Clippy suggests using a range with `contains` in situations where we
test if a value is within a range.
Signed-off-by: David Brown <david.brown@linaro.org>
Apply clippy suggestions to directly result in values instead of
returning those values at the end of a function. Better matches common
Rust style.
Signed-off-by: David Brown <david.brown@linaro.org>
In rust, if a struct field is initialized with a variable with the same
name as the field, it is redundant to say `field: field` as the
initializer, and just `field` is sufficient. Fix the instances of this
that clippy suggests.
Signed-off-by: David Brown <david.brown@linaro.org>
Cleanup some of the unsafe usage in mcuboot-sys. In one case, add a
safety comment to the function documentation. In the other, move the
unsafe to a narrower scope, reducing the number of instances of unsafe
needed. From clippy suggestions.
Signed-off-by: David Brown <david.brown@linaro.org>
Clippy suggests implementing Default when the `new` function for that
type just initializes the type to default values.
Signed-off-by: David Brown <david.brown@linaro.org>
According to clippy, `&'static` can just be `&` for static definitions,
which always have a static lifetime. Clean this up in the arrays in the
code, as well as generation code in imgtool.
Signed-off-by: David Brown <david.brown@linaro.org>
The commit fixes definition and usage of ZEPHYR_LOG_MODE_MINIMAL
to prevent compilation warnings on possibly non-portable code.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This incorporates changes both from the dependency changes in simflash,
as well as some minor changes that recent versions of Cargo make.
Signed-off-by: David Brown <david.brown@linaro.org>
The thiserror crate seems to be getting more momentum in the community
than failure. Switch to this for deriving our own error type.
Signed-off-by: David Brown <david.brown@linaro.org>
Add Mbed TLS ECDSA signature verification as an option (in addition to
Tinycrypt and the CC310 hardware version). Although the Mbed TLS ECDSA
verification code is both larger and slower, this will still save space
if there is another reason that the Mbed TLS code is already being
brought in for another reason (such as certificate management, for
example).
Mbed TLS's ECDSA verification works at a different level than the other
two libraries, so this takes a bit of reworking. There are some
additional parameters passed to the various functions, and a new define
MCUBOOT_ECDSA_NEED_ASN1_SIG to indicate that the ecdsa verification
wants the original ASN1 signature, not a decoded key.
This adds the boot changes and simulator support to test this configuration.
Signed-off-by: David Brown <david.brown@linaro.org>
The commit adds logic that checks if image, that has IMAGE_F_ROM_FIXED
flag set together with proper address in header, has not been mismatched
with slot.
This code will prevent attempting to boot image that has been build for
different ROM address than a slot it currently resides in.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The IMAGE_F_ROM_FIXED, now supported by imgtool and mcumgr, allows to
use image_header.ih_load_addr to store fixed ROM address information.
The address is provided for Direct-XIP mcuboot to be able to verify
if it can boot an image in given slot, by checking if the address
the image has been built for corresponds to slot address.
This flag is not required to be set within image, in which case
the check will not happen, but is highly desired as it allows mcuboot
to detect images that have been mismatched with slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit changes banner message to indicate that bootloader has been
built for Direct-XIP mode.
It also removes, in Direct-XIP compiled code, information on jumping
into first slot: that information is not always correct for Direct-XIP
and other messages correctly point slot that will be used.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Since there won't be anymore alpha releases, rollback to latest official
(from master). The next released versions now can be either 1.7.X from
v1.7-branch or X.Y.Zrc1 for the release candidate of next stable
version.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Fixes padding hex images when encrypting. The issues stems from binaries
using `bytes` and IntelHex returning `array` where `bytes` cannot be
appended to, so use `.extend()` instead.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Setting LED to initial level before beginning.
Making comment about BOOT_SERIAL_DETECT_DELAY more clear in Kconfig.
Signed-off-by: Jared Wolff <hello@jaredwolff.com>
Part of defines which are needed for bootutil_public.c compilation
were moved to separate file, so the bootutil_public library doesn't
need to include cryptographic libraries headers anymore.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Objective for existence botutil_public.c is to provide common code
for MCUboot itself and for an chain-loaded application. Therefor
it shouldn't depend on MCUboot exclusive functions or so.
