From 289eccff254f49b4b88b1f05db247891da6bf83c Mon Sep 17 00:00:00 2001 From: Gregory SHUE Date: Fri, 8 Jul 2022 05:20:22 -0700 Subject: [PATCH 1/6] boot: zephyr: Add Zephyr manifest file (west.yml) Extend this repository to be a Zephyr application manifest-module to better support development as a downstream Zephyr module when using `west`. Verified by using `west init -m $repo --mr $branch $workspace` to initialize a west workspace, followed by a west update and a successful build of `$mcuboot/boot/zephyr` for mimxrt1064_evk. Further verified that the following testcases still pass with mcuboot options on twister: mcuboot/boot/zephyr zephyr/tests/subsys/dfu zephyr/samples/subsys/mgmt/mcumgr/smp_svr Signed-off-by: Gregory SHUE --- west.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 west.yml diff --git a/west.yml b/west.yml new file mode 100644 index 0000000000..6cd322159c --- /dev/null +++ b/west.yml @@ -0,0 +1,32 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + +# The west manifest file for Zephyr ecosystem development. +# +# Usage: +# west init -m https://github.com/mcu-tools/mcuboot +# west update + +manifest: + version: "0.12" + + remotes: + - name: zephyrproject + url-base: https://github.com/zephyrproject-rtos + - name: mcu-tools + url-base: https://github.com/mcu-tools + + defaults: + remote: mcu-tools + + projects: + - name: zephyr + revision: main + remote: zephyrproject + import: + name-blocklist: + - mcuboot + + self: + path: mcuboot From a215bbcec687c672f123c0d5843ee110d04a77cf Mon Sep 17 00:00:00 2001 From: Gregory SHUE Date: Fri, 8 Jul 2022 05:42:19 -0700 Subject: [PATCH 2/6] boot: zephyr: module Kconfig beneath zephyr/ Separate `boot/zephyr/Kconfig` into the portion to be picked up through `zephyr/module.yml` (variable declarations) and the portion appropriate for a top-level Kconfig (main menu, sourcing Kconfig.zephyr). Relocate all the module-specific Kconfig content beneath `$mcuboot/zephyr/` and extend `$mcuboot/zephyr/module.yml` to reference it. Fix up mcuboot-specific internal files to get the existing builds to pass. Verified by: 1. building with `-t guiconfig` and manually verifying the relocation of mcuboot Kconfig content within the Modules:mcuboot section. 2. building a full image and verifying the .map file did not change in flash or ram size. 3. Further verified that the following testcases still pass with mcuboot options on twister: mcuboot/boot/zephyr zephyr/tests/subsys/dfu zephyr/samples/subsys/mgmt/mcumgr/smp_svr Signed-off-by: Gregory SHUE --- boot/bootutil/zephyr/CMakeLists.txt | 3 +- boot/zephyr/Kconfig | 666 +---------------- boot/zephyr/prj.conf | 1 + zephyr/Kconfig | 677 ++++++++++++++++++ .../zephyr => zephyr}/Kconfig.serial_recovery | 0 zephyr/module.yml | 5 + 6 files changed, 686 insertions(+), 666 deletions(-) create mode 100644 zephyr/Kconfig rename {boot/zephyr => zephyr}/Kconfig.serial_recovery (100%) diff --git a/boot/bootutil/zephyr/CMakeLists.txt b/boot/bootutil/zephyr/CMakeLists.txt index 72a6a8638f..402c994faf 100644 --- a/boot/bootutil/zephyr/CMakeLists.txt +++ b/boot/bootutil/zephyr/CMakeLists.txt @@ -1,4 +1,5 @@ # Copyright (c) 2020 Nordic Semiconductor ASA +# Copyright (c) 2022 Legrand North America, LLC. # # SPDX-License-Identifier: Apache-2.0 @@ -6,7 +7,7 @@ if(CONFIG_MCUBOOT_BOOTUTIL_LIB) zephyr_interface_library_named(MCUBOOT_BOOTUTIL) -target_include_directories(MCUBOOT_BOOTUTIL INTERFACE +zephyr_include_directories(MCUBOOT_BOOTUTIL INTERFACE ../ ../include ../../zephyr/include diff --git a/boot/zephyr/Kconfig b/boot/zephyr/Kconfig index 74925856d5..379cd1105b 100644 --- a/boot/zephyr/Kconfig +++ b/boot/zephyr/Kconfig @@ -1,674 +1,10 @@ # Copyright (c) 2017-2020 Linaro Limited # Copyright (c) 2020 Arm Limited +# Copyright (c) 2022 Legrand North America, LLC. # # SPDX-License-Identifier: Apache-2.0 # mainmenu "MCUboot configuration" -comment "MCUboot-specific configuration options" - -# Hidden option to mark a project as MCUboot -config MCUBOOT - default y - bool - select MPU_ALLOW_FLASH_WRITE if ARM_MPU - select USE_DT_CODE_PARTITION if HAS_FLASH_LOAD_OFFSET - select MCUBOOT_BOOTUTIL_LIB - -config BOOT_USE_MBEDTLS - bool - # Hidden option - default n - help - Use mbedTLS for crypto primitives. - -config BOOT_USE_TINYCRYPT - bool - # Hidden option - default n - # When building for ECDSA, we use our own copy of mbedTLS, so the - # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros - # will collide. - help - Use TinyCrypt for crypto primitives. - -config BOOT_USE_CC310 - bool - # Hidden option - default n - # When building for ECDSA, we use our own copy of mbedTLS, so the - # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros - # will collide. - help - Use cc310 for crypto primitives. - -config BOOT_USE_NRF_CC310_BL - bool - default n - -config NRFXLIB_CRYPTO - bool - default n - -config NRF_CC310_BL - bool - default n - -menu "MCUBoot settings" - -config SINGLE_APPLICATION_SLOT - bool "Single slot bootloader" - default n - help - Single image area is used for application which means that - uploading a new application overwrites the one that previously - occupied the area. - -choice BOOT_SIGNATURE_TYPE - prompt "Signature type" - default BOOT_SIGNATURE_TYPE_RSA - -config BOOT_SIGNATURE_TYPE_NONE - bool "No signature; use only hash check" - select BOOT_USE_TINYCRYPT - -config BOOT_SIGNATURE_TYPE_RSA - bool "RSA signatures" - select BOOT_USE_MBEDTLS - select MBEDTLS - -if BOOT_SIGNATURE_TYPE_RSA -config BOOT_SIGNATURE_TYPE_RSA_LEN - int "RSA signature length" - range 2048 3072 - default 2048 -endif - -config BOOT_SIGNATURE_TYPE_ECDSA_P256 - bool "Elliptic curve digital signatures with curve P-256" - -if BOOT_SIGNATURE_TYPE_ECDSA_P256 -choice BOOT_ECDSA_IMPLEMENTATION - prompt "Ecdsa implementation" - default BOOT_ECDSA_TINYCRYPT - -config BOOT_ECDSA_TINYCRYPT - bool "Use tinycrypt" - select BOOT_USE_TINYCRYPT - -config BOOT_ECDSA_CC310 - bool "Use CC310" - depends on HAS_HW_NRF_CC310 - select BOOT_USE_NRF_CC310_BL - select NRF_CC310_BL - select NRFXLIB_CRYPTO - select BOOT_USE_CC310 -endchoice # Ecdsa implementation -endif - -config BOOT_SIGNATURE_TYPE_ED25519 - bool "Edwards curve digital signatures using ed25519" - -if BOOT_SIGNATURE_TYPE_ED25519 -choice BOOT_ED25519_IMPLEMENTATION - prompt "Ecdsa implementation" - default BOOT_ED25519_TINYCRYPT -config BOOT_ED25519_TINYCRYPT - bool "Use tinycrypt" - select BOOT_USE_TINYCRYPT -config BOOT_ED25519_MBEDTLS - bool "Use mbedTLS" - select BOOT_USE_MBEDTLS - select MBEDTLS -endchoice -endif - -endchoice - -config BOOT_SIGNATURE_KEY_FILE - string "PEM key file" - default "root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256 - default "root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519 - default "root-rsa-3072.