Commit Graph

2205 Commits

Author SHA1 Message Date
David Brown 62e2b4dead docs: Update release notes for 2.0.0-rc1
Collect release notes, and add a bit about the API change.

Signed-off-by: David Brown <david.brown@linaro.org>
2023-09-29 08:19:05 -06:00
Jamie McCrae bf8cf46b34 docs: release: Add note on panicking if flash device open fails
Adds a note that flash open failing will cause the bootloader to
panic and now prints a verbose error out when this happens

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-28 15:10:46 +01:00
Jamie McCrae 2929a975c7 bootutil: Show error if flash area open fails
Shows an error if a particular flash area fails to open

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-28 15:10:46 +01:00
Jamie McCrae ae2aeedfe8 docs: release: Add note on boot serial extension rework
Adds a note on the reworked boot serial extensions features which
now allows modules to add handlers

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-28 07:35:31 +01:00
Jamie McCrae 268433e0a8 zephyr: Allow user-defined boot serial extensions
This allows for out-of-tree modules to define their own boot serial
functions by using iterable sections.
Note that this also removes the custom img list command, which was
not used in-tree.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-28 07:35:31 +01:00
Jamie McCrae 50f8b5f742 bootutil: Add shared data support for XIP with revert mode
Adds support for sharing the direct-XIP MCUboot mode with revert
to applications using shared data

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-27 18:11:56 +02:00
Jamie McCrae 8d0b35a1e9 bootutil: Add mode for XIP with revert
Adds a new define if bootloader in built in direct-XIP with revert
mode

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-27 18:11:56 +02:00
Jamie McCrae 6c8c76fc37 docs: Add note on addition of zephyr retention shared boot info
Adds a note that Zephyr can now use the retention subsystem to
share information with applications about MCUboot's configuration.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-27 07:49:25 +01:00
Jamie McCrae 4da510137a zephyr: Add shared data support
Adds the ability to share mcuboot configuration with the
application using Zephyr's retention subsystem.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-27 07:49:25 +01:00
Roland Mikhel 9bef51ce4a bootutil/crypto: Do not include import key with PSA
This fixes a build error when PSA Crypto API is being used
as it has no need for bootutil_import_key but it's included
currently since it's allowed to have both Mbed TLS and PSA defined.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: If38d3011fc4fa2d317f8be65df9e231d7d57dcbf
2023-09-26 07:55:30 +02:00
Almir Okato db2024eb20 espressif: update secure boot and flash encryption
Adjust secure boot and flash encryption after IDF v5.x updates.
It also allows to enable secure boot on ESP32-C2.

Signed-off-by: Almir Okato <almir.okato@espressif.com>
2023-09-20 09:46:27 -03:00
Jamie McCrae 736234caa5 docs: release: Add note on bs image list fixes
Adds a note on fixes with boot serial image listing

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-20 10:55:24 +01:00
Jamie McCrae c7aa2c029e boot_serial: Fix issues with single slot mode/encrypted images
Fixes 2 issues, one whereby multiple slots were checked despite
operating in single slot mode, and another whereby decrypted
images would not appear on serial recovery image listing, due
to assuming that the images were still encrypted.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-20 10:55:24 +01:00
Jamie McCrae 5f30562e0c docs: release: Add note on boot_serial duplicate command fix
Adds a note about a fix for boot_serial duplicate commands

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-20 09:58:09 +02:00
Jamie McCrae 6ba46c0b82 boot_serial: Fix issue with queued commands
Fixes an issue whereby multiple commands are received and some
are still being processed. This generally arises when a response
takes a long time (e.g. when image decryption is required),
duplicate commands will now send multiple responses but avoids
the bug of future commands being sent to which previous responses
are received.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-20 09:58:09 +02:00
Roland Mikhel 5c00da4542 ci: Add test cases for ECDSA using PSA Crypto
Add ECDSA verification tests to the CI using the PSA Crypto API

