and references
With the merge of https://github.com/apache/mynewt-newt/pull/365 `newt`
does not use `version.yml` files anymore, so remove the file and
references to updating it in the release process.

Testing a MCUBoot release now depends on `newt` `master` or `> 1.7.0`
(to be released).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-04-12 14:31:28 -03:00
Fabio Utzig 5eaa57647e docs: Update with X25519 encrypted images info
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-04-10 17:56:14 -03:00
Håkon Øye Amundsen cdf94c2623 docs: secondary slot magic is unset after update
This description is needed to explain why MCUBoot won't
revert a recently performed update.

Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
2020-03-10 15:54:18 +01:00
Håkon Øye Amundsen 11d91c34a3 docs: fix incorrect state reference
The TEST is state I and PERM is state II.

Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
2020-03-10 15:54:18 +01:00
David Vincze c308413760 bootutil: Introduce HW rollback protection
- Add image security counter verification (read security counter value
  from the image manifest and compare it against the stored/active
  security counter) as an optional part of the image validation process
  to prevent the restoration of older, potentially vulnerable images.
- This feature can be enabled with the MCUBOOT_HW_ROLLBACK_PROT option.
- Add security counter interface to MCUBoot. If HW rollback protection
  is enabled then the platform must provide a mechanism to store and
  read the security counter value in a robust and secure way.

Change-Id: Iee4961c1da5275a98ef17982a65b361370d2a178
Signed-off-by: David Vincze <david.vincze@arm.com>
2020-02-25 23:43:12 +01:00
Fabio Utzig 3647ded973 docs: update nokogiri to fix CVE-2020-7595
https://nvd.nist.gov/vuln/detail/CVE-2020-7595

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-25 09:26:02 -03:00
Fabio Utzig ef7fbd7012 Preparing for v1.5.0-rc1
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-07 15:30:45 -03:00
Fabio Utzig 970840ccf5 docs: fix mailing list URL
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-06 06:00:28 -03:00
Håkon Øye Amundsen 2d1bac164f add option for rollback protection
Depends on 'MCUBOOT_OVERWRITE_ONLY' option since swap info is not protected
by signature

Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
2020-01-23 12:47:05 -07:00
Rajiv Ranganath b976a4c0dc docs/PORTING.md: Update APIs needed for porting MCUboot
Signed-off-by: Rajiv Ranganath <rajiv.ranganath@atihita.com>
2020-01-13 10:09:54 -03:00
David Brown 3639aca071 docs: Change name of padding arguments
To be squashed

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
David Brown bf3a3a9c71 docs: Typo fixes and suggestions from mbolivar
To be squashed after review.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
David Brown 8f057ca5ae docs: Write up some docs about ecdsa padding
Start with some documentation on ECDSA signatures, and the problems with
the current padding approach.  Present a plan to support correctly
formatted ECDSA signatures, and how to handle the transition both in the
C code, as well as the tooling that signs images.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-12-18 11:53:25 -07:00
Fabio Utzig d37d877603 Add html anchors to design and imgtool documents
When pages are built from the markdown sources, the html anchors for
titles are automatically added, but no links are inserted in the pages.
This makes it harder to send URLs to sections; one has to browse the
page source to get the correct link. This fixes the issue by adding
links directly to the generated pages.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-12-03 16:35:58 -03:00
Fabio Utzig 478ad247b3 docs: add URL anchor links to encrypted images md
URL anchors are already generated automatically by the GH markdown
processor, but they are not visible. This adds the proper links to the
page.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-11-29 12:55:33 -03:00
Fabio Utzig b3f058c0ef docs: describe ECIES-P256 encrypted image support
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-11-06 06:55:25 -03:00
Ruth Fuchss 4023d62849 docs: add link to encrypted_images.md and cleanup
Add a link to the topic about encrypted images to the start page.
Clean up the existing links to make the table of contents more
consistent.

