USB DFU depends on MULTITHREADING and STREAM_FLASH, and these
should be explicitly selected.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Removes the old deprecated Kconfig items for configuring GPIO ports
and pins for entering serial recovery/USB DFU mode. These were
deprecated almost a year ago and should not be used as device tree
has long replaced them.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This changes the default mcuboot configuration for zephyr
applications to clean up before booting the user application. The
reason for this change is that mcuboot may configure protection (e.g.
MPU stack guard) which is then used by the user application during
its startup code prior to cleaning the configuration up, this can
lead to a unbootable application and potentially irrecoverable
module, therefore cleaning up is now being enabled by default.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This deprecates the flash erase Kconfig for zephyr, if this action
is required then the board should be flashed using west with the
`--erase` argument supplied instead.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
With the exception of nrf targets BOOT_SWAP_USING_SCRATCH mode was
still the default algorithm.
Changing the preferred mode in cases where no scratch_partition is
defined will allow successfully building mcuboot for such boards w/o
the need for any board specific overlays.
Signed-off-by: Thomas Stranger <thomas.stranger@outlook.com>
Downgrade prevention for swap upgrades that was added to
mcuboot is now configurable in zephyr.
It may be using software version number from image in slot 0,
or security counter from the image in slot 0 (for limited downgrade
availability).
Hardware base security counter check remains unchanged.
Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
This property should be enabled by default only when watchdog
driver is available.
This fixed build with pristine configuration on targets
with CONFIG_WATCHDOG=n.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The Kconfig system used by Zephyr does not allow the defaults for choice
options to be overridden. To compensate for this, create a new boolean
config option that will determine what the default is for the boot mode.
This allows the kconfig override file for various Zephyr boards to
change the default to swap move.
Signed-off-by: David Brown <david.brown@linaro.org>
Change introduces default values of CONFIG_BOOT_SERIAL_DETECT_PIN
and CONFIG_BOOT_USB_DFU_DETECT_PIN. This is needed to prevent build
issues caused by uninitialized Kconfig.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
Since we have support for nRF and STM32 families,
and non-vendor watchdog implementation let's enable
this functionality by default.
Imply NRFX_WDT && NRFX_WDT0 && NRFX_WDT1 only when
SOC_FAMILY_NRF is being used.
Signed-off-by: Bartosz Bilas <bartosz.bilas@hotmail.com>
This patch removes CONFIG_BOOT_IMAGE_ACCESS_HOOKS_FILE option
which was used to point to hooks implementation file.
It is better that the project customization is up to add required
files instead. This gives more flexibility in provisioning these
sources (there may be multiple files).
This also simplifies Kconfig options.
In order to keep possibility for build-test the Hooks feature
hooks_sample.c will be included into the build if commandline
will specify -DTEST_BOOT_IMAGE_ACCESS_HOOKS=Y option.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Added note of deprecation of hardware properties of
the gpio-pin used for triggering the recovery DFU modes.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Adds an optional callback when the MCUboot status changes which can
allow components to react.
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
The RAM loading mode wasn't wrapped in Zephyr configs like the other boot modes.
Added a config to enable RAM loading as well as two configs to set
IMAGE_EXECUTABLE_RAM_START and IMAGE_EXECUTABLE_RAM_SIZE, respectively. These
two values default to the values from the chosen node sram in the dts.
Signed-off-by: Johan Öhman <johan.ohman@softube.com>
This option was reserved for serial recovery mode, while
it should be available for USB DFU as well.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
This PR adds the possibility to only enter the bootloader's
serial recovery mode when a mcumgr command is received within a
given timeout.
Signed-off-by: Wouter Cappelle <wouter.cappelle@crodeon.com>
In a multi image context it is possible for a user to upload an image
to the wrong secondary slot. As the same key is used for both images
MCUboot will overwrite image 0 with a variant of image 1.
If direct overwrite is enabled it is not trivial to recover from this.
To mitigate this issue we introduce a check of the reset address within
the vector table.
If the reset address in the new image is not contained within the
primary slot the image is deemed incorrect and is deleted from the
secondary slot
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
The dependency, in Kconfig, blocked usage of the ENABLE_MGMT_PERUSER
with other BOOT_SERIAL_ device options.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Adapt to Zephyr OS changes to get CDC ACM UART device.
