This patch make possible MCUBOOT_BOOTUTIL to integrate the
hook file on their own. This is intended to support hook while
the library is just part of the application.
The hooks file for the MCUboot build is now included in the same manner.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Change enables multi-image DFU in Thingy:53 configuration.
The network core cannot access external flash directly. The flash
simulator must be used to provide a memory region that is used to
forward the new firmware to the network core.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
The dependency, in Kconfig, blocked usage of the ENABLE_MGMT_PERUSER
with other BOOT_SERIAL_ device options.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Change introduces default configuration of MCUboot for Thingy:53
secure cpuapp. The default configuration also disables image
revert on application core.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
Move CDC ACM UART node from common DTC overlay to
specific overlays, nrf52840_big.overlays and
usb_cdc_acm.overlays.
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
Adapt to Zephyr OS changes to get CDC ACM UART device.
Remove RECOVERY_UART_DEV_NAME Kconfig option and
use DEVICE_DT_GET() in serial_adapter.c
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
Example (very basic) hook implementation.
Added case description for test-build with these hooks
and multi-image feature.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Introduced boot_img_install_stat_hook() hook fuinction for fetch
the image's slot installation status.
The image's slot installation status is custom property.
It's detailed definition depends on user implementation. It is only
defined that the status will be set to 0 if this hook not provides
another value.
Inserted available hook for read image header as well.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
If user generate project and the will try to switch signature type
then it is very likely that MBETLS will be enabled simultaneously when
tinycrypt has to be force-selected, which causes kconfig warning on
impossible configuration. Such configuration won't be possible to be
fixed using menuconfig etc.
This patch moves dependency check on !MBEDTLS from kconfig to preprocessor
which makes manual fixing using menuconfig possible.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
So in PR #1089 I misaligned the `#else` used for the `irq_lock` as it
should be aligned with `CONFIG_MCUBOOT_CLEANUP_ARM_CORE`. So that
`irq_lock`is called when we don't call `__disable_irq` from arm core
clean up code.
Signed-off-by: Sigvart Hovland <sigvart.hovland@nordicsemi.no>
USB device support configuration is revised,
CONFIG_USB option is deprecated.
Only USB_DEVICE_STACK option should be used to
enable USB device support.
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The commit modifies CMakeLists.txt to include the file into compilation
only when CONFIG_ENABLE_MGMT_PERUSER is selected.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds Kconfig option that enables the storage erase mgmt
command.
Addition of the Kconfig option fixes the problem where Zephyr spcyfic
mgmt commands support fails to compile when board does not define
a storage partition.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
`irq_lock()` sets `BASEPRI_MAX` aka. the `BASEPRI` mask to whatever
zephyr has configured it to be by the value of `_EXC_IRQ_DEFAULT_PRIO`.
However by calling arm_cleanup() we also do the call to
`__disable_irq()` setting the PRIMASK to 1. Meaning the only exceptions
we can recive is fault exceptions. Masking out more exceptions does not
really make sense.
Sometimes applications booted by MCUBoot will not expect the `BASEPRI`
to be set to something else than 0(No effect). Meaning if they depend on
using some exception which now is masked out by `BASEPRI` they will
fail.
Signed-off-by: Sigvart Hovland <sigvart.hovland@nordicsemi.no>
LOG_IMMEDIATE Kconfig option has been repurposed and is now a Zephyr's
internal, non-visible symbol that should not be used by the end user.
The logging mode used by MCUBoot is defined in prj.conf
Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
Upstream Zephyr has renamed the 'nonsecure' variants for boards that
support TF-M. The rename consistently uses '_ns' or '_NS' (with
underscore) as the postfix which distinguishes these variants from
their 'secure' versions.
This affects Kconfig symbols used by MCUboot, so fix them to keep
working with the latest zephyr main branch.
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
The platforms that are listed as integration platforms in
the Zephyr boot sample need to be included in the platform
allow list, otherwise zephyr CI will throw an error. This
commit removes the common list of integration platforms and
adds integration platform entries in each test variant, in
accordance with the allow-list in each of the variants.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The "MCUBOOT_LOG_MODULE_(DECLARE|REGISTER)" macros should have a name
coherent with the rest of the logs macors, ie "BOOT_LOG_*". Also,
"bootutil_log.h" should define them as empty when the logs are disabled and
as "MCUBOOT_LOG_MODULE_*" when they are not.
With this change, the mcuboot user doesn't have to define
MCUBOOT_LOG_MODULE_* macros if the logs don't going to be used.
Signed-off-by: Carlos Falgueras García <carlos.falgueras@wslw.es>
The Kconfig option is applied only when MCUBOOT_SERIAL is enabled
so it has been moved into MUCBOOT_SERIAL dependent section
of Kconfig.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds generalized MCBOOT_ERASE_PROGRESSIVELY options
that can be used to enable progressive erase of flash in
boot_serial DFU code.