Signed-off-by: Ruth Fuchss <ruth.fuchss@nordicsemi.no>
2019-11-01 13:10:41 -03:00
Ruth Fuchss 721cdbc49e docs: add missing heading
Add an H1 heading to encrypted_images.md.

Signed-off-by: Ruth Fuchss <ruth.fuchss@nordicsemi.no>
2019-11-01 13:10:41 -03:00
Sam Bristow d0ca0ffc27 Fix up typos
Ran automated checker for common typos [1]. Most of these changes have
no functional change *except* for `./ci/sim_run.sh` where, previously
the `bootstrap` feature wasn't being selected properly.

I didn't touch anything in the `./ext/` folder as anything in there
should probably be fixed in the upstream repo.

[1] https://github.com/codespell-project/codespell

Signed-off-by: Sam Bristow <sam@bristow.nz>
2019-10-30 06:24:10 -03:00
David Brown d7581779d8 Prepare for release v1.4.0-rc2
Update version stamps as well as the release notes.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-10-15 14:50:09 -06:00
Fabio Utzig c7fe3b061e Document imgtool release process
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-10-15 12:35:01 -03:00
Fabio Utzig 1b7777b476 Fix CVE-2019-16892
https://nvd.nist.gov/vuln/detail/CVE-2019-16892

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-10-15 12:28:34 -03:00
David Brown 4d0c5fa488 Release notes for 1.4.0-rc1
Signed-off-by: David Brown <david.brown@linaro.org>
2019-10-08 10:45:14 -07:00
David Brown 37b96e7aab docs: Fix formatting of security document
Markdown considers a block of indented text after a list item to be part
of that list item.  Insert a small piece of text at the top level to
prevent that.

Signed-off-by: David Brown <david.brown@linaro.org>
2019-10-08 10:45:14 -07:00
David Brown 0d98a9c2b0 docs: Create initial security policy
Signed-off-by: David Brown <david.brown@linaro.org>
2019-10-08 08:56:53 -07:00
Fabio Utzig fd140ecef2 New protected TLV format proposal
Updates the protected TLV specification to have their own TLV info struct,
to ease hashing without having to skip parts of the image, while adding the
ability to append new non-protected TLVs.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-10-01 18:30:05 -03:00
Fabio Utzig c28005b04f Use better naming for swap copy/erase functions
Since a copy/erase during a swap can result in some number of sectors
erased and copied, which is not necessarily equal to 1, update design
document and bootloader function naming to reflect this fact, by using
the postfix "_region" instead of "_sector" in those cases.

This fixes #541

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-09-10 13:41:58 -03:00
Fabio Utzig 75b344198e Fix a few formatting issues in design doc
Fix text structures that were not rendering correctly in the generated
html.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-09-09 10:00:09 -03:00
Fabio Utzig 60319acf0f Update swap operation description in design doc
Update to better match the current implementation.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-09-09 10:00:09 -03:00
Fabio Utzig 7eaaf67bbf Fix for CVE-2019-5477
https://nvd.nist.gov/vuln/detail/CVE-2019-5477

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-08-26 14:01:37 -03:00
Håkon Øye Amundsen cbf3047d48 docs: fix typos in design.md
Minor typo fixes.

Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
2019-07-24 07:02:20 -03:00
David Vincze e32483f10f Boot: Add dependency check to multi-image boot
This patch adds the capability to check image dependencies in case
of multi-image boot. The dependencies are described with a new type
of TLV in the manifest.

Change-Id: If45f81a00d4324c881634f50156f9939e1bf8707
Signed-off-by: David Vincze <david.vincze@arm.com>
2019-07-23 09:11:34 -05:00
David Vincze ba3bd606be Boot: Enable multi-image boot
This patch adds the capability to handle multiple firmware images,
to update them independently. Also update the design documentation.
It separates the completion of aborted image swap operations and the
update of images even more as these should be happening at different
stages of the boot process according to the design proposal of
the multiple image support:
https://github.com/JuulLabs-OSS/mcuboot/pull/317.

