The swap status area is used to maintain information that allows
recovery when interrupted in the middle of a swap. This area has no
usefulness when doing a overwrite-only upgrade, which always copies the
entire slot.
Signed-off-by: Fabio Utzig <utzig@apache.org>
In order to provide a pleasant out-of-the-box experience to users,
default to the RSA .pem file so that users do not get a cryptic error
when building with the default .conf file in upstream.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add the new `--slot-size` and make `--pad` a bool flag, to allow
checking that firmware fits in the slot without overflowing into the
trailer region even when no padding was requested.
Fixes#241
Signed-off-by: Fabio Utzig <utzig@apache.org>
The hardcoded keys for Zephyr were removed and external references were
added for the built time autogenerated variables. A hardcoded key file
was added specifically for the simulator.
Signed-off-by: Fabio Utzig <utzig@apache.org>
For both RSA (which uses Zephyr's mbedTLS copy) and ECDSA (which uses
our own for ASN1 parsing) use the common "mcuboot-mbedtls-cfg.h" header
file instead of relying on the default config.h bundled with mbedTLS.
Additionally issue a descriptive error when CONFIG_MBEDTLS is set and we
are building with our own copy.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This adds a new command line flag to allow passing in the max number of
sectors for a swap when the image is padded. It defaults to 128 and
should match the value configured in the bootloader.
Fixes#285
Signed-off-by: Fabio Utzig <utzig@apache.org>
This removes settings of log level on a per file basis. The log level
should be set by the global config, while per file log configuration can
still be set, don't enforce them.
Signed-off-by: Fabio Utzig <utzig@apache.org>
For Mynewt when no logging (default option) or serial boot was selected,
avoid initializing all serial supporting system. This enables to save
flash space when only basic bootloader functionality is used.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Now bootutil_log.h was converted to use per platform logging primitives
defined according to documentation established on the template file.
Some "null" macros were left to avoid breaking per source logging level
definition when MCUBOOT_HAVE_LOGGING was not defined.
Signed-off-by: Fabio Utzig <utzig@apache.org>
New logging macros were added for all supported platforms, following the
documentation defined in the template config file.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Zephyr has changed the format of macros used to define flash
area partitions -- they no longer contain the `_0` suffix.
Signed-off-by: Kiril Zyapkov <kiril.zyapkov@gmail.com>
These (currently) trivial files do not add license headers. Go ahead
and add the boilerplate Apache header.
In addition, I've also added an SPDX header. Although this is a first
for the MCUboot project, this will provide a template for adding these
headers to other files.
Fixes#282
Signed-off-by: David Brown <david.brown@linaro.org>
CC: Marti Bolivar <marti@opensourcefoundries.com>
CC: Fabio Utzig <utzig@apache.org>
This patch isolates mcuboot settings under `MCUBoot`
menu in menuconfig view. This improves legibility.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The patch introduce usage of zephyr flas_map module instead
of mcuboot zephyr-only implementation. Unused flash_area_to_sectors
API of former flash_map was removed as well.
Size of sector-status-update-map entry is now defined thanks to the
minimum write size supported by the flash driver.
For avoid ambiguity former zephyr-only files flash_map.c
were renamed to flash_map_extended.c (its code now implements
only addition to this what zephyr flash_map implements).
flash_map.h header include is now warped by flash_map_backedn.h headre
because implementations and include pathes are diferent in Zephyr and Mynewt.
Usage of hal_flash_align() were replaced by usage flash_area_align().
This provide consistency between MyNewt and Zephyr implementation as
this API is available in both RTOSes.
flash_map.h was moved to the simulator c-support files as now missing in
the boot/zephyr subdirectories.
f. boot_scratch_fa_device_id was removed as unused.
f. boot_img_fa_device_id was and expanded the only use of it
(on loader.c).
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
`create` as alias to `sign` was defined in the arg parsing, but was not
functional because it was missing the subcommands call dict. This makes
`create` call the `sign` method.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This removes the old "TLV size" and "keyId" fields that used to exist
in the old image header format and updates it to use `load_addr`. Also
fixes the name of reserved fields to index from 1.
This fixes#279
Signed-off-by: Fabio Utzig <utzig@apache.org>
The unit tests depend on a few Mynewt packages (`test/testutil` and
`sys/console/stub`). If there is no repo prefix in the dependency
specifier, newt assumes the package is in the local repo (mcuboot)`.
