Update CONFIG_FLOAT to CONFIG_FPU which has been renamed in zephyr.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Fix uninitialized variable warning that may occur when
compiler optimization is enabled (especially for size).
Change-Id: Id56669a2079ac20edbf74c17f943c974f1e8bf93
Signed-off-by: David Vincze <david.vincze@linaro.org>
Fixup how we fake out devicetree.h, which is now really the flash map
API for what mcuboot is using.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
As we replace the legacy DT_FLASH_ support use the new FLASH_AREA_
macros.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
- Add Kconfig option `CONFIG_BOOT_SIGNATURE_TYPE_NONE`. When y,
The bootloader will not verify the cryptographic signature of the image
at boot or prior to upgrade. Image integrity check is retained.
Images would still need to be processed using `imgtool` however no key
should be provided to skip cryptographic signature generation.
Signed-off-by: Arvin Farahmand <arvinf@ip-logix.com>
- If MCUBOOT_SIGN_RSA, MCUBOOT_SIGN_EC, MCUBOOT_SIGN_EC256 are not
defined cryptographic signature check is skipped during validation.
sha256 check is still retained. This reduces the binary size, at the
expense of greatly reduced security. However this can be acceptable
in some scenarios where cryptographic check is not required.
Signed-off-by: Arvin Farahmand <arvinf@ip-logix.com>
Was 3, but mcumgr sometimes sends 2 ("off" + "data", "len" is not needed
when "off" != 0). Reduce to 1 to avoid the problem, since the code
has other checks to catch this.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
The variable `dec_off` can possibly be uninitialized in this function.
As long as the serial protocol used is formed correctly, the
initialization will always happen. Place an initialization upon
function entry to protect against a case where a malformed protocol is
able to provoke this variable being used before being initialized.
Signed-off-by: David Brown <david.brown@linaro.org>
Now that mbed tls has its own submodules, add `--recursive` to the
sample invocation of submodule update. Without this, building the
simulator produces difficult messages about `sha256.c` missing.
Signed-off-by: David Brown <david.brown@linaro.org>
Update various version fields. Also include a note in the release notes
describing Zephyr compatibility.
Signed-off-by: David Brown <david.brown@linaro.org>
As the DT define DT_JEDEC_SPI_NOR_0_LABEL is intended to be deprecated
move to the new macro style to determine for DT_JEDEC_SPI_NOR_0_LABEL
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
As upstream zephyr is phasing out DT_FLASH defines for non-partition
usage replace DT_FLASH_DEV_NAME with
DT_CHOSEN_ZEPHYR_FLASH_CONTROLLER_LABEL.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Add new CI vm that parses the imgtool version from __init__.py and
compares with the current published release. If the version in the repo
is newer it will be published automatically.
Signed-off-by: Fabio Utzig <utzig@apache.org>
To make contributions easier, place explicit copyrights by the major
contributors, along with an SPDX license identifier. Files that came
from the mynewt project, which was an Apache project will retain the
Apache project license text, although this does not apply to new
contributions, which are being made by individual contributors.
Hopefully, this will keep everyone happy, but allow contributors that
need to add an explicit copyright to have a place they can add that.
Fixes#501
Signed-off-by: David Brown <david.brown@linaro.org>
- Update documentation of 'HW based downgrade prevention'
- Add description for the following features:
MCUBOOT_MEASURED_BOOT
MCUBOOT_DATA_SHARING
MCUBOOT_HW_KEY
Change-Id: If7247e906de3028d44cdd9d14a5004661fb955af
Signed-off-by: David Vincze <david.vincze@linaro.org>
This macro is part of the C11 standard. Remove the use of a specialized macro
just for Zephyr, and use the standard macro for all platforms. This reduces
dependencies on specific versions of Zephyr.
In addition. The Zephyr-specific code was using toolchain/gcc.h which
would only work with gcc.h, so doesn't actually address any of the
objections. If this ever becomes a problem with Zephyr, we can figure
out a proper way to fix this.
Signed-off-by: David Brown <david.brown@linaro.org>
With the merge of https://github.com/apache/mynewt-newt/pull/365 `newt`
does not use `version.yml` files anymore, so remove the file and
references to updating it in the release process.
Testing a MCUBoot release now depends on `newt` `master` or `> 1.7.0`
(to be released).
Signed-off-by: Fabio Utzig <utzig@apache.org>
The STM32L475 needs BOOT_MAX_IMG_SECTORS equal 256 to work properly.
This add a config file to change default value from 128 to 256 once
there isn't a proper way to handle using Device Tree.
fixes zephyrproject-rtos/zephyr/issues/24243
Signed-off-by: Gerson Fernando Budke <nandojve@gmail.com>
Set the RAM_LOAD flag in the image header when a load address was passed
to the imgtool script, indicating that the image should be loaded into
RAM and run from there.
Change-Id: Id9d2c179d7fa1ff7d15cf671c09c61b5b78c88a8
Signed-off-by: David Vincze <david.vincze@linaro.org>
- Define new TLV for carrying information for x25519 based encrypted
images.
- Add routines to parse embedded encryption key, generated shared
secret and image decryption key.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This change enables the public key (used for image authentication) to
be removed from MCUboot and be appended to the image instead. In this
case the key or its hash must be provisioned to the device and MCUboot
must be able to retrieve the key-hash from the hardware to compare it
with the calculated hash of the public key from the image manifest in
order to verify its validity before image authentication.
The source of this change:
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1581
Change-Id: I36fe699732e0e4c113eaed331c22e707c722ed6e
Signed-off-by: David Vincze <david.vincze@linaro.org>
The --public-key-format option can be used to distinguish where
the public key is stored for image authentication. It can be embedded
in MCUboot or by selecting 'full' it can be in the image manifest.
The source of this change:
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1579
Change-Id: If658dff8147cfce2f27bfc0209ecf0d6d9cb2a73
Signed-off-by: David Vincze <david.vincze@linaro.org>
Board was renamed here:
zephyrproject-rtos/zephyr#24049
Patch aligns the name in MCUBoot.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Use <arch/arm/aarch32/cortex_m/cmsis.h> include instead of <zephyr.h> to
get access to Cortex-M CMSIS API. zephyr.h provides kernel API, does not
guarantee access to CPU internals.
Fixes: #699 "Building MCUBoot for Zephyr fails on multiple ARM boards"
Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
Switch to using the devicetree_legacy_unfixed.h header for extracting
flash partition information.
Zephyr has switched to using a new gen_defines.py script and a new set
of macros/defines for devicetree code generation for all nodes except
flash partitions, which are still in the legacy format.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
David Brown