Change-Id: I7eb5f632298bb08c805bfaee0359703b2ae19e9d
Signed-off-by: David Vincze <david.vincze@arm.com>
2019-07-23 09:11:34 -05:00
David Vincze b75c12a431 Boot: Extend flash layout for multiple images
This patch introduces the BOOT_IMAGE_NUMBER macro and current_image
variable to support multiple updatable images and the associated
extended flash layout.

The FLASH_AREA_IMAGE_* object-like macros are replaced with
function-like ones and therefore some functions have been updated,
because the labels of a switch statement and the initialization
values of objects with static storage duration have to be constant
expressions.

Change-Id: Ib7b26ec3c94233e52db4f97825ddb6a3e55bb1d3
Signed-off-by: David Vincze <david.vincze@arm.com>
2019-07-23 09:11:34 -05:00
David Vincze e24534799b Boot: Save image sequence number to image trailer
Overload the swap_type field in image trailer to store as an addition
the image sequence number. It indicates which image's swap was
interrupted. It is required by multi image boot to determine which
image the trailer belongs to if boot status is found on scratch area
when the swap operation is resumed.

Change-Id: I6820fd8277931aff4f0db408376eae8b42a030ed
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
2019-07-23 09:11:34 -05:00
Szymon Janc 7fea84665f Release 1.3.1
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
2019-07-08 08:50:16 -03:00
Fabio Utzig 195411f212 Add ed25519 TLV to design doc
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-06-28 08:46:12 -03:00
Fabio Utzig 8101d1fa44 Add ed25519 signing support to imgtool
This adds ed25519 signature support using the "prehash" method. Instead
of using the direct contents of the image and header payloads, a sha256
is generated and signed (SHA256-Ed25519). This allows for compatibility
with already existing tools that use the sha256 hash, like mcumgr, etc.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-06-13 19:21:05 -03:00
Christopher Collins a1c1204f65 Fix double swap on interrupted revert
This fixes #480.

When mcuboot rewrites image trailers during a swap, some information is
lost.  If a reset occurs before the swap completes, mcuboot may not be
able to determine what which swap type to resume upon startup.
Specifically, if a "revert" swap gets interupted, mcuboot will perform
an extraneous swap on the subsequent boot.  See
https://github.com/JuulLabs-OSS/mcuboot/issues/480 for details.

This commit adds an additional field to the image trailer: `swap-type`.
The new trailer structure is illustrated below:

```
     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    ~                                                               ~
    ~    Swap status (BOOT_MAX_IMG_SECTORS * min-write-size * 3)    ~
    ~                                                               ~
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    ~                 Encryption key 0 (16 octets) [*]              ~
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    ~                 Encryption key 1 (16 octets) [*]              ~
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |           Swap size           |    0xff padding (4 octets)    |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |   Swap type   |           0xff padding (7 octets)             ~
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |   Copy done   |           0xff padding (7 octets)             ~
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |   Image OK    |           0xff padding (7 octets)             ~
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    ~                       MAGIC (16 octets)                       ~
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
```

The `swap-type` field contains one of the `BOOT_SWAP_TYPE_[...]` constants.
Every time a trailer is written, this field is written along with it.
When resuming an interrupted swap, mcuboot uses this field alone to
determine the type of swap being resumed. For new swap operations
(non-resume case), this field is not read at all; instead, mcuboot
consults the `boot_swap_tables` array to determine the swap operation to
perform (as it did prior to this commit).

Some additional changes were necessary to make all the simulated unit
tests pass:

* Before initiating a new swap operation, always write the image trailer
to the scratch area.  This step allows mcuboot to persist the
`swap-type` field somewhere before erasing the trailer in the primary
slot.  If a reset occurs immediately after the erase, mcuboot recovers
by using the trailer in the scratch area.

