Commit Graph

163 Commits

Author SHA1 Message Date
David Brown 29099e1d17 Preps for 1.8.0
Update version fields for 1.8.0 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-10-13 10:03:58 -06:00
David Brown 0779f4f4d2 Preps for 1.8.0-rc2
Update version fields for 1.8.0-rc2 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-09-29 15:31:32 -06:00
David Brown ae35510b58 Preps for 1.8.0-rc1
Update version fields for 1.8.0-rc1 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-08-31 09:09:22 -06:00
Carl-Johan Landin f44fd6199c zephyr: update devicetree py package lib files include path in assembly
This PR updates the path to the devicetree python package lib files according to the Zephyr PR
zephyrproject-rtos#33746 which moved the devicetree lib files.

Old path: ZEPHYR_BASE/scripts/dts/
New path: ZEPHYR_BASE/scripts/dts/python-devicetree/src/devicetree/

Signed-off-by: Carl-Johan Landin <carl-johan.landin@endian.se>
2021-07-26 10:19:14 +02:00
Salome Thirot 0f64197aff boot: Add AES256 support for image encryption
Support only works when using mbedtls as the cryptographic library.

Signed-off-by: Salome Thirot <salome.thirot@arm.com>
2021-05-18 07:25:12 -03:00
David Brown 1997f539f7 sim: Remove extraneous static
According to clippy, `&'static` can just be `&` for static definitions,
which always have a static lifetime.  Clean this up in the arrays in the
code, as well as generation code in imgtool.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-03-11 07:25:43 -07:00
Fabio Utzig 8a5e49876e imgtool: rollback to 1.7.0 release
Since there won't be anymore alpha releases, rollback to latest official
(from master). The next released versions now can be either 1.7.X from
v1.7-branch or X.Y.Zrc1 for the release candidate of next stable
version.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2021-02-12 09:28:47 -03:00
Fabio Utzig d62631af57 imgtool: fix encrypting hex images
Fixes padding hex images when encrypting. The issues stems from binaries
using `bytes` and IntelHex returning `array` where `bytes` cannot be
appended to, so use `.extend()` instead.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2021-02-11 12:41:39 +01:00
David Brown 79c4fcf403 scripts: Add SPDX headers
Add SPDX headers indicating the Apache-2.0 license to the scripts in the
scripts directory.  This can be assumed due to the presence of the
Apache-2.0 LICENSE file at the top of the project.

Fixes #930

Signed-off-by: David Brown <david.brown@linaro.org>
2021-01-28 09:36:55 +01:00
Fabio Utzig d12a8da287 imgtool: fix validation with protected TLVs
After the change to support protected TLVs, the `verify` command was not
updated with proper support. Fix it by skipping any protected TLV found,
and fix the size of the hashed/signed region to also include the
protected TLV area.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2021-01-25 16:49:05 -03:00
Dominik Ermel 50820b1611 mgtool: Add support for setting fixed ROM address into image header
The commit adds support for IMAGE_F_ROM_FIXED flag that allows setting
information on image base address into image_header.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2020-12-16 18:06:33 +01:00
Andrzej Puzdrowski a8e12dae38 Preps for 1.7.0 release
Update version fields for 1.7.0 release.
Added compatibility note for zephyr-rtos.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2020-11-25 16:26:11 +01:00
Andrzej Puzdrowski e75966105a Preps for 1.7.0-rc2
Update version fields for 1.7.0-rc2 release.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2020-11-12 11:14:28 +01:00
Fabio Utzig de1d72d069 doc: fix github urls to use the new org
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2020-11-10 14:19:19 -03:00
Andrzej Puzdrowski 69344636be Preps for 1.7.0-rc1
Update version fields for 1.7.0-rc1 release.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2020-10-30 17:56:02 +01:00
Roman Okhrimenko 42b32394d6 imgtool: Add possibility to set confirm flag for hex files as well
Fix imgtool does not take into account value of confirm flag, when signing .hex images

Signed-off-by: Roman Okhrimenko <roman.okhrimenko@cypress.com>
2020-09-18 20:30:14 +03:00
David Vincze b2a1a48561 imgtool: Fix 'custom_tlvs' argument handling
When Image.create() is called without the 'custom_tlvs' argument, it
gets its default value (None). It must be checked before performing
any operations on/with it.