This commit adds the `@apache-mynewt-core/` prefix to these
dependencies.
Signed-off-by: Christopher Collins <ccollins@apache.org>
The README file is missing extra information about how to run all the
different test configurations; add this in.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Continue removing platform-specific conditional compilation from
bootutil by adding a new MCUBOOT_HAVE_ASSERT_H configuration option
and associated header file. Right now, that's only used by the
simulator.
That leaves just bootutil_log.h with platform-specific contents, but
since it's meant to be an abstraction layer for logging, we'll let it
stand for now.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Take the opportunity to clean up a bit of platform cruft that has
gotten into bootutil by moving it to mcuboot_config.h, and ensuring it
is documented in the template config file.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
This allows us to delete all the remaining compiler command line
configuration from CMakeLists.txt.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Finish the job of removing the CONF_xxx fields from CMakeLists.txt by
using the Kconfig symbol from the application runner configuration macro.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Handle CONFIG_BOOT_UPGRADE_ONLY in mcuboot_config.h, and switch the
release test Makefile to using an OVERLAY_CONFIG fragment.
This removes the last user of the Makefile BOOTLOADER_CONFIG variable,
so delete it as well.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Handle CONFIG_BOOT_VALIDATE_SLOT0 in mcuboot_config.h, and switch to
setting it with an OVERLAY_CONFIG fragment in the test Makefile.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.
This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.
Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)
We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.
To move to a single prj.conf:
- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
depending on the case
This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.
Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Mynewt uses this file to convert MYNEWT_VAL(xxx) to MCUBOOT_xxx config
options. Zephyr currently adds config options via the compiler command
line, but it should use this instead.
As prep work for that conversion, add an empty mcuboot_config.h to the
Zephyr port, and include this file unconditionally wherever it's
needed. This takes care of the simulator as well, since that puts
boot/zephyr/include on its C file include path.
This turned up a couple of files (bootutil_priv.h and caps.c) that
were using the MCUBOOT_xxx config values without including the
file. Add the includes there, as they'll be needed later.
To make this official, add it to the requirements in the porting guide
and provide a template file porters can use while getting started.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
fixup! Mandate the presence of mcuboot_config/mcuboot_config.h
The Zephyr CMakeLists.txt contains some configuration options that are
outside of Kconfig.
The standard way to configure Zephyr builds is with Kconfig, so it
would be better if MCUboot did not have a parallel configuration
mechanism.
Add equivalent Kconfig options to those which are defined in
CMakeLists.txt. Subsequent patches will use them.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
The kconfig file is a bit disorderly. Clean it up. There are no
changes in this commit which affect the bootloader's behavior.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
This increases the buffer size of the serial bootloader to 256, allowing a
slightly larger mtu and upload speed when doing image upload.
Signed-off-by: Fabio Utzig <utzig@apache.org>
The flash driver name was changed upstream during the v1.11
development cycle. Remove a shim which kept the old name around in the
Zephyr port now that v1.11 is out.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
The imgtool's `sign` command also works without a key, but it doesn't
sign, only appends a hash. Add a `create` alias to this command so that
this usage makes more sense.
Fixes#240
Signed-off-by: David Brown <david.brown@linaro.org>
Following warnings were fixed within this patch:
'isspace' macro should take an int value
function 'bs_reset' should return void
redefinition of 'MBEDTLS_CONFIG_FILE' macro while
it is already defined by the zephyr build system.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Zephyr's SOC_FAMILY_NRF5 keyword was changed to SOC_FAMILY_NRF to
align with zephyr code-base.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Zephyr has build-in tinycbor code of version which doesn't
require newlib-c by default. Also the cborattr module is now
taken form the zephyr code.
This patch decrease flash consumption by 10 KB for serial recovery build.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Remove the obsolete `sign.sh` script, and fixup the documentation to
refer to the new tooling.
Fixes#245.
Signed-off-by: David Brown <david.brown@linaro.org>
This still defaults to 128 for compatibility, but allows users to
specify less elements to save space, or more elements for devices that
have massive flash size and/or too small sectors.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Add precisions to the information regarding flashing MCUboot and Zephyr
application images in order to make users aware of mass-erase scenarios
that might bite them.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This fixes an issue found on stm32f3 where newtmgr after writing an odd
sized packet, would hardfault on the next write due to trying to write an
odd address which is not valid on stm32f3 flash.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Fabio Utzig