boot: zephyr: boot/zephyr/CMakeLists.txt under zephyr/subsys/

Refactor `boot/zephyr/CMakeLists.txt` and
`boot/bootutil/zephyr/CMakeLists.txt` into
more standard subsystems beneath `$mcuboot/zephyr/`.
This required changing which CMake file was
pointed to by `module.yml`.

Verified by:
1. building `$mcuboot/boot/zephyr` for mimxrt1064_evk and
   verifying the map file reported the same output and
   the same functions exist.  (Since they are linked in
   a different order the sizes may be different by a few
   padding bytes.
2. Further verified that the following testcases still pass with
   mcuboot options on twister:
      mcuboot/boot/zephyr
      zephyr/tests/subsys/dfu
      zephyr/samples/subsys/mgmt/mcumgr/smp_svr

Signed-off-by: Gregory SHUE <[email protected]>

Author: legrand-gregshue

boot/zephyr/CMakeLists.txt

@@ -45,230 +45,10 @@ endmacro()
 find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
 project(NONE)
 
-# Path to "boot" subdirectory of repository root.
-get_filename_component(BOOT_DIR ${APPLICATION_SOURCE_DIR} DIRECTORY)
-# Path to top-level repository root directory.
-get_filename_component(MCUBOOT_DIR ${BOOT_DIR} DIRECTORY)
-# Path to tinycrypt library source subdirectory of MCUBOOT_DIR.
-set(TINYCRYPT_DIR "${MCUBOOT_DIR}/ext/tinycrypt/lib")
-assert_exists(TINYCRYPT_DIR)
-set(TINYCRYPT_SHA512_DIR "${MCUBOOT_DIR}/ext/tinycrypt-sha512/lib")
-assert_exists(TINYCRYPT_SHA512_DIR)
-# Path to crypto-fiat
-set(FIAT_DIR "${MCUBOOT_DIR}/ext/fiat")
-assert_exists(FIAT_DIR)
-# Path to mbed-tls' asn1 parser library.
-set(MBEDTLS_ASN1_DIR "${MCUBOOT_DIR}/ext/mbedtls-asn1")
-assert_exists(MBEDTLS_ASN1_DIR)
-set(NRF_DIR "${MCUBOOT_DIR}/ext/nrf")
-
-if(CONFIG_BOOT_USE_NRF_CC310_BL)
-set(NRFXLIB_DIR ${ZEPHYR_BASE}/../nrfxlib)
-if(NOT EXISTS ${NRFXLIB_DIR})
-  message(FATAL_ERROR "
-    ------------------------------------------------------------------------
-    No such file or directory: ${NRFXLIB_DIR}
-    The current configuration enables nRF CC310 crypto accelerator hardware
-    with the `CONFIG_BOOT_USE_NRF_CC310_BL` option. Please follow
-    `ext/nrf/README.md` guide to fix your setup or use tinycrypt instead of
-    the HW accelerator.
-    To use the tinycrypt set `CONFIG_BOOT_ECDSA_TINYCRYPT` to y.
-    ------------------------------------------------------------------------")
-endif()
-# Don't include this if we are using west
- add_subdirectory(${NRFXLIB_DIR} ${PROJECT_BINARY_DIR}/nrfxlib)
-endif()
-
-zephyr_library_include_directories(
-  ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include
-  targets
-  )
-if(EXISTS targets/${BOARD}.h)
-  zephyr_library_compile_definitions(MCUBOOT_TARGET_CONFIG="${BOARD}.h")
-endif()
-
-# Zephyr port-specific sources.
-zephyr_library_sources(
-  main.c
-  flash_map_extended.c
-  os.c
+target_sources(app PRIVATE
   keys.c
   )
 