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I904c8929f355ec791ff28ac7c3e0ca3832b2403d
2023-09-12 16:29:11 +02:00
Roland Mikhel fb5507b4a4 sim: Replace hash with SHA384 when P384 is used
Currently all the hashing functionality is done with SHA256
but if we would like to use ECDSA-P384 that requires SHA384
as the hashing algorithm. However, MCUboot is using SHA256
for image hashing and public key hashing. This commit modifies
the hashing operations to use SHA384 thus SHA256 can be omitted
which is beneficial from a code size standpoint.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I364eefe334e4fe6668b8a3b97991b5dbb0c80104
2023-09-12 16:29:11 +02:00
Roland Mikhel 03c9ad0781 bootutil: Replace hash with SHA384 when P384 is used
Currently all the hashing functionality is done with SHA256
but if we would like to use ECDSA-P384 that requires SHA384
as the hashing algorithm, but MCUboot is using SHA256
for image hashing and public key hashing. This commit modifies
the hashing operations to use SHA384 thus SHA256 can be omitted
which is beneficial from a code size standpoint.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I59230f76f88e0b42ad6383b2c9b71b73f33d7dd7
2023-09-12 16:29:11 +02:00
Roland Mikhel 5899face4d sim: PSA Crypto ECDSA enablement
This commit enables ECDSA signature verification using
PSA Crypto API.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I33f559ecdd59b1ce41c6a2d5f315212300d585e3
2023-09-12 16:29:11 +02:00
Roland Mikhel 274547ce06 bootutil: PSA Crypto ECDSA enablement
This commit enables ECDSA signature verification using
PSA Crypto API.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I51c7aadba03348f335e89d9252e70c09f8787f30
2023-09-12 16:29:11 +02:00
Jamie McCrae 8f8fbf9956 zephyr: Fall back to minimal C library
Changes back to the minimal C library instead of picolibc to
reduce flash usage

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-12 14:16:03 +01:00
Jamie McCrae 5c5222f884 boot_serial: Fix include
Fixes an include which is needed for multiple options by just
always including it, and fixing the path so it can be included.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-09-12 12:56:39 +02:00
Sylvio Alves b847a33ba2 espressif: use minimal libc as default for ESP32 boards
Make MINIMAL_LIBC as default for MCUboot app build instead
of picolibc. Footprint is lower and no need to
MULTLTHREADING enabled for SoC build.

Signed-off-by: Sylvio Alves <sylvio.alves@espressif.com>
2023-09-08 11:01:07 -03:00
Benjamin Bigler 480b97f2e2 boot_serial: Fix missing point if using snprintf
Adds missing point in version when snprintf is used

Signed-off-by: Benjamin Bigler <benjamin.bigler@securiton.ch>
2023-09-08 07:40:03 +01:00
Piotr Dymacz 3790f5f055 boot: zephyr: use indication LED also in timeout based recovery
This adds support for indication LED option (MCUBOOT_INDICATION_LED) in
the timeout based recovery. Configured LED will be enabled when entering
the recovery and disabled after selected timeout (if no mcumgr command
was received).

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2023-09-07 11:37:34 +01:00
Dominik Ermel 0035c33b44 zephyr: Provide third image cases for direct image upload
The commit adds missing support for direct upload of third
image slots.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-09-06 17:49:33 +02:00
Lucas Tamborrino 9bf7ce8c5f zephyr: Fix build for non-arm archs
Guards the inclusion of cmsis_core header for
ARM targets only.

Fixes #1799

Signed-off-by: Lucas Tamborrino <lucas.tamborrino@espressif.com>
2023-09-06 10:07:09 +01:00
Fabio Utzig f0ad026fa7 docs: add webrick dependency
webrick needs to be installed for ruby versions >3, which should ease
local testing for someone running newer versions. This is compatible
with running on ruby 2.7.4, the version used on github pages.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2023-09-05 20:06:14 -03:00
Fabio Utzig b688ef77cc docs: add jemoji plugin
This plugin enables jekyll to display emojis; the version added matches
current on github-pages (https://pages.github.com/versions/)

Signed-off-by: Fabio Utzig <utzig@apache.org>
2023-09-05 20:06:14 -03:00
Fabio Utzig 54fd52d914 docs: update github-pages and deps versions
Update to versions matching: https://pages.github.com/versions/

Signed-off-by: Fabio Utzig <utzig@apache.org>
2023-09-05 20:06:14 -03:00
Fabio Utzig b58962fad9 docs: espressif: fix formatting of markdown
Fix documentation issues for the rendering of the Espressif README
page. No content is changed with this commit, but formatting and
line breaks are set to approximately 100 columns.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2023-09-04 16:50:11 -03:00
Fabio Utzig 0d2772cee8 Add Espressif build status badge
Add new badge to easily check build status for Espressif CI.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2023-09-02 16:04:24 -03:00
Jamie McCrae e188dbb0e1 zephyr: Fix boot serial extensions
Fixes building the bootloader with serial recovery mode and boot
serial extensions enabled due to changes in Zephyr's MCUmgr file
and naming changes.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-29 16:01:02 +02:00
Gerard Marull-Paretas 11ecbf639d zephyr: use cmsis_core.h header
CMSIS glue code is now provided by the CMSIS Zephyr module in
<cmsis_core.h>. Header is generic for M/A/R.

Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
2023-08-25 11:30:17 +02:00
Dominik Ermel da65db0076 zephyr: Provide slot definitions for three images
Support for three pairs of slots.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-24 14:13:55 +02:00
Dominik Ermel 4ff95da6f6 bootuil: Replace flash_area_id_to_image with flash_area_to_image
Move flash_area_get_id inside the function and rename it.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-22 14:24:03 +02:00
Dominik Ermel 2c61caf606 bootutil: Move flash_area_id_to_image under ifdef
The commit moves the flash_area_id_to_image to section compiled
only when not in DirectXIP mode, to prevent warnings about unused
static functions.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-22 10:52:52 +02:00
Dominik Ermel 904d0c4608 bootutil: Add DirectXIP version of boot_set_next
The commit adds DirectXIP version of bootutil boot_set_next
function.
The function is enabled by configuration option:
MCUBOOT_BOOTUTIL_LIB_FOR_DIRECT_XIP.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2023-08-18 11:10:19 +02:00
Jamie McCrae d9a0074d4c docs: release: Add note on zephyr debug mode
Adds a note that zephyr builds no longer build in debug mode
by default

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-18 09:05:13 +01:00
Jamie McCrae 2a874b6e9c zephyr: Do not build in debug mode
Builds in the default zephyr mode (optimised for size) which
saves about 6KiB of flash on a default nrf52840dk build.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-18 09:05:13 +01:00
Jamie McCrae 258a6c7dc2 bootutil: Fix support for more than 2 flash areas
Fixes a function which converts from an ID to an image number
to support more than 2 images.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-17 16:00:12 +02:00
Fabio Utzig b206b99b15 ci: mynewt: Update to install upstream Mbed-TLS
Update after recent removal of Mbed-TLS from Mynewt tree; now using
upstream from Mbed-TLS github repo.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2023-08-10 14:29:44 -07:00
Almir Okato 8647964e64 espressif: add release notes
Signed-off-by: Almir Okato <almir.okato@espressif.com>
2023-08-10 10:59:33 -07:00
Almir Okato 4a051181c4 espressif: esp32xx: adjust memory map on linker script
Reorganize memory mapping and document the address ranges that
the OS must avoid overlapping.

Signed-off-by: Almir Okato <almir.okato@espressif.com>
2023-08-10 10:59:33 -07:00
Almir Okato c1efa00b8d espressif: update documentation regarding ESP32-C2, ESP32-C6 and ESP32-H2
Signed-off-by: Almir Okato <almir.okato@espressif.com>
2023-08-10 10:59:33 -07:00
Almir Okato 68a2980f97 espressif: esp32c2: remove unsupported configs
Remove unsupported USB JTAG configuration
Remove unsupported Secure Boot V2 configuration

Signed-off-by: Almir Okato <almir.okato@espressif.com>
2023-08-10 10:59:33 -07:00
Almir Okato 2f17549ef3 espressif: esp32c6 esp32h2: fix custom uart and secure boot build
Fix missing header on console_uart_custom.c
Update secure_boot.c includes removing soc ifdefs

Signed-off-by: Almir Okato <almir.okato@espressif.com>
2023-08-10 10:59:33 -07:00
Jamie McCrae fc658eb5a2 docs: release: Add note on encryption changes
Adds notes on fixes and changes related to encrypted image handling

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-09 07:45:22 +01:00
Jamie McCrae c9fa60886b boot: boot_serial: Fix issue with encrypted second slot images
Fixes issues whereby encrypted images were not properly listed due
to not treating them as encrypted, also removes a piece of wrong
hack code that would never run as the primary slot cannot be
encrypted.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-09 07:45:22 +01:00
Jamie McCrae 25d2f2cfe0 zephyr: encryption: Improve Kconfig and key generation
Improves the Kconfig layout for encrypted image support and allows
using key files instead of just using a pre-defined, insecure dummy
key.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-08-09 07:45:22 +01:00