Change-Id: I8e0755265f35f9eeb796fe078a6ad8c8d9f2b8da
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-09-18 14:45:13 +02:00
Tamas Ban 67e3fff047 docs: Revert the moving of design.md
This commit fix the issue reported in #803:
https://github.com/JuulLabs-OSS/mcuboot/issues/803

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2020-09-18 10:51:22 +02:00
Tamas Ban fe03109ab1 boot: Add ram-load upgrade mode
This patch introduces the ram-load mode in addition to the other
upgrade modes (swap strategies, overwrite-only, direct-XIP). When
ram-load is enabled with the MCUBOOT_RAM_LOAD option, mcuboot
selects the newest valid image based on the image version numbers from
the image header, thereafter the selected image loaded to the RAM and
executed from there. Load address is extracted from the image header.
Therefore the images must be linked to the RAM memory region.
The ram-load mode is very similar to the direct-XIP mode, main
difference is to load the newest image to the RAM beforehand the
authentication and execution. Similar to direct-XIP mode either
of the primary and the secondary slots can hold the active image.

Ram-load can be useful in case of a bit more powerful SoC, which
is not constrained in terms of internal RAM. It could be that image
is stored in external and therefore untrusted flash. Loading image
to internal (trusted) RAM is essential from the security point
of view the system. Furthermore execution from internal RAM is much
faster than from external flash.

This patch is based on the RAM_LOADING upgrade strategy which was
first introduced in the Trusted Firmware-M project.
Source TF-M version: TF-Mv1.0.

Change-Id: I95f02ff07c1dee51244ac372284f449c2efab362
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
2020-09-16 11:06:30 +02:00
Casper Meijn 2a01f3f341 imgtool: Print image digest during verify
In an effort to create a script to do firmware based on an URL, I could
not easily retrieve the image digest. `newtmgr` needs the hash when
marking a image for testing.

Signed-off-by: Casper Meijn <casper@meijn.net>
2020-09-09 07:34:01 -03:00
Martí Bolívar 009a150422 imgtool: --confirm implies --pad
As discussed in
https://github.com/zephyrproject-rtos/zephyr/pull/28026, when
generating confirmed images, it makes sense to pad them.

Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
2020-09-08 07:26:30 -03:00
Fabio Utzig 37dec81940 imgtool: fix package's author email
Fix author email after move to new mailing list.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2020-08-18 08:04:58 -03:00
David Vincze e574f2d617 boot: Introduce direct execute-in-place (XIP) mode
This patch introduces the direct execute-in-place (XIP) mode in addition
to the other upgrade modes (swap strategies, overwrite-only). When
direct-XIP is enabled with the MCUBOOT_DIRECT_XIP option, mcuboot
selects the newest valid image based on the image version numbers from
the image header, thereafter the selected image runs directly from its
flash partition (slot) instead of moving it. Therefore the images must
be linked to be executed from the given image slot. It means that in
direct-XIP mode either of the primary and the secondary slots can hold
the active image.

This patch is based on the NO_SWAP upgrade strategy which was first
introduced in the Trusted Firmware-M project.
Source TF-M version: TF-Mv1.0.

Change-Id: If584cf01ae5aa7208845f6a6fa206f0595e0e61e
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-08-12 09:39:44 +02:00
Ihor Slabkyy 1a1600b0cd Change imgtool version to 1.7.0a1
Signed-off-by: Ihor Slabkyy <ihor.slabkyy@cypress.com>
2020-08-05 09:05:14 -03:00
Fabio Utzig 826abf4645 imgtool: update help message for slot-size
In case slot sizes are different, use the secondary slot (to use for
calculations, padding, etc).