Remove RECOVERY_UART_DEV_NAME Kconfig option and
use DEVICE_DT_GET() in serial_adapter.c
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
If user generate project and the will try to switch signature type
then it is very likely that MBETLS will be enabled simultaneously when
tinycrypt has to be force-selected, which causes kconfig warning on
impossible configuration. Such configuration won't be possible to be
fixed using menuconfig etc.
This patch moves dependency check on !MBEDTLS from kconfig to preprocessor
which makes manual fixing using menuconfig possible.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
USB device support configuration is revised,
CONFIG_USB option is deprecated.
Only USB_DEVICE_STACK option should be used to
enable USB device support.
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The commit adds Kconfig option that enables the storage erase mgmt
command.
Addition of the Kconfig option fixes the problem where Zephyr spcyfic
mgmt commands support fails to compile when board does not define
a storage partition.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
LOG_IMMEDIATE Kconfig option has been repurposed and is now a Zephyr's
internal, non-visible symbol that should not be used by the end user.
The logging mode used by MCUBoot is defined in prj.conf
Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
Upstream Zephyr has renamed the 'nonsecure' variants for boards that
support TF-M. The rename consistently uses '_ns' or '_NS' (with
underscore) as the postfix which distinguishes these variants from
their 'secure' versions.
This affects Kconfig symbols used by MCUboot, so fix them to keep
working with the latest zephyr main branch.
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
The Kconfig option is applied only when MCUBOOT_SERIAL is enabled
so it has been moved into MUCBOOT_SERIAL dependent section
of Kconfig.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds Zephyr specific function for processing commands
from PERUSER and above groups; current addition is command
that allows to erase storage partition.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds optional processing of MGMT_GROUP_ID_PERUSER,
as defined by mcumgr library, and above; the processing requires
systems to provide own functions as these groups are system
specific.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Non-generated. Using cbor_encode directly
This removes the dependence on TinyCBOR.
Fixes#978
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Devices with a physical reset button might prefer to use it to enter USB
DFU mode, instead of always entering it with a timeout. Extract the
existing CONFIG_BOOT_SERIAL_DETECT detection code and use it to enter
DFU mode when CONFIG_BOOT_USB_DFU_GPIO is enabled.
This commit depends on zephyrproject-rtos/zephyr#30015, which changes
wait_for_usb_dfu from a nullary function that waits for a compile-time
fixed amount of time, to one that takes a timeout.
Signed-off-by: Josh Gao <josh@jmgao.dev>
Setting LED to initial level before beginning.
Making comment about BOOT_SERIAL_DETECT_DELAY more clear in Kconfig.
Signed-off-by: Jared Wolff <hello@jaredwolff.com>
Part of code of boot/bootutil/ is re-implemented in zephyr-rtos
repository.
As some code are defined here and there it becomes problem when
need to include it with outstanding feature in a build.
It is possible to mitigate problem using #fdefry - but this was
rather temporary hack.
This patch introduce new module which is common for MCUBoot build
and application build.
Common code were extracted to bootutil_public.c source file and
bootutil_public.h header
MCUboot also select DISABLE_MCUBOOT_BOOTUTIL_LIB_OWN_LOG Kconfig
option, as it must define log configuration on its own for all its
sourcecode.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
BOOT_DIRECT_XIP_REVER enable code which shall only be enabled
while BOOT_DIRECT_XIP=y.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The 'revert' mechanism in direct-xip is similar to the one in swap mode.
It requires the trailer magic to be added to the signed image. When a
reboot happens without the image being confirmed at runtime (without the
image_ok flag being set), the bootloader considers the image faulty and
erases it. After this it will attempt to boot the previous image
instead. The images can also be made permanent (marked as confirmed in
advance) just like in swap mode.
Change-Id: Ibde9361d4a7302dd8efbb277b691b71eca0ca877
Signed-off-by: David Vincze <david.vincze@linaro.org>
Zephyr has introduced an option to perform the cleanup
of ARM core HW registers during early boot, when the
firmware is chain-loaded by MCUboot. Therefore, MCUboot
does not need to perform the same cleanup before jumping
to the application image. The patch relies on the fact
that building MCUboot with Zephyr implies loading also
a Zephyr-based application firmware. If this is not the
case, the application developer needs to enable the
MCUBOOT_CLEANUP_ARM_CODE Kconfig option manually, in the
project configuration.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Marcin Niestroj