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=3072 - default "root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=2048 - default "" - help - You can use either absolute or relative path. - In case relative path is used, the build system assumes that it starts - from the directory where the MCUBoot KConfig configuration file is - located. If the key file is not there, the build system uses relative - path that starts from the MCUBoot repository root directory. - The key file will be parsed by imgtool's getpub command and a .c source - with the public key information will be written in a format expected by - MCUboot. - -config MCUBOOT_CLEANUP_ARM_CORE - bool "Perform core cleanup before chain-load the application" - depends on CPU_CORTEX_M - default y if !ARCH_SUPPORTS_ARCH_HW_INIT - help - This option instructs MCUboot to perform a clean-up of a set of - architecture core HW registers before junping to the application - firmware. The clean-up sets these registers to their warm-reset - values as specified by the architecture. - - By default, this option is enabled only if the architecture does - not have the functionality to perform such a register clean-up - during application firmware boot. - - Zephyr applications on Cortex-M will perform this register clean-up - by default, if they are chain-loadable by MCUboot, so MCUboot does - not need to perform such a cleanup itself. - -config MBEDTLS_CFG_FILE - default "mcuboot-mbedtls-cfg.h" - -config BOOT_HW_KEY - bool "Use HW key for image verification" - default n - help - Use HW key for image verification, otherwise the public key is embedded - in MCUBoot. If enabled the public key is appended to the signed image - and requires the hash of the public key to be provisioned to the device - beforehand. - -config BOOT_VALIDATE_SLOT0 - bool "Validate image in the primary slot on every boot" - default y - help - If y, the bootloader attempts to validate the signature of the - primary slot every boot. This adds the signature check time to - every boot, but can mitigate against some changes that are - able to modify the flash image itself. - -config BOOT_VALIDATE_SLOT0_ONCE - bool "Validate image in the primary slot just once after after upgrade" - depends on !BOOT_VALIDATE_SLOT0 && SINGLE_APPLICATION_SLOT - default n - help - If y, the bootloader attempts to validate the signature of the - primary slot only once after an upgrade of the main slot. - It caches the result in the magic area, which makes it an unsecure - method. This option is usefull for lowering the boot up time for - low end devices with as a compromise lowering the security level. - If unsure, leave at the default value. - -config BOOT_PREFER_SWAP_MOVE - bool "Prefer the newer swap move algorithm" - default y if SOC_FAMILY_NRF - default n - help - If y, the BOOT_IMAGE_UPGRADE_MODE will default to using - "move" instead of "scratch". This is a separate bool config - option, because Kconfig doesn't allow defaults to be - overridden in choice options. Most devices should be using - swap move. - -if !SINGLE_APPLICATION_SLOT -choice BOOT_IMAGE_UPGRADE_MODE - prompt "Image upgrade modes" - default BOOT_SWAP_USING_MOVE if BOOT_PREFER_SWAP_MOVE - default BOOT_SWAP_USING_SCRATCH - -config BOOT_SWAP_USING_SCRATCH - bool "Swap mode that run with the scratch partition" - help - This is the most conservative swap mode but it can work even on - devices with heterogeneous flash page layout. - -config BOOT_UPGRADE_ONLY - bool "Overwrite image updates instead of swapping" - help - If y, overwrite the primary slot with the upgrade image instead - of swapping them. This prevents the fallback recovery, but - uses a much simpler code path. - -config BOOT_SWAP_USING_MOVE - bool "Swap mode that can run without a scratch partition" - help - If y, the swap upgrade is done in two steps, where first every - sector of the primary slot is moved up one sector, then for - each sector X in the secondary slot, it is moved to index X in - the primary slot, then the sector at X+1 in the primary is - moved to index X in the secondary. - This allows a swap upgrade without using a scratch partition, - but is currently limited to all sectors in both slots being of - the same size. - -config BOOT_DIRECT_XIP - bool "Run the latest image directly from its slot" - help - If y, mcuboot selects the newest valid image based on the image version - numbers, thereafter the selected image can run directly from its slot - without having to move/copy it into the primary slot. For this reason the - images must be linked to be executed from the given image slot. Using this - mode results in a simpler code path and smaller code size. - -config BOOT_RAM_LOAD - bool "RAM load" - help - If y, mcuboot selects the newest valid image based on the image version - numbers, thereafter the selected image is copied to RAM and executed from - there. For this reason, the image has to be linked to be executed from RAM. - The address that the image is copied to is specified using the load-addr - argument to the imgtool.py script which writes it to the image header. - -endchoice - -# Workaround for not being able to have commas in macro arguments -DT_CHOSEN_Z_SRAM := zephyr,sram - -if BOOT_RAM_LOAD -config BOOT_IMAGE_EXECUTABLE_RAM_START - hex "Boot image executable ram start" - default $(dt_chosen_reg_addr_hex,$(DT_CHOSEN_Z_SRAM)) - -config BOOT_IMAGE_EXECUTABLE_RAM_SIZE - int "Boot image executable base size" - default $(dt_chosen_reg_size_int,$(DT_CHOSEN_Z_SRAM),0) -endif - -config BOOT_DIRECT_XIP_REVERT - bool "Enable the revert mechanism in direct-xip mode" - depends on BOOT_DIRECT_XIP - default n - help - If y, enables the revert mechanism in direct-xip similar to the one in - swap mode. It requires the trailer magic to be added to the signed image. - When a reboot happens without the image being confirmed at runtime, the - bootloader considers the image faulty and erases it. After this it will - attempt to boot the previous image. The images can also be made permanent - (marked as confirmed in advance) just like in swap mode. - -config BOOT_BOOTSTRAP - bool "Bootstrap erased the primary slot from the secondary slot" - default n - help - If y, enables bootstraping support. Bootstrapping allows an erased - primary slot to be initialized from a valid image in the secondary slot. - If unsure, leave at the default value. - -config BOOT_SWAP_SAVE_ENCTLV - bool "Save encrypted key TLVs instead of plaintext keys in swap metadata" - default n - help - If y, instead of saving the encrypted image keys in plaintext in the - swap resume metadata, save the encrypted image TLVs. This should be used - when there is no security mechanism protecting the data in the primary - slot from being dumped. If n is selected (default), the keys are written - after being decrypted from the image TLVs and could be read by an - attacker who has access to the flash contents of the primary