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-07-14 11:11:05 -03:00
Fabio Utzig 6ec2ec32cb assemble: Allow use of ZEPHYR_BASE environment var
Make `-z` flag optional, so if it is not provided rely on the
ZEPHYR_BASE environemnt variable to find the Zephyr tree.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2020-07-10 15:26:13 -03:00
Viktor Sjölind f1e6e9ccec zephyr: Find board name from dts.pre.tmp file
In scripts/assemble.py:

Use the <board_name>.dts.pre.tmp file in <build-dir>/zephyr to find the
board name.

This allows the build directory path to be set freely and not enforcing
directory structures.

Signed-off-by: Viktor Sjölind <viktor.sjolind@endian.se>
2020-07-10 09:16:25 -03:00
Torsten Rasmussen 33fbef51c0 cmake: scripts: now using ZEPHYR_BASE as local variable
This commit is a followup to the usage of `find_package(Zephyr ...)`.

The zephyr/hello-world sample has been updated to use find_package.
The assemble.py script now takes ZEPHYR_BASE as an argument, so it may
be used from CMakeLists.txt files when ZEPHYR_BASE is not set in
environment, and thus the Makefile sample has been adjusted accordingly.

Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
2020-06-15 15:27:48 +02:00
Ihor Slabkyy 24d93738d5 Add a way to specify custom TLVs.
Custom TLVs will be placed in the protected area.

Tag and value come from command line.

Values with 0x prefix will be interpreted as an integer, otherwise
it will be interpreted as a string.

Signed-off-by: Ihor Slabkyy <ihor.slabkyy@cypress.com>
2020-06-04 13:02:41 -06:00
David Brown 50d24a5751 Preps for v1.6.0 release
Update README, release notes the mynewt repository file, and imgtool for
the v1.6.0 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-05-22 11:59:39 -06:00
Kumar Gala 45b00acf0f scripts/assemble: Rework to use EDT library to get devicetree data
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2020-05-15 15:11:56 -06:00
David Brown 82c5f7c65c Preps for 1.6.0-rc2 release
Update various version fields.  Also include a note in the release notes
describing Zephyr compatibility.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-05-06 08:40:22 -06:00
David Brown e06ef9bca2 Bump imgtool version to 1.6.0-rc1.
Signed-off-by: David Brown <david.brown@linaro.org>
2020-04-22 18:27:00 -06:00
David Vincze 80a76f4af4 imgtool: release 1.6.0alpha3
Change-Id: I1a32938745c07c517743d2af9d0d5d2620813852
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-04-14 12:27:16 +02:00
David Vincze 1e0c54429d imgtool: Set RAM_LOAD flag in header when needed
Set the RAM_LOAD flag in the image header when a load address was passed
to the imgtool script, indicating that the image should be loaded into
RAM and run from there.

Change-Id: Id9d2c179d7fa1ff7d15cf671c09c61b5b78c88a8
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-04-10 15:31:25 -06:00
Fabio Utzig 7973f573b7 imgtool: bump version to 1.6.0-alpha2
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-04-10 17:56:14 -03:00
Fabio Utzig 4facd1b7c7 imgtool: Add x25519 key generation and getpriv
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-04-10 17:56:14 -03:00
Fabio Utzig 960b4c5ef0 imgtool: Add ECIES-X25519 image encryption support
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-04-10 17:56:14 -03:00
Fabio Utzig 67c59fa5ad imgtool: Fix ECDSA references in ED25519
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-04-10 17:56:14 -03:00
David Vincze dde178dbc8 imgtool: Add --public-key-format option to imgtool
The --public-key-format option can be used to distinguish where
the public key is stored for image authentication. It can be embedded
in MCUboot or by selecting 'full' it can be in the image manifest.

