Commit Graph

1221 Commits

Author SHA1 Message Date
Robert Paananen 556b32a679 boot: Removed unnecessary if-statement
If-statement checks if length is greater than some value right after a check if it is equal to the same value.
This will never be true.

Signed-off-by: Robert Paananen <robert@paananen.nu>
2024-04-18 10:49:14 +01:00
David Brown da2e2ab4e3 boot: Enforce TLV entries to be protected
Only allow TLV entries that are needed for signature verification to be placed
in the unprotected area of the TLV.

Signed-off-by: David Brown <david.brown@linaro.org>
2024-04-18 11:27:15 +02:00
David Brown ea1cdfdeff boot: Add tlv query for protected region
Add a query to the TLV iterator that will indicate if the currently iterated TLV
entry was found in the protected region or not.

Signed-off-by: David Brown <david.brown@linaro.org>
2024-04-18 11:27:15 +02:00
Sylvio Alves 8c0e36c886 boot: zephyr: esp32: rename boards to meet hwmv2
Renames boards to account for hwmv2 changes

Signed-off-by: Sylvio Alves <sylvio.alves@espressif.com>
2024-04-16 18:02:13 -03:00
Jerzy Kasenberg ed6460b815 mynewt: Add single_loader support
There is existing functionality for Zephyr where mcuboot works
with single slot (no swap) and image can be updated via boot_serial.

To have same functionality in mynewet single_loader.c file is copied
from zephyr tree and 2 pkg.yml files are modified to utilize new
file when BOOTUTIL_SINGLE_APPLICATION_SLOT is defined

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
2024-04-14 20:17:44 -03:00
Jerzy Kasenberg 23d4f12169 mynewt: Change main to mynewt_main
mynewt system for some time now uses mynewt_main() as
starting point called from startup code.
This changes function name main to mynewt_main but
provides backup main function that will be linked if
pre 1.12 mynewt-core is used with mcuboot

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
2024-04-14 20:16:39 -03:00
David Vincze f06bc71180 bootutil/crypto: Builtin ECDSA key support for PSA Crypto backend
Enable the usage of builtin keys in the ECDSA verification module with
the PSA Crypto API based cryptographic backend.
This way parsing and importing the verification keys can also be avoided.

Change-Id: I6ada1ef8ed04a3f12c228ef399e3a7b8ebc7fb5e
Signed-off-by: David Vincze <david.vincze@arm.com>
2024-04-10 12:05:08 -06:00
David Vincze e369784ba4 bootutil: Allow the usage of builtin keys in verification
Introduce a new MCUBOOT_BUILTIN_KEY option to enable the usage of
builtin keys for signature verification. This way the details of the key
handling mechanism are abstracted away from the boot code and this
responsibility is delegated to the given crypto library.
This is an alternative option to the existing MCUBOOT_HW_KEY feature,
however in this case we can entirely rely on key IDs and not only the
code, but also the image metadata does not contain any public key data.

Change-Id: Id01b67951310549b2734730c58bfa7210a2d5236
Signed-off-by: David Vincze <david.vincze@arm.com>
2024-04-10 12:05:08 -06:00
Jerzy Kasenberg 39757d6a42 mynewt: Add support for MCUBOOT_SINGLE_APPLICATION_SLOT
So far mynewt code required definition of second slot in bsp.
Even in cases when overwrite only option was used bsp had to
have secondary slot with 0 length or pointing to some
unreachable flash or flash area.

Now when BOOTUTIL_SINGLE_APPLICATION_SLOT is set to 1
there is not need for fake flash areas when mcuboot
provides way for upgrade like boot serial or other
supported ways (USB DFU or USB MSC)

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
2024-04-08 17:53:51 -03:00
Petr Buchta c5a528ba4e New OVERWRITE_ONLY_KEEP_BACKUP option
It builds on top of OVERWRITE_ONLY mode and uses secondary slot
as a backup of the primary slot. The main difference is that after
image copy to the primary slot the secondary slot is not erased.
This is meant to be used together with BOOTSTRAP option that will
reinstall the primary image with the backup in case it's not valid.