-if(DEFINED CONFIG_ENABLE_MGMT_PERUSER)
-  zephyr_library_sources(
-    boot_serial_extensions.c
-    )
-endif()
-
-if(NOT DEFINED CONFIG_FLASH_PAGE_LAYOUT)
-  zephyr_library_sources(
-    flash_map_legacy.c
-    )
-endif()
-
-# Generic bootutil sources and includes.
-zephyr_library_include_directories(${BOOT_DIR}/bootutil/include)
-zephyr_library_sources(
-  ${BOOT_DIR}/bootutil/src/image_validate.c
-  ${BOOT_DIR}/bootutil/src/tlv.c
-  ${BOOT_DIR}/bootutil/src/encrypted.c
-  ${BOOT_DIR}/bootutil/src/image_rsa.c
-  ${BOOT_DIR}/bootutil/src/image_ec256.c
-  ${BOOT_DIR}/bootutil/src/image_ed25519.c
-  ${BOOT_DIR}/bootutil/src/bootutil_misc.c
-  ${BOOT_DIR}/bootutil/src/fault_injection_hardening.c
-  )
-
-# library which might be common source code for MCUBoot and an application
-zephyr_link_libraries(MCUBOOT_BOOTUTIL)
-
-if(CONFIG_BOOT_FIH_PROFILE_HIGH)
-zephyr_library_sources(
-  ${BOOT_DIR}/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c
-  )
-endif()
-
-if(CONFIG_SINGLE_APPLICATION_SLOT)
-zephyr_library_sources(
-  ${BOOT_DIR}/zephyr/single_loader.c
-  )
-zephyr_library_include_directories(${BOOT_DIR}/bootutil/src)
-else()
-zephyr_library_sources(
-  ${BOOT_DIR}/bootutil/src/loader.c
-  ${BOOT_DIR}/bootutil/src/swap_misc.c
-  ${BOOT_DIR}/bootutil/src/swap_scratch.c
-  ${BOOT_DIR}/bootutil/src/swap_move.c
-  ${BOOT_DIR}/bootutil/src/caps.c
-  )
-endif()
-
-if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256)
-  zephyr_library_include_directories(
-    ${MBEDTLS_ASN1_DIR}/include
-    )
-  zephyr_library_sources(
-    # Additionally pull in just the ASN.1 parser from mbedTLS.
-    ${MBEDTLS_ASN1_DIR}/src/asn1parse.c
-    ${MBEDTLS_ASN1_DIR}/src/platform_util.c
-    )
-  if(CONFIG_BOOT_USE_TINYCRYPT)
-  # When using ECDSA signatures, pull in our copy of the tinycrypt library.
-  zephyr_library_include_directories(
-    ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include
-    ${TINYCRYPT_DIR}/include
-    )
-  zephyr_include_directories(${TINYCRYPT_DIR}/include)
-
-  zephyr_library_sources(
-    ${TINYCRYPT_DIR}/source/ecc.c
-    ${TINYCRYPT_DIR}/source/ecc_dsa.c
-    ${TINYCRYPT_DIR}/source/sha256.c
-    ${TINYCRYPT_DIR}/source/utils.c
-    )
-  elseif(CONFIG_BOOT_USE_NRF_CC310_BL)
-    zephyr_library_sources(${NRF_DIR}/cc310_glue.c)
-    zephyr_library_include_directories(${NRF_DIR})
-    zephyr_link_libraries(nrfxlib_crypto)
-  endif()
-
-  # Since here we are not using Zephyr's mbedTLS but rather our own, we need
-  # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this
-  # variable is set by its Kconfig in the Zephyr codebase.
-  zephyr_library_compile_definitions(
-    MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h"
-    )
-elseif(CONFIG_BOOT_SIGNATURE_TYPE_NONE)
-  zephyr_library_include_directories(
-    ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include
-    ${TINYCRYPT_DIR}/include
-    )
-
-  zephyr_library_sources(
-    ${TINYCRYPT_DIR}/source/sha256.c
-    ${TINYCRYPT_DIR}/source/utils.c
-    )
-elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA)
-  # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file
-  # is set using Kconfig.)
-  zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include)
-  if(CONFIG_BOOT_ENCRYPT_RSA)
-    set_source_files_properties(
-      ${BOOT_DIR}/bootutil/src/encrypted.c
-      PROPERTIES
-      INCLUDE_DIRECTORIES ${ZEPHYR_MBEDTLS_MODULE_DIR}/library
-      )
-  endif()
-elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519)
-  if(CONFIG_BOOT_USE_TINYCRYPT)
-    zephyr_library_include_directories(
-      ${MBEDTLS_ASN1_DIR}/include
-      ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include
-      ${TINYCRYPT_DIR}/include
-      ${TINYCRYPT_SHA512_DIR}/include
-      )
-    zephyr_library_sources(
-      ${TINYCRYPT_DIR}/source/sha256.c
-      ${TINYCRYPT_DIR}/source/utils.c
-      ${TINYCRYPT_SHA512_DIR}/source/sha512.c
-      # Additionally pull in just the ASN.1 parser from mbedTLS.
-      ${MBEDTLS_ASN1_DIR}/src/asn1parse.c
-      ${MBEDTLS_ASN1_DIR}/src/platform_util.c
-      )
-    zephyr_library_compile_definitions(
-      MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h"
-      )
-  else()
-    zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include)
-  endif()
-
-  zephyr_library_include_directories(
-    ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include
-    ${FIAT_DIR}/include/
-  )
-
-  zephyr_library_sources(
-    ${FIAT_DIR}/src/curve25519.c
-  )
-endif()
-
-if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256)
-  zephyr_library_sources(
-    ${TINYCRYPT_DIR}/source/aes_encrypt.c
-    ${TINYCRYPT_DIR}/source/aes_decrypt.c
-    ${TINYCRYPT_DIR}/source/ctr_mode.c
-    ${TINYCRYPT_DIR}/source/hmac.c
-    ${TINYCRYPT_DIR}/source/ecc_dh.c
-    )
-endif()
-
-if(CONFIG_BOOT_ENCRYPT_EC256)
-  zephyr_library_sources(
-    ${TINYCRYPT_DIR}/source/ecc_dh.c
-    )
-endif()
-
-if(CONFIG_MCUBOOT_SERIAL)
-  zephyr_sources(${BOOT_DIR}/zephyr/serial_adapter.c)
-  zephyr_sources(${BOOT_DIR}/boot_serial/src/boot_serial.c)
-  zephyr_sources(${BOOT_DIR}/boot_serial/src/serial_recovery_cbor.c)
-  zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_decode.c)
-  zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_encode.c)
-  zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_common.c)
-
-  zephyr_sources_ifdef(CONFIG_BOOT_MGMT_ECHO ${BOOT_DIR}/boot_serial/src/serial_recovery_echo.c)
-
-  zephyr_include_directories(${BOOT_DIR}/bootutil/include)
-  zephyr_include_directories(${BOOT_DIR}/boot_serial/include)
-  zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include)
-
-  zephyr_include_directories_ifdef(
-    CONFIG_BOOT_ERASE_PROGRESSIVELY
-    ${BOOT_DIR}/bootutil/src
-    )
-endif()
-
 if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "")
   # CONF_FILE points to the KConfig configuration files of the bootloader.
   foreach (filepath ${CONF_FILE})
@@ -289,7 +69,7 @@ if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "")
 	 (EXISTS ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}))
     set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
   else()
-    set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
+    set(KEY_FILE ${ZEPHYR_MCUBOOT_MODULE_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
   endif()
   message("MCUBoot bootloader key file: ${KEY_FILE}")
 