* Related to the above: if the scratch area is being used to hold status
bytes (because there are no spare sectors in the primary slot), erase
the scratch area immediately after the trailer gets written to the
primary slot.  This eliminates ambiguity regarding the location of the
current trailer in case a reset occurs shortly afterwards.

Signed-off-by: Christopher Collins <ccollins@apache.org>
2019-05-31 10:15:08 -07:00
Fabio Utzig 19fd79a496 Add RSA-3072 support to imgtool
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-05-16 14:01:19 -03:00
Fabio Utzig 3501c01641 Add bootutil support for RSA-3072
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-05-16 14:01:19 -03:00
Fabio Utzig e1727d9d2b Add Mynewt specific release information
Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-05-06 15:31:48 -03:00
David Vincze 2d736ad4c5 Replace flash partitioning terminology
This change replaces the slot 0/1 terminology with primary/secondary
slot and replaces FLASH_AREA_IMAGE_0/1 with
FLASH_AREA_IMAGE_PRIMARY/SECONDARY. This naming convention may be more
understandable, fits better to MCUs with multiple images and it is an
architecture agnostic alternative as well.

Change-Id: I655a585f6ae023852c671ee6635399efe25209c9
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: David Brown <david.brown@linaro.org>
2019-03-13 15:40:21 -06:00
Maureen Helm 0e0c488ab4 docs: samples: Update pyocd calls to unified tool subcommands
pyocd 0.14.0 merged its command-line tools into a unified pyocd tool
with subcommands. The separate command-line tools still remain, but are
deprecated. Update all pyocd calls in samples and documentation to use
the new unified pyocd tool with subcommands.

Note that pyocd 0.15.0 has an issue with the command 'pyocd erase',
which was fixed in pyocd 0.16.0.

Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
2019-02-19 14:09:36 -03:00
David Brown b1d15a7195 docs: Release notes for 1.3.0-rc1
Signed-off-by: David Brown <david.brown@linaro.org>
2019-01-24 10:03:37 -07:00
Ruth Fuchss db1a5f3b6a doc: fix typo in file name
Broken link in design.md since the file name is misspelled.

Signed-off-by: Ruth Fuchss <ruth.fuchss@nordicsemi.no>
2019-01-14 15:00:35 -02:00
Fabio Utzig 3635a0c330 Update Jekyll due to CVE
https://nvd.nist.gov/vuln/detail/CVE-2018-17567

Signed-off-by: Fabio Utzig <utzig@apache.org>
2019-01-02 16:43:39 -02:00
Fabio Utzig a3c2f05754 Fix main github repo links in docs
This updates all references from github.com/runtimeco to
github.com/JuulLabs-OSS in docs and yml files.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-11-16 15:10:52 -03:00
Sigvart M. Hovland 68b3053694 Add deprecated warning to Jira and Confluence links
This will fix #336 by adding deprecation warning to Jira and
Confluence links as these are not used by the project anymore.

Signed-off-by: Sigvart M. Hovland <sigvart.m@gmail.com>
2018-10-22 15:30:47 -03:00
Fabio Utzig cdfa11a7a9 Add encrypt images design/usage documentation
Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-10-12 13:36:13 -03:00
Fabio Utzig eb1e8d465f Update jekyll dependencies to fix CVE-2018-1000201
https://nvd.nist.gov/vuln/detail/CVE-2018-1000201

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-09-13 08:40:46 -03:00
Piotr Mienkowski 8a474ff082 docs: zephyr: add "Installing Requirements and Dependencies"
This patch documents requirements and dependencies necessary to build
mcuboot on Zephyr.

Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
2018-08-08 07:02:50 -03:00
Fabio Utzig 6f9c79526a Remove hal_flash_align from porting requirements
`bootutil` was updated to use exclusively `flash_area_align` removing the
dependency on this single `hal_flash` function.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-08-07 09:58:00 -03:00
Mark Schulte b88b2c4544 docs: (imgtool) explain --pad-header + hex file
Add an explanation for what happens when using the "--pad-header" flag
with a hex file.