Signed-off-by: Petr Buchta <petr.buchta@nxp.com>
2024-04-05 10:42:21 -06:00
Jamie McCrae a65ea49515 boot: zephyr: Rename boards
Renames boards to account for hwmv2 changes

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-04-02 21:39:01 +01:00
Jamie McCrae 24ac8cc2be boot: zephyr: Fix disabling I/D caches
Fixes an issue whereby the instruction and data caches being
disabled before booting code had bit-rotted and no longer worked,
adds a new Kconfig that allows this option to be turned off if
wanted.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-03-20 07:47:28 +00:00
Daniel DeGrasse 5d067f0e0c zephyr: boards: set BOOT_MAX_IMG_SECTORS value for rd_rw612_bga
MX25UM flash on rd_rw612_bga is very large (8MB), so we must increase
the number of max sectors when targeting this board with MCUboot

Signed-off-by: Daniel DeGrasse <daniel.degrasse@nxp.com>
2024-03-14 10:17:01 +01:00
Dominik Ermel aafcbad6ec boot: Refactoring image dependency functions to reduce code size
There have been duplicate functions:
 boot_verify_dependencies
 boot_verify_slot_dependencies
 boot_verify_slot_dependency
with, very similar internals, scattered around unit.
The commit have moved them on top and squashed where possible.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-03-13 14:19:43 +01:00
Jamie McCrae 9fb7ce5d02 boot: zephyr: Fix estimated size calculation
Fixes an issue with the estimated size calculation which wrongly
used the maximum align size for some multiplications, this would
mean that in some instances the estimated maximum image size was
smaller than the actual allowed size

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-03-13 11:14:41 +00:00
Grzegorz Chwierut 7ace8bd4ad zephyr: boards: Remove CONFIG_FPROTECT from nrf54l15
CONFIG_FPROTECT is defined only in NRF repository, it
should not be added here.

Signed-off-by: Grzegorz Chwierut <grzegorz.chwierut@nordicsemi.no>
2024-03-11 18:00:20 +01:00
Jamie McCrae 8b4c70ab6d boot: zephyr: Update changed Nordic family Kconfig
Updates a Kconfig that was renamed

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-03-07 09:35:41 +00:00
Sylvio Alves b794d335a4 espressif: modify SOC_FAMILY according to new HWMv2
Update FAMILY reference as needed.

Signed-off-by: Sylvio Alves <sylvio.alves@espressif.com>
2024-03-04 15:47:01 -03:00
David Leach fefe701a5d zephyr: nxp: Update board names for hwmv2
Updates board names as per hwmv2

Signed-off-by: David Leach <david.leach@nxp.com>
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-03-01 14:37:29 +00:00
Jamie McCrae ef530384d6 boot: zephyr: boards: Rename configuration files
Renames configuration files for board names that have changed
with hwmv2

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-03-01 14:37:29 +00:00
Jamie McCrae 040fc714b1 boot: zephyr: boards: Remove removed boards
Removes configuration for boards that have not been in zephyr
for a long time

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-03-01 14:37:29 +00:00
Jamie McCrae fda4afc939 zephyr: Update board names for hwmv2
Updates board names as per hwmv2

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-03-01 14:37:29 +00:00
Dominik Ermel ca02c75060 boot/zephyr: Define SOC_FLASH_0_ID and SPI_FLASH_0_ID
The defines have been taken from the Zephyr flash_map.h
but as they are provided there for MCUboot only, they can be just
defined here.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-02-23 15:51:40 +01:00
Andrzej Puzdrowski 89feb4d8e3 zephyr/boards: nrf54l15pdk_nrf54l15_cpuapp config
Renamed the DK config file to proper name.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2024-02-20 17:45:12 +01:00
Dominik Ermel 6f7f87384d boot: Fix swap-move algorithm failing to validate multi-image
In multi image swap validation of images could fail due to
headers being incorrectly re-read from storage.