@@ -298,7 +78,7 @@ if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "")
     OUTPUT ${GENERATED_PUBKEY}
     COMMAND
     ${PYTHON_EXECUTABLE}
-    ${MCUBOOT_DIR}/scripts/imgtool.py
+    ${ZEPHYR_MCUBOOT_MODULE_DIR}/scripts/imgtool.py
     getpub
     -k
     ${KEY_FILE}
@@ -307,49 +87,3 @@ if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "")
     )
   zephyr_library_sources(${GENERATED_PUBKEY})
 endif()
-
-if(CONFIG_BOOT_ENCRYPTION_KEY_FILE AND NOT CONFIG_BOOT_ENCRYPTION_KEY_FILE STREQUAL "")
-  # CONF_FILE points to the KConfig configuration files of the bootloader.
-  unset(CONF_DIR)
-  foreach(filepath ${CONF_FILE})
-    file(READ ${filepath} temp_text)
-    string(FIND "${temp_text}" ${CONFIG_BOOT_ENCRYPTION_KEY_FILE} match)
-    if(${match} GREATER_EQUAL 0)
-      if(NOT DEFINED CONF_DIR)
-        get_filename_component(CONF_DIR ${filepath} DIRECTORY)
-      else()
-        message(FATAL_ERROR "Encryption key file defined in multiple conf files")
-      endif()
-    endif()
-  endforeach()
-
-  if(IS_ABSOLUTE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE})
-    set(KEY_FILE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE})
-  elseif((DEFINED CONF_DIR) AND
-	 (EXISTS ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE}))
-    set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE})
-  else()
-    set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE})
-  endif()
-  message("MCUBoot bootloader encryption key file: ${KEY_FILE}")
-
-  set(GENERATED_ENCKEY ${ZEPHYR_BINARY_DIR}/autogen-enckey.c)
-  add_custom_command(
-    OUTPUT ${GENERATED_ENCKEY}
-    COMMAND
-    ${PYTHON_EXECUTABLE}
-    ${MCUBOOT_DIR}/scripts/imgtool.py
-    getpriv
-    -k
-    ${KEY_FILE}
-    > ${GENERATED_ENCKEY}
-    DEPENDS ${KEY_FILE}
-    )
-  zephyr_library_sources(${GENERATED_ENCKEY})
-endif()
-
-if(CONFIG_MCUBOOT_CLEANUP_ARM_CORE)
-zephyr_library_sources(
-  ${BOOT_DIR}/zephyr/arm_cleanup.c
-)
-endif()