The progressive erase is used to erase flash pages as image
update fragments come, instead of erasing the whole needed
image at the beginning.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds Zephyr specific function for processing commands
from PERUSER and above groups; current addition is command
that allows to erase storage partition.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds optional processing of MGMT_GROUP_ID_PERUSER,
as defined by mcumgr library, and above; the processing requires
systems to provide own functions as these groups are system
specific.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit changes single loader code that has been accessing
flash_area type object directly, to use the new getter functions.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit provides set of getter functions that allow to
access fields of flash_area and flash_sectors objects.
Usage of these function, instead of direct field access, allows
to keep common code intact when internal, system specific,
implementation changes.
The commit contains the implementation of getters for following
ports: cpress, mbed, mynewt, zephyr.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Added configuration for emulate the secondary image flash.
Thanks to that it is easy to test mcuboot behavior while
the secondary flash device stop working.
Need additionally to modify the zephyr/drivers/flash/flash_simulator.c
driver, soflash_sim_read() always returns an error e.g: -EINVAL.
For building mcuboot use following comand-line:
west build -d build/mcuboot_y -b nrf52840dk_nrf52840 \
bootloader/mcuboot/boot/zephyr/ -- \
-DDTC_OVERLAY_FILE=./boards/nrf52840dk_ram.overlay \
-DOVERLAY_CONFIG=./boards/flash_sim_driver.conf
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Introduced MCUBOOT_CPU_IDLE() macro.
If a port supports single thread or is bare-metal then might be need
to switch to idle mode explicitly form MCUboot code.
The call allows to enable lower power consumption while waiting for
incoming transmission in serial recovery etc.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
MCUboot was build only for frdm_k64f in zephyr CI.
Extended Zephyr-RTOS integration platform by nrf52840dk_nrf52840
and nrf52840dongle_nrf52840 which allow to build MCUBoot on
these platform in Zephyr-RTOS CI.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Non-generated. Using cbor_encode directly
This removes the dependence on TinyCBOR.
Fixes#978
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
The following commit in Zephyr removed the need to unlock interrupts
when booting in single-threaded mode:
3b89cf173b
Remove the now obsolete lines.
Fixes#302.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
K_sleep() is not available when multithreading is disabled.
Let's use k_busy_wait() in that case.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Scratch area is unneeded if CONFIG_BOOT_SWAP_USING_SCRATCH=n.
This was not reflected so fare which causes build faliure.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Add new feature that allows testing EC256 encrypted images using the
Mbed TLS backend.
Move config-ecdsa.h to config-ec.h because definitions are very similar
between ECDSA and ECDH with Mbed TLS so resort to a single config file.
Add new feature and fix the build; add proper Mbed TLS memory
initialization when enc-ec256-mbedtls is used.
Signed-off-by: Fabio Utzig <utzig@apache.org>
The mimxrt1060_evk and mimxrt1064_evk boards have large slots so we need
to increase CONFIG_BOOT_MAX_IMG_SECTORS from the default.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
When CONFIG_BOOT_SIGNATURE_KEY_FILE is left empty, the cmake find command gets
called with a wrong number of arguments. This patch skips the search for the
signature key file within config files in that case.
Signed-off-by: Nico Lastzka <Nico.Lastzka@ATSonline.de>
Removed configuration of gpio pin using flags which were
removed for zephyr-project long ago. Also old method of read
the pin value was removed.
No sense to keep that as nowadays MCUboot is also not compatible
with zephyr version which supports these flags and methods.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Devices with a physical reset button might prefer to use it to enter USB
DFU mode, instead of always entering it with a timeout. Extract the
existing CONFIG_BOOT_SERIAL_DETECT detection code and use it to enter
DFU mode when CONFIG_BOOT_USB_DFU_GPIO is enabled.
This commit depends on zephyrproject-rtos/zephyr#30015, which changes
wait_for_usb_dfu from a nullary function that waits for a compile-time
fixed amount of time, to one that takes a timeout.
Signed-off-by: Josh Gao <josh@jmgao.dev>
The commit fixes definition and usage of ZEPHYR_LOG_MODE_MINIMAL
to prevent compilation warnings on possibly non-portable code.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Add Mbed TLS ECDSA signature verification as an option (in addition to
Tinycrypt and the CC310 hardware version). Although the Mbed TLS ECDSA
verification code is both larger and slower, this will still save space
if there is another reason that the Mbed TLS code is already being
brought in for another reason (such as certificate management, for
example).
Mbed TLS's ECDSA verification works at a different level than the other
two libraries, so this takes a bit of reworking. There are some
additional parameters passed to the various functions, and a new define
MCUBOOT_ECDSA_NEED_ASN1_SIG to indicate that the ecdsa verification
wants the original ASN1 signature, not a decoded key.
This adds the boot changes and simulator support to test this configuration.
Signed-off-by: David Brown <david.brown@linaro.org>
The commit changes banner message to indicate that bootloader has been
built for Direct-XIP mode.
It also removes, in Direct-XIP compiled code, information on jumping
into first slot: that information is not always correct for Direct-XIP
and other messages correctly point slot that will be used.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Andrzej Puzdrowski