slot (eg - JTAG/SWD or primary slot in external flash). - If unsure, leave at the default value. - -config BOOT_ENCRYPT_IMAGE - bool - help - Hidden option used to check if any image encryption is enabled. - -config BOOT_ENCRYPT_RSA - bool "Support for encrypted upgrade images using RSA" - select BOOT_ENCRYPT_IMAGE - help - If y, images in the secondary slot can be encrypted and are decrypted - on the fly when upgrading to the primary slot, as well as encrypted - back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is RSA-OAEP (2048 bits). - -config BOOT_ENCRYPT_EC256 - bool "Support for encrypted upgrade images using ECIES-P256" - select BOOT_ENCRYPT_IMAGE - help - If y, images in the secondary slot can be encrypted and are decrypted - on the fly when upgrading to the primary slot, as well as encrypted - back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is ECIES using primitives - described under "ECIES-P256 encryption" in docs/encrypted_images.md. - -config BOOT_ENCRYPT_X25519 - bool "Support for encrypted upgrade images using ECIES-X25519" - select BOOT_ENCRYPT_IMAGE - help - If y, images in the secondary slot can be encrypted and are decrypted - on the fly when upgrading to the primary slot, as well as encrypted - back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is ECIES using primitives - described under "ECIES-X25519 encryption" in docs/encrypted_images.md. -endif # !SINGLE_APPLICATION_SLOT - -config BOOT_ENCRYPTION_KEY_FILE - string "encryption key file" - depends on BOOT_ENCRYPT_EC256 || BOOT_SERIAL_ENCRYPT_EC256 - default "enc-ec256-priv.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256 - default "" - help - You can use either absolute or relative path. - In case relative path is used, the build system assumes that it starts - from the directory where the MCUBoot KConfig configuration file is - located. If the key file is not there, the build system uses relative - path that starts from the MCUBoot repository root directory. - The key file will be parsed by imgtool's getpriv command and a .c source - with the public key information will be written in a format expected by - MCUboot. - -config BOOT_MAX_IMG_SECTORS - int "Maximum number of sectors per image slot" - default 128 - help - This option controls the maximum number of sectors that each of - the two image areas can contain. Smaller values reduce MCUboot's - memory usage; larger values allow it to support larger images. - If unsure, leave at the default value. - -config MEASURED_BOOT - bool "Store the boot state/measurements in shared memory" - default n - help - If enabled, the bootloader will store certain boot measurements such as - the hash of the firmware image in a shared memory area. This data can - be used later by runtime services (e.g. by a device attestation service). - -config BOOT_SHARE_DATA - bool "Save application specific data in shared memory area" - default n - -choice BOOT_FAULT_INJECTION_HARDENING_PROFILE - prompt "Fault injection hardening profile" - default BOOT_FIH_PROFILE_OFF - -config BOOT_FIH_PROFILE_OFF - bool "No hardening against hardware level fault injection" - help - No hardening in SW against hardware level fault injection: power or - clock glitching, etc. - -config BOOT_FIH_PROFILE_LOW - bool "Moderate level hardening against hardware level fault injection" - help - Moderate level hardening: Long global fail loop to avoid break out, - control flow integrity check to discover discrepancy in expected code - flow. - -config BOOT_FIH_PROFILE_MEDIUM - bool "Medium level hardening against hardware level fault injection" - help - Medium level hardening: Long global fail loop to avoid break out, - control flow integrity check to discover discrepancy in expected code - flow, double variables to discover register or memory corruption. - -config BOOT_FIH_PROFILE_HIGH - bool "Maximum level hardening against hardware level fault injection" - select MBEDTLS - help - Maximum level hardening: Long global fail loop to avoid break out, - control flow integrity check to discover discrepancy in expected code - flow, double variables to discover register or memory corruption, random - delays to make code execution less predictable. Random delays requires an - entropy source. - -endchoice - -choice BOOT_USB_DFU - prompt "USB DFU" - default BOOT_USB_DFU_NO - -config BOOT_USB_DFU_NO - prompt "Disabled" - -config BOOT_USB_DFU_WAIT - bool "Wait for a prescribed duration to see if USB DFU is invoked" - select USB_DEVICE_STACK - select USB_DFU_CLASS - select IMG_MANAGER - help - If y, MCUboot waits for a prescribed duration of time to allow - for USB DFU to be invoked. Please note DFU always updates the - slot1 image. - -config BOOT_USB_DFU_GPIO - bool "Use GPIO to detect whether to trigger DFU mode" - select USB_DEVICE_STACK - select USB_DFU_CLASS - select IMG_MANAGER - help - If y, MCUboot uses GPIO to detect whether to invoke USB DFU. - -endchoice - -config BOOT_USB_DFU_WAIT_DELAY_MS - int "USB DFU wait duration" - depends on BOOT_USB_DFU_WAIT - default 12000 - help - Milliseconds to wait for USB DFU to be invoked. - -if BOOT_USB_DFU_GPIO - -config BOOT_USB_DFU_DETECT_PORT - string "GPIO device to trigger USB DFU mode (DEPRECATED)" - default GPIO_0 if SOC_FAMILY_NRF - help - Zephyr GPIO device that contains the pin used to trigger - USB DFU. - -config BOOT_USB_DFU_DETECT_PIN - int "Pin to trigger USB DFU mode (DEPRECATED)" - default 6 if BOARD_NRF9160DK_NRF9160 - default 11 if BOARD_NRF52840DK_NRF52840 - default 13 if BOARD_NRF52DK_NRF52832 - default 23 if BOARD_NRF5340_DK_NRF5340_CPUAPP || BOARD_NRF5340_DK_NRF5340_CPUAPP_NS - default 43 if BOARD_BL5340_DVK_CPUAPP || BOARD_BL5340_DVK_CPUAPP_NS - default -1 - help - Pin on the DFU detect port that triggers DFU mode. - -config BOOT_USB_DFU_DETECT_PIN_VAL - int "USB DFU detect pin trigger value (DEPRECATED)" - default 0 - range 0 1 - help - Logic value of the detect pin that triggers USB DFU mode. - -config BOOT_USB_DFU_DETECT_DELAY - int "Serial detect pin detection delay time [ms]" - default 0 - help - Used to prevent the bootloader from loading on button press. - Useful for powering on when using the same button as - the one used to place the device in bootloader mode. - -endif # BOOT_USB_DFU_GPIO - -config ZEPHYR_TRY_MASS_ERASE - bool "Try to mass erase flash when flashing MCUboot image" - default y - help - If y, attempt to configure the Zephyr build system's "flash" - target to mass-erase the flash device before flashing the - MCUboot image. This ensures the scratch and other partitions - are in a consistent state. - - This is not available for all targets. - -config BOOT_USE_BENCH - bool "Enable benchmark code" - default n - help - If y, adds support for simple benchmarking that can record - time intervals between two calls. The time printed depends - on the particular Zephyr