Signed-off-by: Mark Schulte <mschulte@lyft.com>
2018-07-17 12:04:17 -03:00
Fabio Utzig 3c93901a71 Update with 1.2.0 release notes
Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-06-26 13:15:48 -03:00
Fabio Utzig 5901fd55f5 Update imgtool documentation
Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-06-22 07:58:14 -03:00
Fabio Utzig 0319cf1c8d Update nokogiri due to CVE-2017-1825
https://nvd.nist.gov/vuln/detail/CVE-2017-18258

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-04-27 07:25:32 -03:00
Marti Bolivar f91bca51a6 Mandate the presence of mcuboot_config/mcuboot_config.h
Mynewt uses this file to convert MYNEWT_VAL(xxx) to MCUBOOT_xxx config
options. Zephyr currently adds config options via the compiler command
line, but it should use this instead.

As prep work for that conversion, add an empty mcuboot_config.h to the
Zephyr port, and include this file unconditionally wherever it's
needed. This takes care of the simulator as well, since that puts
boot/zephyr/include on its C file include path.

This turned up a couple of files (bootutil_priv.h and caps.c) that
were using the MCUBOOT_xxx config values without including the
file. Add the includes there, as they'll be needed later.

To make this official, add it to the requirements in the porting guide
and provide a template file porters can use while getting started.

Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>

fixup! Mandate the presence of mcuboot_config/mcuboot_config.h
2018-04-25 18:44:03 -03:00
Fabio Utzig 8e0a787bff Add boot serial on Mynewt docs
Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-04-12 08:27:54 -03:00
David Brown 520e31ca69 Update Zephyr image signing instructions
Remove the obsolete `sign.sh` script, and fixup the documentation to
refer to the new tooling.

Fixes #245.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-04-06 06:11:07 +08:00
Fabio Utzig 2c05f1bccf Update design doc with BOOT_MAX_IMG_SECTORS config
Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-04-05 18:15:35 -03:00
Carles Cufi 5a9688a5ac doc: zephyr: Extend info about flashing
Add precisions to the information regarding flashing MCUboot and Zephyr
application images in order to make users aware of mass-erase scenarios
that might bite them.

Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2018-04-03 17:10:18 +02:00
Carles Cufi efd783cf97 doc: zephyr: Refer to the BOOTLOADER_MCUBOOT Kconfig option
Since the sample application now uses the BOOTLOADER_MCUBOOT
configuration option, refer to it in the Zephyr documentation itself.

Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2018-03-27 10:09:48 -03:00
Carles Cufi 6168f427ee doc: Document support for .hex files in imgtool
Specify in the documentation that .hex files are supported by imgtool
when signing.

Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2018-03-27 10:09:48 -03:00
Fabio Utzig 4dce6aac8b Change all doc links to use relative names
Github pages assumes that links to files using relative
names point to the same location so this should work both
when accessing through the github browser and mcuboot.com

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-02-12 15:53:07 -02:00
Carles Cufi f242901a85 imgtool: Use a requirements file for dependencies
Instead of relying on distro packages standardize the imgtool
dependencies into a requirements.txt.

Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2018-02-01 16:00:21 -07:00
Carles Cufi 90eda80838 doc: Fix MCUboot capitalization
The correct spelling is "MCUboot", so replace the instances that differ
from this.

Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2018-01-29 15:49:04 -02:00
Fabio Utzig ecc7e14e55 Update nokogiri due to security vulnerability
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050

Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-01-24 07:07:36 -02:00
Carles Cufi 3b61e70b8b docs: Link to instructions from landing pages
Link to usage instructions from the main README file and from
docs/index.md so that the usage is visible from the root documentation
files.

Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2018-01-23 14:08:14 -02:00
Carles Cufi ecc34bb787 doc: Convert rst to md and move to docs/
To avoid having multiple documentation standards, transition all
documentation files to the Markdown (md) format and move them to the
docs/ folder.

Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
2018-01-23 14:08:14 -02:00
Fabio Utzig 49045cc9e8 Update with 1.1.0 release notes
Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-01-09 10:58:29 -07:00
David Brown 31d29c8edb imgtool: Update docs for new key format
Update the dependencies needed, as well as adding a blurb about how to
password protect the private key.

Signed-off-by: David Brown <david.brown@linaro.org>
2018-01-09 09:41:30 -07:00
Fabio Utzig a722f5aaa1 Describe the tradeoffs of scratch size
JIRA: MCUB-74
Signed-off-by: Fabio Utzig <utzig@apache.org>
2018-01-04 10:34:43 -07:00
Marti Bolivar 38d67f76f0 zephyr: add script for running mcuboot tests
It's onerous to work through the tests in docs/testplan-zephyr.md by
hand. Add a script which takes the thinking out of it.

Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2017-11-20 18:10:29 -07:00
Ryan C Johnson ce4fa4400a Correction to swap procedure design documentation
The swap procedure as documented doesn't match the code, and it would
loose the contents of slot1[index] as it's erased before it is copied
anywhere. Also, add the missing word 'to'.

Signed-off-by: Ryan C Johnson <ryan.johnson@flex.com>
2017-10-19 17:41:59 -02:00
David Brown 2467de10c5 Fix `imgtool.py` link in main webpage
URL was referencing old location for this script.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-29 09:03:36 -07:00
David Brown 1d3f67d36e zephyr: Move testplan into sample Makefile
Instead of a bunch of patches that tend to become conflicting, use the
newly parameterized Makefile to make all of the test plans into make
targets.  Update the instructions to match this.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-14 16:10:50 -06:00
David Brown a3032918a3 Update the release documentation
Add instructions about release notes, and pushing tags.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-12 12:08:22 -06:00
David Brown 17e20d1b21 Convert design document to Markdown
The complex blocks are just verbatim, and some of the outline-style
blocks are keps as pre formatted until we decide the right way to format
them.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-12 12:01:09 -06:00
David Brown e5f2d1cdf6 Minor doc cleanups
Fix spelling of MCUboot, and remove a duplicated link.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-12 12:01:09 -06:00
David Brown 37f8afd217 Release notes for 1.0.0.
Move the release notes document into the docs directory, and convert to
Markdown so that it can be rendered on the project's website.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-12 12:01:09 -06:00
David Brown c337025e3a Document the release process
An initial document describing the mechanics of how a release is made.
This is a start of documenting our full development process.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-12 10:37:04 -06:00
David Brown d2fcc21b4f Make docs more visible from home page
Add links to the other documents to the homepage at `index.md`.  Clean
up some of these other documents (including converting the Zephyr test
plan to markdown).

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-11 16:08:47 -06:00
David Brown af30189f63 Create files needed to run Jekyll locally
By adding a Gemfile, it is possible to test the website/documentation
rendering locally.  This expects a reasonably recent version of "bundle"
to be installed, and from within the docs directory:

    bundle update
    bundle exec jekyll serve

will run a small web server on port 4000 to preview the docs.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-11 16:08:47 -06:00
David Brown c20b997137 Remove eol whitespace from doc file
Remove these extraneous end of line spaces.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-11 14:03:28 -06:00
David Brown 12b9dedaf6 Rearrange docs for gh-pages
Github pages allows the documentation to be in the master branch in a
'docs' directory to be rendered as the main site (mcuboot.com).  Rename
this directory, and pull in the documentation files from the old
gh-pages branch.

The main index.md page does not link to the rest of the docs yet, and
that change can be made in a future patch.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-09-11 14:03:28 -06:00