zephyr/CMakeLists.txt

@@ -0,0 +1,36 @@
+# Copyright (c) 2022 Legrand North America, LLC.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+
+cmake_minimum_required(VERSION 3.10 FATAL_ERROR)
+
+
+# Detect the platform reliably
+if(ZEPHYR_BASE)
+else()
+  message(FATAL_ERROR "ZEPHYR_BASE needs to be defined for Zephyr builds")
+endif()
+
+# Verify the module name is set correctly
+set(expected_module_name "mcuboot")
+if(NOT "${module_name}" STREQUAL ${expected_module_name})
+  message(FATAL_ERROR "A module configuration error has occurred.
+This module is named '${module_name}' when '${expected_module_name}' \
+is expected. 
+Verify `module.yml` contains the line 'name: ${expected_module_name}'.")
+endif()
+unset(expected_module_name)
+
+#Do not allow in source builds
+set(CMAKE_DISABLE_SOURCE_CHANGES ON)
+set(CMAKE_DISABLE_IN_SOURCE_BUILD ON)
+
+
+#
+# Module options managed through Kconfig and use names CONFIG_*
+#
+
+zephyr_include_directories(include)
+
+add_subdirectory(subsys)

zephyr/module.yml

@@ -7,4 +7,4 @@ samples:
   - boot/zephyr
 build:
   kconfig: zephyr/Kconfig
-  cmake: ./boot/bootutil/zephyr
+  cmake: zephyr

zephyr/subsys/CMakeLists.txt

@@ -0,0 +1,9 @@
+# Copyright (c) 2022 Legrand North America, LLC.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+
+cmake_minimum_required(VERSION 3.10 FATAL_ERROR)
+
+add_subdirectory_ifdef(CONFIG_MCUBOOT_BOOTUTIL_LIB mcuboot_util)
+add_subdirectory_ifdef(CONFIG_MCUBOOT mcuboot_svc)