target, and is generally ticks of a - specific board-specific timer. - -module = MCUBOOT -module-str = MCUBoot bootloader -source "subsys/logging/Kconfig.template.log_config" - -config MCUBOOT_LOG_THREAD_STACK_SIZE - int "Stack size for the MCUBoot log processing thread" - depends on LOG && !LOG_IMMEDIATE - default 2048 if COVERAGE_GCOV - default 1024 if NO_OPTIMIZATIONS - default 1024 if XTENSA - default 4096 if (X86 && X86_64) - default 4096 if ARM64 - default 768 - help - Set the internal stack size for MCUBoot log processing thread. - -config MCUBOOT_INDICATION_LED - bool "Turns on LED indication when device is in DFU" - default n - help - Device device activates the LED while in bootloader mode. - bootloader-led0 alias must be set in the device's .dts - definitions for this to work. - -rsource "Kconfig.serial_recovery" - -config BOOT_INTR_VEC_RELOC - bool "Relocate the interrupt vector to the application" - default n - depends on SW_VECTOR_RELAY || CPU_CORTEX_M_HAS_VTOR - help - Relocate the interrupt vector to the application before it is started. - Select this option if application requires vector relocation, - but it doesn't relocate vector in its reset handler. - -config UPDATEABLE_IMAGE_NUMBER - int "Number of updateable images" - default 1 - range 1 1 if SINGLE_APPLICATION_SLOT - help - Enables support of multi image update. - -choice BOOT_DOWNGRADE_PREVENTION_CHOICE - prompt "Downgrade prevention" - optional - -config MCUBOOT_DOWNGRADE_PREVENTION - bool "SW based downgrade prevention" - depends on !BOOT_DIRECT_XIP - help - Prevent downgrades by enforcing incrementing version numbers. - When this option is set, any upgrade must have greater major version - or greater minor version with equal major version. This mechanism - only protects against some attacks against version downgrades (for - example, a JTAG could be used to write an older version). - -config MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER - bool "Use image security counter instead of version number" - depends on MCUBOOT_DOWNGRADE_PREVENTION - depends on (BOOT_SWAP_USING_MOVE || BOOT_SWAP_USING_SCRATCH) - help - Security counter is used for version eligibility check instead of pure - version. When this option is set, any upgrade must have greater or - equal security counter value. - Because of the acceptance of equal values it allows for software - downgrades to some extent. - -config MCUBOOT_HW_DOWNGRADE_PREVENTION - bool "HW based downgrade prevention" - help - Prevent undesirable/malicious software downgrades. When this option is - set, any upgrade must have greater or equal security counter value. - Because of the acceptance of equal values it allows for software - downgrade to some extent. - -endchoice - -config BOOT_WATCHDOG_FEED - bool "Feed the watchdog while doing swap" - default y if WATCHDOG - default y if SOC_FAMILY_NRF - # for nRF nrfx based implementation is available - imply NRFX_WDT if SOC_FAMILY_NRF - imply NRFX_WDT0 if SOC_FAMILY_NRF - imply NRFX_WDT1 if SOC_FAMILY_NRF - help - Enables implementation of MCUBOOT_WATCHDOG_FEED() macro which is - used to feed watchdog while doing time consuming operations. - -config BOOT_IMAGE_ACCESS_HOOKS - bool "Enable hooks for overriding MCUboot's native routines" - help - Allow to provide procedures for override or extend native - MCUboot's routines required for access the image data and the image - update. It is up to the project customization to add required source - files to the build. - -config MCUBOOT_ACTION_HOOKS - bool "Enable hooks for responding to MCUboot status changes" - help - This will call a handler when the MCUboot status changes which allows - for some level of user feedback, for instance to change LED status to - indicate a failure, using the callback: - 'void mcuboot_status_change(mcuboot_status_type_t status)' where - 'mcuboot_status_type_t' is listed in - boot/bootutil/include/bootutil/mcuboot_status.h - -endmenu - -config MCUBOOT_DEVICE_SETTINGS - # Hidden selector for device-specific settings - bool - default y - # CPU options - select MCUBOOT_DEVICE_CPU_CORTEX_M0 if CPU_CORTEX_M0 - # Enable flash page layout if available - select FLASH_PAGE_LAYOUT if FLASH_HAS_PAGE_LAYOUT - # Enable flash_map module as flash I/O back-end - select FLASH_MAP - -config MCUBOOT_DEVICE_CPU_CORTEX_M0 - # Hidden selector for Cortex-M0 settings - bool - default n - select SW_VECTOR_RELAY if !CPU_CORTEX_M0_HAS_VECTOR_TABLE_REMAP - -comment "Zephyr configuration options" - -# Disabling MULTITHREADING provides a code size advantage, but -# it requires peripheral drivers (particularly a flash driver) -# that works properly with the option enabled. -# -# If you know for sure that your hardware will work, you can default -# it to n here. Otherwise, having it on by default makes the most -# hardware work. -config MULTITHREADING - default y if BOOT_SERIAL_CDC_ACM #usb driver requires MULTITHREADING - default y if BOOT_USB_DFU_GPIO || BOOT_USB_DFU_WAIT - default n if SOC_FAMILY_NRF - default y - -config LOG_PROCESS_THREAD - default n # mcuboot has its own log processing thread - -# override USB device name -config USB_DEVICE_PRODUCT - default "MCUBOOT" - -# use MCUboot's own log configuration -config MCUBOOT_BOOTUTIL_LIB_OWN_LOG - bool - default n - -config MCUBOOT_VERIFY_IMG_ADDRESS - bool "Verify reset address of image in secondary slot" - depends on UPDATEABLE_IMAGE_NUMBER > 1 - depends on !BOOT_ENCRYPT_IMAGE - depends on ARM - default y if BOOT_UPGRADE_ONLY - help - Verify that the reset address in the image located in the secondary slot - is contained within the corresponding primary slot. This is recommended - if swapping is not used (that is, BOOT_UPGRADE_ONLY is set). If a user - incorrectly uploads an update for image 1 to image 0's secondary slot - MCUboot will overwrite image 0's primary slot with this image even - though it will not boot. If swapping is enabled this will be handled - since the image will not confirm itself. If, however, swapping is not - enabled then the only mitigation is serial recovery. This feature can - also be useful when BOOT_DIRECT_XIP is enabled, to ensure that the image - linked at the correct address is loaded. - source "Kconfig.zephyr" diff --git a/boot/zephyr/prj.conf b/boot/zephyr/prj.conf index e4c0129437..88966e1f60 100644 --- a/boot/zephyr/prj.conf +++ b/boot/zephyr/prj.conf @@ -1,3 +1,4 @@ +CONFIG_MCUBOOT=y CONFIG_DEBUG=y CONFIG_PM=n diff --git a/zephyr/Kconfig b/zephyr/Kconfig new file mode 100644 index 0000000000..b6e0dc807b --- /dev/null +++ b/zephyr/Kconfig @@ -0,0 +1,677 @@ +# Copyright (c) 2017-2020 Linaro Limited +# Copyright (c) 2020 Arm Limited +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 +# + + +# Option to build the project with the MCUBoot application +config MCUBOOT + bool "MCUBoot application" + default n + select MPU_ALLOW_FLASH_WRITE