Change the stale bot to 180 days before initial flag. In addition,
avoid issues entirely that have the 'someday' label applied.
Signed-off-by: David Brown <david.brown@linaro.org>
Sine zephyr https://github.com/zephyrproject-rtos/zephyr/pull/34279
was merged there is no silent idle thread created automatically while
CONFIG_MULTITHREADING=n. Since that any single thread application
needs to call k_cpu_idle() (wrapped by MCUBOOT_CPU_IDLE)
by itself for entering idle mode, which allows for reduction
power consumption.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Introduced MCUBOOT_CPU_IDLE() macro.
If a port supports single thread or is bare-metal then might be need
to switch to idle mode explicitly form MCUboot code.
The call allows to enable lower power consumption while waiting for
incoming transmission in serial recovery etc.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
MCUboot was build only for frdm_k64f in zephyr CI.
Extended Zephyr-RTOS integration platform by nrf52840dk_nrf52840
and nrf52840dongle_nrf52840 which allow to build MCUBoot on
these platform in Zephyr-RTOS CI.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Incorporate the [Contributor Covenant](https://www.contributor-covenant.org/)
used by a large number of open source communities.
Signed-off-by: David Brown <david.brown@linaro.org>
The commit removes implementation of boot_initialize_area
specific for flash_area_to_sectors, and applies changes to
the flash_area_get_sectors using variant, to make it
alternatively work with flash_area_to_sectors.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The change aligns type of "sector counter" to the type
used for *cnt parameter of flash_area_get_sectors.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Multiple image boot support is implemented for direct-xip and ram-load
strategies. Dependency checking is also added, and for ram-load more
executable ram regions can be set.
Wrapper functions are intoduced to all boot strategies.
Change-Id: I59b346277dcb2c17cef4800f1e556b4ea9144845
Signed-off-by: Mark Horvath <mark.horvath@arm.com>
The commit reorganizes logic of the boot_swap_sectors and
the boot_set_pending_multi to use the boot_read_swap_state,
instead of previously used boot_read_swap_state_by_id, to utilize
the flash area object the functions area obtaining.
It also fixes double a flash_area_open that happened implicitly within
the boot_swap_sectors, as it has been calling boot_read_swap_state_by_id
on the FLASH_AREA_IMAGE_SCRATCH, after it has already opened the area.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The fixup_revert has been switched to use boot_read_swap_state,
from boot_read_swap_state_by_id, and no longer needs the ID
parameter. It can now get swap state information by flash_area
object pointer, which is provided as 3rd parameter.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The function itself is not static within bootutil and may be used
to operate on flash areas, for which the flash_area object has
already been obtained.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Non-generated. Using cbor_encode directly
This removes the dependence on TinyCBOR.
Fixes#978
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
The following commit in Zephyr removed the need to unlock interrupts
when booting in single-threaded mode:
3b89cf173b
Remove the now obsolete lines.
Fixes#302.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This workflow will add a 'stale' label to any issues that haven't been
modified in 60 days, and then after an additional 14 days, will close
the issue.
The template was copied from Zephyr.
Signed-off-by: David Brown <david.brown@linaro.org>
K_sleep() is not available when multithreading is disabled.
Let's use k_busy_wait() in that case.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
For zephyr-rtos:
K_sleep() is not available when multithreading is disabled.
Let's use k_busy_wait() in that case.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The variable `rc` is used in `context_boot_go` for a number of operations, mostly checking return codes for an error. It is also used to store the result of comparing the installed application version numbers (using `boot_version_cmp`).
At the end of `context_boot_go`, `rc` is returned as the result of the operation.
In some configurations, namely direct XIP (without revert or any other extra boot checks), it is possible for the comparison result to be the last value of `rc`. In most cases, this will cause `context_boot_go` to report a failure (ie: non-zero return code), as the value of `rc` will be 1 or -1 if the installed applications aren't the same version.
This commit resets the value of `rc` to 0 after the version comparison has taken place.
Fixes#976
Signed-off-by: George Beckstein <george.beckstein@gmail.com>
Emits either MCUBOOT_SWAP_USING_SCRATCH and
CONFIG_BOOT_SWAP_USING_SCRATCH when swap using scratch
algorithm is expected.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Scratch area is unneeded if CONFIG_BOOT_SWAP_USING_SCRATCH=n.
This was not reflected so fare which causes build faliure.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
During fetching of swap-status scratch was examined unnecessary
in swap_status_source(). Scratch area shouldn't be needed in this mode.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Add boot_set_pending_multi() and boot_set_confirmed_multi() APIs so
that the user can set the image with given index as pending, confirmed.
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
Change-Id: Ifca04d396b38c6c64581703794071f6b42e9dfbf
This commit introduces changes to allow the Mbed-OS port to disable use of signature verification. Previously this was not possible even though it is a valid mcuboot configuration.
Signed-off-by: George Beckstein <george.beckstein@gmail.com>
This patch is for fixing:
https://github.com/zephyrproject-rtos/zephyr/issues/34683
copy-done flag is used to design completely copied image.
It is used to recognize whether need to complete image upgrade.
If image is running then:
1) it was already verified and copied by MCUboot
copy-done flag is set for sure.
2) or it was programmed directly using programming interface
For case 2) when image contains magic but not copy-done flag it was
impossible to confirm it. This patch removes needs of having copy-done
flag set while confirming. This make API behavior similar to situation
when the not-padded image was programmed.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Add new feature that allows testing EC256 encrypted images using the
Mbed TLS backend.
Move config-ecdsa.h to config-ec.h because definitions are very similar
between ECDSA and ECDH with Mbed TLS so resort to a single config file.
Add new feature and fix the build; add proper Mbed TLS memory
initialization when enc-ec256-mbedtls is used.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This is a define from Tinycrypt that was being used in the Mbed TLS
EC256 encrypted images implementation so properly define it.
Signed-off-by: Fabio Utzig <utzig@apache.org>
The mimxrt1060_evk and mimxrt1064_evk boards have large slots so we need
to increase CONFIG_BOOT_MAX_IMG_SECTORS from the default.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
When CONFIG_BOOT_SIGNATURE_KEY_FILE is left empty, the cmake find command gets
called with a wrong number of arguments. This patch skips the search for the
signature key file within config files in that case.
Signed-off-by: Nico Lastzka <Nico.Lastzka@ATSonline.de>
Addresses CVE-2021-28834
https://github.com/advisories/GHSA-52p9-v744-mwjj
Also removed the explicit jekyll dependency, which according to the
instructions should be commented out if the github-pages dependency is
used.
Signed-off-by: David Brown <david.brown@linaro.org>
Philip Colmer