Fixes #1768

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
2024-02-20 16:29:41 +01:00
Mateusz Michalek 4b4cc85c67 zephyr: Add NRF54L configuration
Adds default Kconfig configuration that allows to build MCUboot
for NRF54L.
Currently this configuration turns off WDT and FPROTECT,
which is TODO to fix.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Signed-off-by: Mateusz Michalek <mateusz.michalek@nordicsemi.no>
2024-02-13 13:04:47 +01:00
Jamie McCrae a4eda30f5b zephyr: Add estimated size of update trailer to sysbuild
Adds a new field which is set to the estimated size of the
upgrade slot data, this is used to know how much space should
be reserved in an update image to determine if an update will
fit or not

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-01-30 13:43:58 +00:00
Øyvind Rønningstad 205d7e5b41 boot_serial: Adapt to zcbor 0.8.x
Change one _term to _lit that was missed earlier.

Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
2024-01-30 12:18:51 +00:00
Øyvind Rønningstad cf882ef3b5 zcbor: Make changes to zcbor code to satisfy mynewt compile options
bit-casting between uint and float.

Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
2024-01-30 12:18:51 +00:00
Øyvind Rønningstad c8d213a9a1 zcbor: Copy source and header files
from zcbor 0.8.1

Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
2024-01-30 12:18:51 +00:00
Øyvind Rønningstad f09e205b1e zcbor: Make changes to zcbor code to satisfy mynewt compile options
printf format type and bit-casting between uint and float.

Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
2024-01-25 08:16:49 +00:00
Øyvind Rønningstad 63ddb71d51 boot_serial: Adapt to API changes in zcbor 0.8.0
New arguments in zcbor_new_state are set to NULL/0 because they are
only needed when using the zcbor_unordered_map API.

Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
2024-01-25 08:16:49 +00:00
Øyvind Rønningstad a899390056 zcbor: Add copy notice to all copied files
And update script

Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
2024-01-25 08:16:49 +00:00
Øyvind Rønningstad ad5f0ac1b2 zcbor: Copy source and header files
from zcbor 0.8.0

Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
2024-01-25 08:16:49 +00:00
Mateusz Michalek c3a72e9daf boot: zephyr: moonlight watchdogs
adding WATCHDOG_FEED support for WDT30 and WDT31

Signed-off-by: Mateusz Michalek <mateusz.michalek@nordicsemi.no>
2024-01-10 12:46:35 +01:00
Jamie McCrae 4d75fc8e07 bootutil: Fix compatible sector checking
Fixes an issue whereby slot sizes were checked but the check was
not done properly. This also adds debug log messages to show the
sector configuration including if slot sizes are not optimal

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-01-08 15:35:53 +00:00
Jamie McCrae 35e9931c78 bootutil: Add debug logging for boot status write
Adds debug level logging which shows the offset of where a
sector swap status write is occurring at

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-01-08 15:35:53 +00:00
Jamie McCrae db9a7f5822 boot: zephyr: cmake: Fix issue with missing dts entries
Fixes an issue whereby a device might not have a write or erase
entry for the flash controller in devicetree. In the case whereby
the other slot has this information, use that instead. In the case
whereby neither slot has this information, use default values and
show a warning to the user

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2024-01-08 15:35:44 +00:00
Xudong Zheng 8cee355095 zephyr: kconfig: make MBEDTLS_PROMPTLESS depend on MBEDTLS
This addresses compilation error when MBEDTLS module is not present.