if ARM_MPU + select USE_DT_CODE_PARTITION if HAS_FLASH_LOAD_OFFSET + select MCUBOOT_BOOTUTIL_LIB + +config BOOT_USE_MBEDTLS + bool + # Hidden option + default n + help + Use mbedTLS for crypto primitives. + +config BOOT_USE_TINYCRYPT + bool + # Hidden option + default n + # When building for ECDSA, we use our own copy of mbedTLS, so the + # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros + # will collide. + help + Use TinyCrypt for crypto primitives. + +config BOOT_USE_CC310 + bool + # Hidden option + default n + # When building for ECDSA, we use our own copy of mbedTLS, so the + # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros + # will collide. + help + Use cc310 for crypto primitives. + +config BOOT_USE_NRF_CC310_BL + bool + default n + +config NRFXLIB_CRYPTO + bool + default n + +config NRF_CC310_BL + bool + default n + +menu "MCUBoot settings" + +config SINGLE_APPLICATION_SLOT + bool "Single slot bootloader" + default n + help + Single image area is used for application which means that + uploading a new application overwrites the one that previously + occupied the area. + +choice BOOT_SIGNATURE_TYPE + prompt "Signature type" + default BOOT_SIGNATURE_TYPE_RSA + +config BOOT_SIGNATURE_TYPE_NONE + bool "No signature; use only hash check" + select BOOT_USE_TINYCRYPT + +config BOOT_SIGNATURE_TYPE_RSA + bool "RSA signatures" + select BOOT_USE_MBEDTLS + select MBEDTLS + +if BOOT_SIGNATURE_TYPE_RSA +config BOOT_SIGNATURE_TYPE_RSA_LEN + int "RSA signature length" + range 2048 3072 + default 2048 +endif + +config BOOT_SIGNATURE_TYPE_ECDSA_P256 + bool "Elliptic curve digital signatures with curve P-256" + +if BOOT_SIGNATURE_TYPE_ECDSA_P256 +choice BOOT_ECDSA_IMPLEMENTATION + prompt "Ecdsa implementation" + default BOOT_ECDSA_TINYCRYPT + +config BOOT_ECDSA_TINYCRYPT + bool "Use tinycrypt" + select BOOT_USE_TINYCRYPT + +config BOOT_ECDSA_CC310 + bool "Use CC310" + depends on HAS_HW_NRF_CC310 + select BOOT_USE_NRF_CC310_BL + select NRF_CC310_BL + select NRFXLIB_CRYPTO + select BOOT_USE_CC310 +endchoice # Ecdsa implementation +endif + +config BOOT_SIGNATURE_TYPE_ED25519 + bool "Edwards curve digital signatures using ed25519" + +if BOOT_SIGNATURE_TYPE_ED25519 +choice BOOT_ED25519_IMPLEMENTATION + prompt "Ecdsa implementation" + default BOOT_ED25519_TINYCRYPT +config BOOT_ED25519_TINYCRYPT + bool "Use tinycrypt" + select BOOT_USE_TINYCRYPT +config BOOT_ED25519_MBEDTLS + bool "Use mbedTLS" + select BOOT_USE_MBEDTLS + select MBEDTLS +endchoice +endif + +endchoice + +config BOOT_SIGNATURE_KEY_FILE + string "PEM key file" + default "root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256 + default "root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519 + default "root-rsa-3072.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=3072 + default "root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=2048 + default "" + help + You can use either absolute or relative path. + In case relative path is used, the build system assumes that it starts + from the directory where the MCUBoot KConfig configuration file is + located. If the key file is not there, the build system uses relative + path that starts from the MCUBoot repository root directory. + The key file will be parsed by imgtool's getpub command and a .c source + with the public key information will be written in a format expected by + MCUboot. + +config MCUBOOT_CLEANUP_ARM_CORE + bool "Perform core cleanup before chain-load the application" + depends on CPU_CORTEX_M + default y if !ARCH_SUPPORTS_ARCH_HW_INIT + help + This option instructs MCUboot to perform a clean-up of a set of + architecture core HW registers before junping to the application + firmware. The clean-up sets these registers to their warm-reset + values as specified by the architecture. + + By default, this option is enabled only if the architecture does + not have the functionality to perform such a register clean-up + during application firmware boot. + + Zephyr applications on Cortex-M will perform this register clean-up + by default, if they are chain-loadable by MCUboot, so MCUboot does + not need to perform such a cleanup itself. + +config MBEDTLS_CFG_FILE + default "mcuboot-mbedtls-cfg.h" + +config BOOT_HW_KEY + bool "Use HW key for image verification" + default n + help + Use HW key for image verification, otherwise the public key is embedded + in MCUBoot. If enabled the public key is appended to the signed image + and requires the hash of the public key to be provisioned to the device + beforehand. + +config BOOT_VALIDATE_SLOT0 + bool "Validate image in the primary slot on every boot" + default y + help + If y, the bootloader attempts to validate the signature of the + primary slot every boot. This adds the signature check time to + every boot, but can mitigate against some changes that are + able to modify the flash image itself. + +config BOOT_VALIDATE_SLOT0_ONCE + bool "Validate image in the primary slot just once after after upgrade" + depends on !BOOT_VALIDATE_SLOT0 && SINGLE_APPLICATION_SLOT + default n + help + If y, the bootloader attempts to validate the signature of the + primary slot only once after an upgrade of the main slot. + It caches the result in the magic area, which makes it an unsecure + method. This option is usefull for lowering the boot up time for + low end devices with as a compromise lowering the security level. + If unsure, leave at the default value. + +config BOOT_PREFER_SWAP_MOVE + bool "Prefer the newer swap move algorithm" + default y if SOC_FAMILY_NRF + default n + help + If y, the BOOT_IMAGE_UPGRADE_MODE will default to using + "move" instead of "scratch". This is a separate bool config + option, because Kconfig doesn't allow defaults to be + overridden in choice options. Most devices should be using + swap move. + +if !SINGLE_APPLICATION_SLOT +choice BOOT_IMAGE_UPGRADE_MODE + prompt "Image upgrade modes" + default BOOT_SWAP_USING_MOVE if BOOT_PREFER_SWAP_MOVE + default BOOT_SWAP_USING_SCRATCH + +config BOOT_SWAP_USING_SCRATCH + bool "Swap mode that run with the scratch partition" + help + This is the most conservative swap mode but it can work even on + devices with heterogeneous flash page layout. + +config BOOT_UPGRADE_ONLY + bool "Overwrite image updates instead of swapping" + help + If y, overwrite the primary slot with the upgrade image instead + of swapping them. This prevents the fallback recovery, but + uses a much simpler code path. + +config BOOT_SWAP_USING_MOVE + bool "Swap mode that can run without a scratch partition" + help + If y, the swap upgrade is done in two steps, where first every + sector of the primary slot is moved up one sector, then for + each sector X in the secondary slot, it is moved to index X in + the primary slot, then the sector at X+1 in the primary is + moved to index X in the secondary. + This allows a swap upgrade