boot_enc_valid() is supposed to return boolena so
changed it return type in order to reflect this.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
enc_state table was indexed with assumption that
image flash area are subsequent and increasing numbers.
It might not be true while building zephyr.
Patch introduce flash_area_id_to_image_slot() implementation for
the zephyr port and uses it to assign proper slot number.
This API is already available in MyNewt.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
This change replaces the slot 0/1 terminology with primary/secondary
slot and replaces FLASH_AREA_IMAGE_0/1 with
FLASH_AREA_IMAGE_PRIMARY/SECONDARY. This naming convention may be more
understandable, fits better to MCUs with multiple images and it is an
architecture agnostic alternative as well.
Change-Id: I655a585f6ae023852c671ee6635399efe25209c9
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: David Brown <david.brown@linaro.org>
Adds scripts to build and test many Mynewt project configurations; this
avoids breaking builds after changes are not tested for some particular
configuration option.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Add a new directory "ci", to easily add new tests with setup/run phases
that don't require direct setup in .travis.yml. This also avoids
polution of scripts/.
Signed-off-by: Fabio Utzig <utzig@apache.org>
The pattern that 'set_conf_file' has been added to the Zephyr build
system, so it is not necesary for the application build script to
implement it.
Also, the macro has been deprecated, so it should not be used.
This change is a pure refactoring.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
The logger issue on Xtensa is resolved in mainline Zephyr with
239805b2d82aebee4969c3ae57fbf8025c4fb60d. Hence logging can be
enabled now.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
This Kconfig parameter makes MCUboot wait for a prescribed duration
of time to allow for USB DFU to be invoked.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Fix#10990.
A warning is triggered when snprintf is used because it is being
declared / configured incorrectly. The MBEDTLS configuration is
defaulting to disabling all of LIBC, and then explicitly enabling the
LIBC functions in use, this has been done for printf with
MBEDTLS_PLATFORM_STD_PRINTF, but not for
MBEDTLS_PLATFORM_STD_SNPRINTF.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Zephyr changed way of generation UART device name label
which implies device name label text change.
Patch aligns the code to above change.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
zephyr macro min() was hanged to MIN()
Kconfig key CDC_ACM_PORT_NAME was changed to CDC_ACM_PORT_NAME_0
zephyr sha of the fixing time is 406dc2cb0e2868392f444677ace416440695829f.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Cleaned up the conf file for intel_s1000_crb by defining only
those values that are different from prj.conf.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The pyocd runner in zephyr changed its arguments slightly when it
converted to the new unified pyocd tool with subcommands. Change the
board runner args here similarly so we can use 'west flash' again for
the zephyr bootloader.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
pyocd 0.14.0 merged its command-line tools into a unified pyocd tool
with subcommands. The separate command-line tools still remain, but are
deprecated. Update all pyocd calls in samples and documentation to use
the new unified pyocd tool with subcommands.
Note that pyocd 0.15.0 has an issue with the command 'pyocd erase',
which was fixed in pyocd 0.16.0.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
Let's ensure that random Zephyr changes in logging don't affect
the resource usage in MCUBOOT, by setting LOG_LEVEL_DEFAULT
to 0.
Signed-off-by: Michael Scott <mike@foundries.io>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Rather than use LOG_DEFAULT_LEVEL to control MCUBOOT's log output,
let's create an MCUBOOT specific log level setting.
Signed-off-by: Michael Scott <mike@foundries.io>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Commit 1d9e5ee1 ("logging: Refactoring 'in place' mode to reduce memory
footprint") changed the resource restrained version of LOGGER from
LOG_INPLACE_PROCESS to LOG_IMMEDIATE.
Signed-off-by: Michael Scott <mike@foundries.io>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Zephyr flash_map reworks caused that areas id exact number are
assigned dynamically.
This patch i counterpart to
https://github.com/zephyrproject-rtos/zephyr/pull/8837
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The upstream Zephyr runner for nrfjprog now supports an --erase
toggle, which controls whether a mass-erase is done. Add that to its
invocation when CONF_ZEPHYR_TRY_MASS_ERASE is given, just like is done
for dfu-util and pyocd.
Signed-off-by: Marti Bolivar <marti@foundries.io>
This change affects the "set pending" operation. That is, the operation
that configures mcuboot to temporarily swap images on the next boot.