The source of this change:
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1579

Change-Id: If658dff8147cfce2f27bfc0209ecf0d6d9cb2a73
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-04-07 09:20:13 -06:00
Fabio Utzig 9560d77371 imgtool: keys: fix tests
Fix tests that were broken due to changes in key interfaces.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-04-06 17:34:57 -03:00
Henrik Brix Andersen a40b199761 scripts: assemble.py: switch to using devicetree_legacy_unfixed.h
Switch to using the devicetree_legacy_unfixed.h header for extracting
flash partition information.

Zephyr has switched to using a new gen_defines.py script and a new set
of macros/defines for devicetree code generation for all nodes except
flash partitions, which are still in the legacy format.

Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
2020-03-31 08:47:40 -03:00
David Vincze 6bfa9e5853 imgtool: release 1.6.0alpha1
Change-Id: I7ae2bff9d16c39f7cc5fee3a08437f0a25e7cddc
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-03-26 12:23:36 +01:00
David Vincze 71b8f981df imgtool: Add CBOR encoded boot record to TLV area
Add new '--boot-record' option for imgtool to add a new type of TLV to
the image manifest called BOOT_RECORD. This TLV contains CBOR encoded
data with some basic information about the image (SW component) it
belongs to, these are the following:
- SW type (role of the software component)
- SW version
- Signer ID (identifies the signing authority)
- Measurement value (hash of the image)
- Measurement type (algorithm used to calculate the measurement value)

The boot_record.py file and most of the modifications in image.py are
coming from the Trusted Firmware-M project
(https://www.trustedfirmware.org/about/).
Hash of the source commit: 08d5572b4bcee306d8cf709c2200359a22d5b72c.

This patch is based on the recommendations of Arm's Platform Security
Architecture (PSA) and its purpose is to support compliance with it.

Change-Id: I379ccc57b48ad2311837cb3fd90f5f9d1c9b5bac
Signed-off-by: David Vincze <david.vincze@linaro.org>
2020-03-26 12:23:36 +01:00
David Brown 4878c27c82 imgtool: Remove default padding of ECDSA sigs
Since commit:

    commit a36082664e
    Author: David Brown <david.brown@linaro.org>
    Date:   Thu Dec 12 15:35:31 2019 -0700

        ecdsa: Allow ECDSA signatures to be actual length

MCUboot no longer requires ECDSA signatures to be padded to a fixed
length.  This change makes imgtool, by default, also no longer add this
padding to images.  There is an option `--pad-sig` that can be given to
the sign command to re-instate this padding.  This flag will be needed
to make images that will work with older (pre 1.5.0) versions of
MCUboot.

Signed-off-by: David Brown <david.brown@linaro.org>
2020-03-18 09:05:21 -06:00
Anthony Liu 04630cea43 fix #675 ECDSA verification fail when padding is added
Signed-off-by: Anthony Liu <antliu@gmail.com>
2020-03-13 17:52:59 +01:00
Henrik Brix Andersen 0ce958e709 imgtool: add option for confirming a padded image
Add imgtool command line option for confirming (setting image_ok =
0x01) in a padded image.

Fixes: #664

Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
2020-03-11 11:15:36 -03:00
David Vincze 1a7a6905c5 imgtool: Add security counter to image manifest
Optionally add new security counter TLV to the protected image manifest
and also introduce a new command line option for the imgtool to specify
the value of this counter. The security counter can be used in rollback
protection to compare the new image's security counter against the
active counter value. Its value can be independent from the image
version, but if the 'auto' keyword is passed in the argument list of the
script then it will be generated from the version number (not including
the build number).

The value of the security counter is security critical data. Therefore,
it must be part of the protected TLV area.

Change-Id: I45926d22364d0528164f50fa379abf050bdf65ff
Signed-off-by: David Vincze <david.vincze@arm.com>
2020-02-25 23:43:12 +01:00
Fabio Utzig 310af87f61 Update to v1.5.0
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-19 10:29:01 -03:00
Fabio Utzig 7de8a29672 Preparing for v1.5.0-rc2
Signed-off-by: Fabio Utzig <utzig@apache.org>
2020-02-17 11:22:32 -03:00