without using a scratch partition, + but is currently limited to all sectors in both slots being of + the same size. + +config BOOT_DIRECT_XIP + bool "Run the latest image directly from its slot" + help + If y, mcuboot selects the newest valid image based on the image version + numbers, thereafter the selected image can run directly from its slot + without having to move/copy it into the primary slot. For this reason the + images must be linked to be executed from the given image slot. Using this + mode results in a simpler code path and smaller code size. + +config BOOT_RAM_LOAD + bool "RAM load" + help + If y, mcuboot selects the newest valid image based on the image version + numbers, thereafter the selected image is copied to RAM and executed from + there. For this reason, the image has to be linked to be executed from RAM. + The address that the image is copied to is specified using the load-addr + argument to the imgtool.py script which writes it to the image header. + +endchoice + +# Workaround for not being able to have commas in macro arguments +DT_CHOSEN_Z_SRAM := zephyr,sram + +if BOOT_RAM_LOAD +config BOOT_IMAGE_EXECUTABLE_RAM_START + hex "Boot image executable ram start" + default $(dt_chosen_reg_addr_hex,$(DT_CHOSEN_Z_SRAM)) + +config BOOT_IMAGE_EXECUTABLE_RAM_SIZE + int "Boot image executable base size" + default $(dt_chosen_reg_size_int,$(DT_CHOSEN_Z_SRAM),0) +endif + +config BOOT_DIRECT_XIP_REVERT + bool "Enable the revert mechanism in direct-xip mode" + depends on BOOT_DIRECT_XIP + default n + help + If y, enables the revert mechanism in direct-xip similar to the one in + swap mode. It requires the trailer magic to be added to the signed image. + When a reboot happens without the image being confirmed at runtime, the + bootloader considers the image faulty and erases it. After this it will + attempt to boot the previous image. The images can also be made permanent + (marked as confirmed in advance) just like in swap mode. + +config BOOT_BOOTSTRAP + bool "Bootstrap erased the primary slot from the secondary slot" + default n + help + If y, enables bootstraping support. Bootstrapping allows an erased + primary slot to be initialized from a valid image in the secondary slot. + If unsure, leave at the default value. + +config BOOT_SWAP_SAVE_ENCTLV + bool "Save encrypted key TLVs instead of plaintext keys in swap metadata" + default n + help + If y, instead of saving the encrypted image keys in plaintext in the + swap resume metadata, save the encrypted image TLVs. This should be used + when there is no security mechanism protecting the data in the primary + slot from being dumped. If n is selected (default), the keys are written + after being decrypted from the image TLVs and could be read by an + attacker who has access to the flash contents of the primary slot (eg + JTAG/SWD or primary slot in external flash). + If unsure, leave at the default value. + +config BOOT_ENCRYPT_IMAGE + bool + help + Hidden option used to check if any image encryption is enabled. + +config BOOT_ENCRYPT_RSA + bool "Support for encrypted upgrade images using RSA" + select BOOT_ENCRYPT_IMAGE + help + If y, images in the secondary slot can be encrypted and are decrypted + on the fly when upgrading to the primary slot, as well as encrypted + back when swapping from the primary slot to the secondary slot. The + encryption mechanism used in this case is RSA-OAEP (2048 bits). + +config BOOT_ENCRYPT_EC256 + bool "Support for encrypted upgrade images using ECIES-P256" + select BOOT_ENCRYPT_IMAGE + help + If y, images in the secondary slot can be encrypted and are decrypted + on the fly when upgrading to the primary slot, as well as encrypted + back when swapping from the primary slot to the secondary slot. The + encryption mechanism used in this case is ECIES using primitives + described under "ECIES-P256 encryption" in docs/encrypted_images.md. + +config BOOT_ENCRYPT_X25519 + bool "Support for encrypted upgrade images using ECIES-X25519" + select BOOT_ENCRYPT_IMAGE + help + If y, images in the secondary slot can be encrypted and are decrypted + on the fly when upgrading to the primary slot, as well as encrypted + back when swapping from the primary slot to the secondary slot. The + encryption mechanism used in this case is ECIES using primitives + described under "ECIES-X25519 encryption" in docs/encrypted_images.md. +endif # !SINGLE_APPLICATION_SLOT + +config BOOT_ENCRYPTION_KEY_FILE + string "encryption key file" + depends on BOOT_ENCRYPT_EC256 || BOOT_SERIAL_ENCRYPT_EC256 + default "enc-ec256-priv.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256 + default "" + help + You can use either absolute or relative path. + In case relative path is used, the build system assumes that it starts + from the directory where the MCUBoot KConfig configuration file is + located. If the key file is not there, the build system uses relative + path that starts from the MCUBoot repository root directory. + The key file will be parsed by imgtool's getpriv command and a .c source + with the public key information will be written in a format expected by + MCUboot. + +config BOOT_MAX_IMG_SECTORS + int "Maximum number of sectors per image slot" + default 128 + help + This option controls the maximum number of sectors that each of + the two image areas can contain. Smaller values reduce MCUboot's + memory usage; larger values allow it to support larger images. + If unsure, leave at the default value. + +config MEASURED_BOOT + bool "Store the boot state/measurements in shared memory" + default n + help + If enabled, the bootloader will store certain boot measurements such as + the hash of the firmware image in a shared memory area. This data can + be used later by runtime services (e.g. by a device attestation service). + +config BOOT_SHARE_DATA + bool "Save application specific data in shared memory area" + default n + +choice BOOT_FAULT_INJECTION_HARDENING_PROFILE + prompt "Fault injection hardening profile" + default BOOT_FIH_PROFILE_OFF + +config BOOT_FIH_PROFILE_OFF + bool "No hardening against hardware level fault injection" + help + No hardening in SW against hardware level fault injection: power or + clock glitching, etc. + +config BOOT_FIH_PROFILE_LOW + bool "Moderate level hardening against hardware level fault injection" + help + Moderate level hardening: Long global fail loop to avoid break out, + control flow integrity check to discover discrepancy in expected code + flow. + +config BOOT_FIH_PROFILE_MEDIUM + bool "Medium level hardening against hardware level fault injection" + help + Medium level hardening: Long global fail loop to avoid break out, + control flow integrity check to discover discrepancy in expected code + flow, double variables to discover register or memory corruption. + +config BOOT_FIH_PROFILE_HIGH + bool "Maximum level hardening