This path moves missing part of bootutil_private.h to bootutil_private.c
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Add watchdog timer to MCUBootApp plus BlinkyApp to implement additional way of boot/upgrade image operation confirmation.
Signed-off-by: Roman Okhrimenko <roman.okhrimenko@cypress.com>
Add SPDX headers indicating the Apache-2.0 license to the scripts in the
scripts directory. This can be assumed due to the presence of the
Apache-2.0 LICENSE file at the top of the project.
Fixes#930
Signed-off-by: David Brown <david.brown@linaro.org>
CONFIG_LOG_MINIMAL was replaced by CONFIG_LOG_MODE_MINIMAL since
https://github.com/zephyrproject-rtos/zephyr/pull/31404 PR was
merged.
CONFIG_LOG_MINIMAL is still emitted as legacy property, but
can't be assigned so prj.conf was fixed.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
After the change to support protected TLVs, the `verify` command was not
updated with proper support. Fix it by skipping any protected TLV found,
and fix the size of the hashed/signed region to also include the
protected TLV area.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
Addresses issues when running signed-off-by checks on the Zephyr fork
due to GH rebases done on UX rewriting the commit with the primary email
instead of whatever email was used originally.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
To fix a regression caused by f68473814f,
where an older TF-M version was used that didn't support the bootutil
cmake.
Signed-off-by: Raef Coles <raef.coles@arm.com>
Check the environment variable `PTEST_LOG_ALL`, and if it is set, write
the output of all test runs to a log file instead of just the failures.
Failed test are still written to failure-nnnn.log, but successful runs
are written to success-nnnn.log. If the environment variable is not
set, ptest behaves as before, only writing to log files when there is a
failure.
Signed-off-by: David Brown <david.brown@linaro.org>
To help determine where time is being spent in tests, add a 'time'
command to the test invocation script. In addition, split the test
invocation into a separate build and run stage. This can be useful with
another change to ptest that logs all test outputs instead of just
failures.
Signed-off-by: David Brown <david.brown@linaro.org>
Modify the function boot_add_data_to_shared_area from static to global
thereby it can be used in the user interface boot_save_shared_data.
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
Change-Id: Ic6a36eb526a0883a156f832942af3138bde86dd6
Added boot_read_image_ok() to public API as reading image_ok
might be used by the chain-loaded application for checking by
image itself its confirmation state.
Additionally extracted common code for determine a trailer flag to
boot_read_flash() function.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Part of code of boot/bootutil/ is re-implemented in zephyr-rtos
repository.
As some code are defined here and there it becomes problem when
need to include it with outstanding feature in a build.
It is possible to mitigate problem using #fdefry - but this was
rather temporary hack.
This patch introduce new module which is common for MCUBoot build
and application build.
Common code were extracted to bootutil_public.c source file and
bootutil_public.h header
MCUboot also select DISABLE_MCUBOOT_BOOTUTIL_LIB_OWN_LOG Kconfig
option, as it must define log configuration on its own for all its
sourcecode.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Fix compilation with CONFIG_LOG_MINIMAL enabled by disabling the
custom log handling code.
Fixes e75e33d981
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Update volume maps so local directories in the Travis VM map correctly
to the Docker expected PATH for script running. Misc cleanups.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
Update install script to avoid building a docker image and instead pull;
also add proper caching for re-runs.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
Update Dockerfile to only build a distro and required tooling, avoiding
adding source repositories, including tfm and mcuboot, so that it can be
reused without the need to rebuild all the time.
This should allow pushing the image under mcuboot/fih-test and
pulling+caching in Travis.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
Now that the travis description is empty, ptest no longer runs any
tests. Change it to use the github workflow description. It is still
fairly specific to our particular workflow, and will need to be updated
if the form of what is there changes.
The workflow description is quite a bit simpler, so a bunch of code has
been removed.
Signed-off-by: David Brown <david.brown@linaro.org>
David Brown