Signed-off-by: Xudong Zheng <7pkvm5aw@slicealias.com>
2024-01-02 10:21:59 +00:00
Jamie McCrae e9131ee8b8 zephyr: kconfig: Make saving encrypt TLVs depending on encryption
Prevents enabling the option to save encrypted TLVs if encryption
support is not enabled, as it is required to make use of this
functionality.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-12-12 10:41:26 +00:00
Jamie McCrae 4c7942e58c zephyr: Add estimated image footer size to cache in sysbuild
Adds MCUboot's estimated overhead footer size to the application's
cache when using sysbuild, this allows that information to be
propagated to applications which can use the information to reduce
the available size for an application, preventing the MCUboot
error of image too large to swap.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-12-12 10:41:26 +00:00
YuLong Yao 26d6423b00 boot: zephyr: esp32: zephyr port
Add support for ESP32xx_luatos_core targets to build
as Zephyr application.
This target is simular to esp32 devkitm,
copy conf file from esp32xx_devkitm

Signed-off-by: YuLong Yao <feilongphone@gmail.com>
2023-12-07 14:48:45 -03:00
Jamie McCrae 212997395e zephyr: firmware/single_loader: Fix compile warning
Fixes an issue of an unused function calling an undefined function

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-12-07 10:43:58 +00:00
Jamie McCrae a88e229346 zephyr: sysflash: Fix if condition for zephyr applications
Fixes an issue when sysflash is included by zephyr (non-mcuboot)
applications

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-12-07 10:43:58 +00:00
Piotr Dymacz 2a74a2b580 zephyr: io: add 'io_led_set()'
The static declaration of 'led0' was moved to 'io.c' which broke
building with the 'MCUBOOT_INDICATION_LED' enabled:

  mcuboot/boot/zephyr/main.c:380:22: error:
    'led0' undeclared (first use in this function)
      380 |     gpio_pin_set_dt(&led0, 1);
          |                      ^~~~

This adds simple function 'io_led_set()' for changing LED's value.

Fixes: 433b8480 ("zephyr: Move IO functions out of main to separate file")
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2023-12-06 10:33:28 +00:00
Piotr Dymacz 8c6c67016a zephyr: io: include 'bootutil_log.h' and declare log module membership
This fixes below error when building with 'MCUBOOT_INDICATION_LED' and
'LOG' enabled:

  In file included from zephyr/include/zephyr/logging/log.h:11,
                   from zephyr/include/zephyr/usb/usb_device.h:43,
                   from bootloader/mcuboot/boot/zephyr/io.c:26:
  mcuboot/boot/zephyr/io.c: In function 'io_led_init':
  zephyr/include/zephyr/logging/log_core.h:151:20: error:
    '__log_level' undeclared (first use in this function)
    151 |         (_level <= __log_level) &&                                          \
        |                    ^~~~~~~~~~~

Fixes: 433b8480 ("zephyr: Move IO functions out of main to separate file")
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2023-12-06 10:33:28 +00:00
Piotr Dymacz d99154f441 zephyr: rename 'led_init()' to 'io_led_init()'
This fixes below warning when building with 'MCUBOOT_INDICATION_LED'
enabled:

  mcuboot/boot/zephyr/main.c:410:5:
    warning: implicit declaration of function 'led_init';
             did you mean 'io_led_init'? [-Wimplicit-function-declaration]
      410 |     led_init();
          |     ^~~~~~~~
          |     io_led_init

Fixes: 433b8480 ("zephyr: Move IO functions out of main to separate file")
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2023-12-06 10:33:28 +00:00
Andrej Butok c43a20fd19 boot: zephyr: add support for mimxrt1040_evk
Add default configuration for mimxrt1040_evk.

Signed-off-by: Andrej Butok <andrey.butok@nxp.com>
2023-12-05 15:41:56 +00:00
Jamie McCrae 215345f76a zephyr: Add firmware loader MCUboot operation style
Adds a new operation style in which the secondary slot has an
image which is used to update the primary image only.

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-11-28 13:59:00 +00:00
Jamie McCrae 433b8480f7 zephyr: Move IO functions out of main to separate file
Moves IO functions into a separate file to allow reuse

Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
2023-11-28 13:59:00 +00:00