against hardware level fault injection" + select MBEDTLS + help + Maximum level hardening: Long global fail loop to avoid break out, + control flow integrity check to discover discrepancy in expected code + flow, double variables to discover register or memory corruption, random + delays to make code execution less predictable. Random delays requires an + entropy source. + +endchoice + +choice BOOT_USB_DFU + prompt "USB DFU" + default BOOT_USB_DFU_NO + +config BOOT_USB_DFU_NO + prompt "Disabled" + +config BOOT_USB_DFU_WAIT + bool "Wait for a prescribed duration to see if USB DFU is invoked" + select USB_DEVICE_STACK + select USB_DFU_CLASS + select IMG_MANAGER + help + If y, MCUboot waits for a prescribed duration of time to allow + for USB DFU to be invoked. Please note DFU always updates the + slot1 image. + +config BOOT_USB_DFU_GPIO + bool "Use GPIO to detect whether to trigger DFU mode" + select USB_DEVICE_STACK + select USB_DFU_CLASS + select IMG_MANAGER + help + If y, MCUboot uses GPIO to detect whether to invoke USB DFU. + +endchoice + +config BOOT_USB_DFU_WAIT_DELAY_MS + int "USB DFU wait duration" + depends on BOOT_USB_DFU_WAIT + default 12000 + help + Milliseconds to wait for USB DFU to be invoked. + +if BOOT_USB_DFU_GPIO + +config BOOT_USB_DFU_DETECT_PORT + string "GPIO device to trigger USB DFU mode (DEPRECATED)" + default GPIO_0 if SOC_FAMILY_NRF + help + Zephyr GPIO device that contains the pin used to trigger + USB DFU. + +config BOOT_USB_DFU_DETECT_PIN + int "Pin to trigger USB DFU mode (DEPRECATED)" + default 6 if BOARD_NRF9160DK_NRF9160 + default 11 if BOARD_NRF52840DK_NRF52840 + default 13 if BOARD_NRF52DK_NRF52832 + default 23 if BOARD_NRF5340_DK_NRF5340_CPUAPP || BOARD_NRF5340_DK_NRF5340_CPUAPP_NS + default 43 if BOARD_BL5340_DVK_CPUAPP || BOARD_BL5340_DVK_CPUAPP_NS + default -1 + help + Pin on the DFU detect port that triggers DFU mode. + +config BOOT_USB_DFU_DETECT_PIN_VAL + int "USB DFU detect pin trigger value (DEPRECATED)" + default 0 + range 0 1 + help + Logic value of the detect pin that triggers USB DFU mode. + +config BOOT_USB_DFU_DETECT_DELAY + int "Serial detect pin detection delay time [ms]" + default 0 + help + Used to prevent the bootloader from loading on button press. + Useful for powering on when using the same button as + the one used to place the device in bootloader mode. + +endif # BOOT_USB_DFU_GPIO + +config ZEPHYR_TRY_MASS_ERASE + bool "Try to mass erase flash when flashing MCUboot image" + default y + help + If y, attempt to configure the Zephyr build system's "flash" + target to mass-erase the flash device before flashing the + MCUboot image. This ensures the scratch and other partitions + are in a consistent state. + + This is not available for all targets. + +config BOOT_USE_BENCH + bool "Enable benchmark code" + default n + help + If y, adds support for simple benchmarking that can record + time intervals between two calls. The time printed depends + on the particular Zephyr target, and is generally ticks of a + specific board-specific timer. + +if MCUBOOT +module = MCUBOOT +module-str = MCUBoot bootloader +source "subsys/logging/Kconfig.template.log_config" +endif + +config MCUBOOT_LOG_THREAD_STACK_SIZE + int "Stack size for the MCUBoot log processing thread" + depends on LOG && !LOG_IMMEDIATE + default 2048 if COVERAGE_GCOV + default 1024 if NO_OPTIMIZATIONS + default 1024 if XTENSA + default 4096 if (X86 && X86_64) + default 4096 if ARM64 + default 768 + help + Set the internal stack size for MCUBoot log processing thread. + +config MCUBOOT_INDICATION_LED + bool "Turns on LED indication when device is in DFU" + default n + help + Device device activates the LED while in bootloader mode. + bootloader-led0 alias must be set in the device's .dts + definitions for this to work. + +rsource "Kconfig.serial_recovery" + +config BOOT_INTR_VEC_RELOC + bool "Relocate the interrupt vector to the application" + default n + depends on SW_VECTOR_RELAY || CPU_CORTEX_M_HAS_VTOR + help + Relocate the interrupt vector to the application before it is started. + Select this option if application requires vector relocation, + but it doesn't relocate vector in its reset handler. + +config UPDATEABLE_IMAGE_NUMBER + int "Number of updateable images" + default 1 + range 1 1 if SINGLE_APPLICATION_SLOT + help + Enables support of multi image update. + +choice BOOT_DOWNGRADE_PREVENTION_CHOICE + prompt "Downgrade prevention" + optional + +config MCUBOOT_DOWNGRADE_PREVENTION + bool "SW based downgrade prevention" + depends on !BOOT_DIRECT_XIP + help + Prevent downgrades by enforcing incrementing version numbers. + When this option is set, any upgrade must have greater major version + or greater minor version with equal major version. This mechanism + only protects against some attacks against version downgrades (for + example, a JTAG could be used to write an older version). + +config MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER + bool "Use image security counter instead of version number" + depends on MCUBOOT_DOWNGRADE_PREVENTION + depends on (BOOT_SWAP_USING_MOVE || BOOT_SWAP_USING_SCRATCH) + help + Security counter is used for version eligibility check instead of pure + version. When this option is set, any upgrade must have greater or + equal security counter value. + Because of the acceptance of equal values it allows for software + downgrades to some extent. + +config MCUBOOT_HW_DOWNGRADE_PREVENTION + bool "HW based downgrade prevention" + help + Prevent undesirable/malicious software downgrades. When this option is + set, any upgrade must have greater or equal security counter value. + Because of the acceptance of equal values it allows for software + downgrade to some extent. + +endchoice + +config BOOT_WATCHDOG_FEED + bool "Feed the watchdog while doing swap" + default y if WATCHDOG + default y if SOC_FAMILY_NRF + # for nRF nrfx based implementation is available + imply NRFX_WDT if SOC_FAMILY_NRF + imply NRFX_WDT0 if SOC_FAMILY_NRF + imply NRFX_WDT1 if SOC_FAMILY_NRF + help + Enables implementation of MCUBOOT_WATCHDOG_FEED() macro which is + used to feed watchdog while doing time consuming operations. + +config BOOT_IMAGE_ACCESS_HOOKS + bool "Enable hooks for overriding MCUboot's native routines" + help + Allow to provide procedures for override or extend native + MCUboot's routines required for access the image data and the image + update. It is up to the project customization to add required source + files to the build. + +config MCUBOOT_ACTION_HOOKS + bool "Enable hooks for responding to MCUboot status changes" + help + This will call a handler when the MCUboot status changes which allows + for some level of user feedback, for instance to change LED status to + indicate a failure, using the callback: + 'void mcuboot_status_change(mcuboot_status_type_t status)' where + 'mcuboot_status_type_t' is