PRIOR TO COMMIT:
If the slot 1 trailer contained an invalid 128-bit magic number, an
assertion would fail, causing a crash.
AFTER COMMIT:
If corruption is detected in the slot 1 trailer, the entire image slot
is erased, and the "set pending" operation fails with a `BOOT_EBADIMAGE`
status.
RATIONALE:
mcuboot cannot meaningfully recover from data corruption. The only
recourse is to erase the bad data so that future upgrades can be
performed. I was tempted to add a build-time setting to control whether
the image slot gets erased when corruption is detected, but I dont think this
freedom justifies the cost of extra config. A device with a corrupt
image slot can no longer be upgraded, so the only reason someone would
want to preserve the corrupt data would be for debugging.
Signed-off-by: Christopher Collins <ccollins@apache.org>
Disable logging and enable size optimizations on
nrf51_pca10028 target in order to fit in boot slot size
for out-off-the-box build.
fixes#411
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Newt only allows the following stability strings in a repo version:
VERSION_STABILITY_NONE = ""
VERSION_STABILITY_STABLE = "stable"
VERSION_STABILITY_DEV = "dev"
VERSION_STABILITY_LATEST = "latest"
VERSION_STABILITY_COMMIT = "commit"
An attempt to update a project that uses mcuboot would choke due to the
invalid stability string "rc1":
Error: Unknown stability (rc1) in version 1.3.0-rc1
Signed-off-by: Christopher Collins <ccollins@apache.org>
Previously it was assumed that the trailer would fit one sector. While
this works for most devices, some which happen to have lots of sectors
end up using lots of space for their swap status area. The same issue
could also happen if sectors are small (less than 2K/4K, for example).
This fixes the issue by checking the trailer size and erasing all
sectors that encompass it.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Modernize and simplify the build scripts of the Zephyr
bootloader. Most notably, the new build scripts are targeting the
'zephyr_library_' API instead of the 'target_' API.
In addition to simplifying the build scripts, this permits us to be
automatically compatible with an upcoming change that will break the
'target_' API but not the 'zephyr_library_' API.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Instead of detecting an invalid Kconfiguration during CMake
Configure-time we detect it where it belongs, in Kconfig.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
The default board should be set simply by 'set'ing the BOARD. This has
the lowest precedence of all possible inputs.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
The presence of a Kconfig file will be checked by the build system so
it is not necessary to explicitly set KCONFIG_ROOOT.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Set the public key for ECDSA tests to use the ECDSA. This avoids a link
error with:
../app/libapp.a(keys.c.obj):(.rodata.bootutil_keys+0x0): undefined reference to `ecdsa_pub_key'
../app/libapp.a(keys.c.obj):(.rodata.bootutil_keys+0x4): undefined reference to `ecdsa_pub_key_len'
Signed-off-by: David Brown <david.brown@linaro.org>
The travis config allows multiple tests to run in parallel. Run a small
program that does the same thing.
Signed-off-by: David Brown <david.brown@linaro.org>
Commit 3ac36ead3 updated the bundled asn1parser, which now consists of
two files. The Zephyr build system was not updated with that commit which
has broken ECDSA signature builds. This adds the new file.
This fixes#397.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This removes the unsafe Tinycrypt bindings previously used for signing
with ECDSA, and relies on ring native support.
The ring library was updated to 0.14.1.
Signed-off-by: Fabio Utzig <utzig@apache.org>
While loading a new EC point, when it was smaller than the expected
number of bytes, a zero padding was being written beyond the end of the
buffer instead of at the initial position.
While this has been working before, it broke when images were signed using
the ring API.
Signed-off-by: Fabio Utzig <utzig@apache.org>
The ring crypto library used by the simulator only accepts PEM keys in
PKCS#8 format; this provides a conversion of the original bundled key.
```
$ openssl pkcs8 -topk8 -nocrypt -in ../root-ec-p256.pem -out ../root-ec-p256-pkcs8.pem
```
Signed-off-by: Fabio Utzig <utzig@apache.org>
The board cannot output logs on the UART because it is used
by MCUBoot's serial recovery for DFU. Remove logging and
the RTT console from project defaults.
Signed-off-by: Emanuele Di Santo <emdi@nordicsemi.no>
Fabio Utzig