When using EC256 for signing, Zephyr now uses the bundled tinycrypt
and mbed-tls ASN1 parser instead of relying on the one provided by
the OS.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This commit removes the pseudo tinycrypt package based on symlinks
by adding a new pkg.yml to ext/tinycrypt and using it directly. It
also uses the new mbed-tls bundled ASN1 parser when EC256 is selected.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This bundles the asn1 parser from mbed-tls into mcuboot, which allows
adding EC crypto (tinycrypt based) functionality for target OSes that
don't bundle mbed-tls.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Although these files are likely implicitly licensed under the Apache 2.0
license because of the LICENSE file for this project, make this explicit
in these files.
Signed-off-by: David Brown <david.brown@linaro.org>
Our current travis environment still uses gcc 4.8.4 which defaults to
std=gnu90. Some of tinycrypt's code requires c99.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This fixes a comparison issue that was previously fixed by doing a
cast. Since tinycrypt and mbed-tls both already use an unsigned for
the size, the mcuboot interface was updated to also use an unsigned
value (size_t to be more precise!).
Signed-off-by: Fabio Utzig <utzig@apache.org>
Since ring does not yet support ecdsa signing, a thin layer was added
to allow the simulator to call tinycrypt's signing routine.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This enables building ecdsa feature using tinycrypt (mbed still built
for ASN1). The default mbed-tls config was update to use the MCUBOOT_SIGN_*
symbols.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Instead of trying to determine current branch using git, just rely
on travis to know if this is a PR and if it is not, don't do
signed-off-by checking.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This patch introduced serial bootloader functionality ported
from mynewt targets tree.
For achieving this following changes were applied:
- Modified boot_serial module for using, zephyr-os modules
(crc driver, mbedtls-base64 library) and the zephyr serial adapter module
introduced recently.
- Added service of boot serial recovery mode to main.
- Adapted the input parser to using static buffers.
Default serial-boot-pin configuration was added for nrf52_pca10040
and nrf52840_pca10056 boards.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The library is needed for support mcuboot serial recovery interface.
This library wraps the tinycbor decoder with a attribute based decoder
suitable for decoding a binary version of json.
Origin: apache Mynewt
License: Apache-2.0
URL: https://github.com/apache/mynewt-core/tree/master/encoding/cborattr
commit: bf4b3f6f4cf293fc5a71d7787d5b81555434b6f8
Maintained-by: External
f. cbor_read_mbuf_attrs was removed as it was Mynewt specific.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The library is needed for support mcuboot serial recovery interface.
Tinycbor lib from mynewt is imported because it is already modified for
Add tinycbor library for zephyr
mcuboot serial recovery protocol.
Origin: apache Mynewt
License: Apache-2.0
URL: https://github.com/apache/mynewt-core/tree/master/encoding/tinycbor
commit: bf4b3f6f4cf293fc5a71d7787d5b81555434b6f8
Maintained-by: External
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Serial adapter uses the zephyr UART driver in interrupt mode for
providing communication capabilities needed for the boot serial
recovery mode.
This module provide API similar to mynewt console module.
Serial adapter module can not be compiled along with
the zephyr uart console module so this case is checked.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
This path introduces settings related to zephyr mcuboot
serial recovery mode. It force selection on modules which are
necessary to compile this project.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
- Use git options to remove last commit from list to verify.
- Check each line of a commit for a "Signed-off-by" line.
- Exit with error in the event of no commits in PR!
Signed-off-by: Fabio Utzig <utzig@apache.org>
Fixes warnings treated as errors when upgrading gcc crate to 0.3.54.
Warnings are due to non-used variables and comparison between signed
and unsigned.
Signed-off-by: Fabio Utzig <utzig@apache.org>
It's onerous to work through the tests in docs/testplan-zephyr.md by
hand. Add a script which takes the thinking out of it.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
When not validating slot 0, we could be booting into an empty
chip. This means we jump based on garbage data.
Try to make this better by at least checking the magic number. Without
this patch, booting with just the bootloader fails the Zephyr release
tests.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Zephyr has moved on to CMake, and no longer supports in-tree builds as
assumed by this script. Let's just delete it and recommend that people
use the standard Zephyr build mechanisms.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
The Zephyr configuration was enabling the memory buffer allocator (but
not using it) without defining enough other features to allow it to
compile (undefined reference to `exit()`).
Disable the memory buffer allocator when just using the ASN.1 library,
and conditionalize the heap itself to avoid using the RAM for that.
Signed-off-by: David Brown <david.brown@linaro.org>
Now that the test infrastructure has changed so that the tests can be
run independently, create a series of cargo tests that run them. This
allows the tests to simply be run as:
cargo test
or possibly with feature flags
cargo test --features overwrite-only
It is also possible to run individual tests by giving their name after
the "cargo test" command.
Signed-off-by: David Brown <david.brown@linaro.org>
In order to allow the tests to be run independently, compute the total
count for each image that is generated, and store it in the images
struct. This causes a basic upgrade to be run an additional time for
each top-level test.
Signed-off-by: David Brown <david.brown@linaro.org>
Now that most of the relevant data is assembled into a single `Images`
struct, make the test operations on it into methods on this type.
This change looks larger than it really is because of the indentation
change of moving top-level functions into methods. There is also a lot
of change of `image` to `self`.
Signed-off-by: David Brown <david.brown@linaro.org>
Every use of `Images` uses the same flash device as a base. Move this
value into the struct, instead of having to pass it around in parallel.
Signed-off-by: David Brown <david.brown@linaro.org>
Refactor the tests so that most of the test data is inside of a new
`Run` structure instead of needing to be passed around.
Signed-off-by: David Brown <david.brown@linaro.org>
Lock the simulation with a mutex to prevent concurrent access. The C
code being tested uses globals, and can only be run in one context at a
time. The Rust test framework may run tests concurrently, so use the
mutex to prevent this.
Signed-off-by: David Brown <david.brown@linaro.org>
Move the alignment into the `boot_go` wrapper. Instead of relying on
this as a global, pass it around, ultimately setting it in the C
wrapper. This is in preparation to protecting the `boot_go` call with a
mutex to prevent reentrancy.
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of setting/reading a global, pass a reference through the Rust
wrapper to `boot_go`. This is one change needed so that `boot_go` can
be reentrant.
Signed-off-by: David Brown <david.brown@linaro.org>
As a start of doing the testing using Rust/Cargo's test framework, write
a test runner that just runs the existing tests. They run as they do
now, except that there is an assertion that there were no failures.
Signed-off-by: David Brown <david.brown@linaro.org>
Fabio Utzig