listed in + boot/bootutil/include/bootutil/mcuboot_status.h + +endmenu + +config MCUBOOT_DEVICE_SETTINGS + # Hidden selector for device-specific settings + bool + default y + # CPU options + select MCUBOOT_DEVICE_CPU_CORTEX_M0 if CPU_CORTEX_M0 + # Enable flash page layout if available + select FLASH_PAGE_LAYOUT if FLASH_HAS_PAGE_LAYOUT + # Enable flash_map module as flash I/O back-end + select FLASH_MAP + +config MCUBOOT_DEVICE_CPU_CORTEX_M0 + # Hidden selector for Cortex-M0 settings + bool + default n + select SW_VECTOR_RELAY if !CPU_CORTEX_M0_HAS_VECTOR_TABLE_REMAP + +comment "Zephyr configuration options" + +# Disabling MULTITHREADING provides a code size advantage, but +# it requires peripheral drivers (particularly a flash driver) +# that works properly with the option enabled. +# +# If you know for sure that your hardware will work, you can default +# it to n here. Otherwise, having it on by default makes the most +# hardware work. + +if MCUBOOT +config MULTITHREADING + default y if BOOT_SERIAL_CDC_ACM #usb driver requires MULTITHREADING + default y if BOOT_USB_DFU_GPIO || BOOT_USB_DFU_WAIT + default n if SOC_FAMILY_NRF + default y +endif + +config LOG_PROCESS_THREAD + default n # mcuboot has its own log processing thread + +# override USB device name +config USB_DEVICE_PRODUCT + default "MCUBOOT" + +## use MCUboot's own log configuration +#config MCUBOOT_BOOTUTIL_LIB_OWN_LOG +# bool +# default n + +config MCUBOOT_VERIFY_IMG_ADDRESS + bool "Verify reset address of image in secondary slot" + depends on UPDATEABLE_IMAGE_NUMBER > 1 + depends on !BOOT_ENCRYPT_IMAGE + depends on ARM + default y if BOOT_UPGRADE_ONLY + help + Verify that the reset address in the image located in the secondary slot + is contained within the corresponding primary slot. This is recommended + if swapping is not used (that is, BOOT_UPGRADE_ONLY is set). If a user + incorrectly uploads an update for image 1 to image 0's secondary slot + MCUboot will overwrite image 0's primary slot with this image even + though it will not boot. If swapping is enabled this will be handled + since the image will not confirm itself. If, however, swapping is not + enabled then the only mitigation is serial recovery. This feature can + also be useful when BOOT_DIRECT_XIP is enabled, to ensure that the image + linked at the correct address is loaded. + +source "modules/Kconfig.mcuboot_bootutil" diff --git a/boot/zephyr/Kconfig.serial_recovery b/zephyr/Kconfig.serial_recovery similarity index 100% rename from boot/zephyr/Kconfig.serial_recovery rename to zephyr/Kconfig.serial_recovery diff --git a/zephyr/module.yml b/zephyr/module.yml index c4293e3877..4c1964f282 100644 --- a/zephyr/module.yml +++ b/zephyr/module.yml @@ -1,4 +1,9 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + samples: - boot/zephyr build: + kconfig: zephyr/Kconfig cmake: ./boot/bootutil/zephyr From 765ca5c12ba78a5275a630536adbffcdfaf04c88 Mon Sep 17 00:00:00 2001 From: Gregory SHUE Date: Fri, 8 Jul 2022 05:48:18 -0700 Subject: [PATCH 3/6] boot: zephyr: Force module name to `mcuboot` The Zephyr build system exposes to module CMakeLists.txt files the following variables: ZEPHYR_${MODULE_NAME}_MODULE_DIR ZEPHYR_${MODULE_NAME}_CMAKE_DIR where MODULE_NAME is the uppercase version of the current module. This variable is set based on the `name:` field in `module.yml`. If the `name:` field is not present, then it picks up the name from the manifest file if present, and follows other defaulting logic if not. In order to enable other modules to reference overlays in this module the module name must be fixed by setting it in `module.yml`. Verified by: 1. setting the name to the value "mcuboot2" and verifying the build artifacts produced `$build/modules/mcuboot2`. 2. setting the name to the value "mcuboot" and verifying the build artifacts produced `$buildmodules/mcuboot` 3. Further verified that the following testcases still pass with mcuboot options on twister: mcuboot/boot/zephyr zephyr/tests/subsys/dfu zephyr/samples/subsys/mgmt/mcumgr/smp_svr Signed-off-by: Gregory SHUE --- zephyr/module.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/zephyr/module.yml b/zephyr/module.yml index 4c1964f282..dacb375f49 100644 --- a/zephyr/module.yml +++ b/zephyr/module.yml @@ -2,6 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 +name: mcuboot samples: - boot/zephyr build: From 79cebf4dff9b6a2a5f364c5ee5acaf77a2186b9e Mon Sep 17 00:00:00 2001 From: Gregory SHUE Date: Fri, 8 Jul 2022 08:21:13 -0700 Subject: [PATCH 4/6] boot: zephyr: boot/zephyr/include/ to zephyr/include/ In the Zephyr directory structure the module-level include is located as a subdirectory of the module-level CMakeLists.txt. For a general pattern suitable for extending existing repositories the Zephyr directory structure must exist within the `zephyr/` directory along with `module.yml`. This is necessary to avoid conflicts with existing repository directory structures and build files. Verified by: 1. Building `boot/zephyr` for mimxrt1064_evk and verifying that the zephyr image did not change in sizes. 2. Further verified that the following testcases still pass with mcuboot options on twister: mcuboot/boot/zephyr zephyr/tests/subsys/dfu zephyr/samples/subsys/mgmt/mcumgr/smp_svr Signed-off-by: Gregory SHUE --- boot/bootutil/zephyr/CMakeLists.txt | 8 +++---- .../config/mcuboot_config/mcuboot_config.h | 2 +- boot/zephyr/CMakeLists.txt | 21 ++++++++++--------- docs/PORTING.md | 2 +- docs/readme-zephyr.md | 2 +- .../mcuboot_config/mcuboot_config.template.h | 2 +- sim/src/image.rs | 2 +- {boot/zephyr => zephyr}/include/arm_cleanup.h | 0 {boot/zephyr => zephyr}/include/config-asn1.h | 0 {boot/zephyr => zephyr}/include/config-ec.h | 0 .../include/config-ed25519.h | 0 {boot/zephyr => zephyr}/include/config-kw.h | 0 .../zephyr => zephyr}/include/config-rsa-kw.h | 0 {boot/zephyr => zephyr}/include/config-rsa.h | 0 .../flash_map_backend/flash_map_backend.h | 0 {boot/zephyr => zephyr}/include/hal/hal_bsp.h | 0 .../zephyr => zephyr}/include/hal/hal_flash.h | 0 .../include/mcuboot-mbedtls-cfg.h | 0 .../include/mcuboot_config/mcuboot_config.h | 0 .../include/mcuboot_config/mcuboot_logging.h | 0 {boot/zephyr => zephyr}/include/os/os.h | 0 {boot/zephyr => zephyr}/include/os/os_heap.h | 0 .../zephyr => zephyr}/include/os/os_malloc.h | 0 .../include/platform-bench.h | 0 .../include/serial_adapter/serial_adapter.h | 0 .../zephyr => zephyr}/include/single_loader.h | 0 .../include/sysflash/sysflash.h | 0 {boot/zephyr => zephyr}/include/target.h | 0 28 files changed, 20 insertions(+), 19 deletions(-) rename {boot/zephyr => zephyr}/include/arm_cleanup.h (100%) rename {boot/zephyr => zephyr}/include/config-asn1.h (100%) rename {boot/zephyr => zephyr}/include/config-ec.h (100%) rename {boot/zephyr => zephyr}/include/config-ed25519.h (100%) rename {boot/zephyr => zephyr}/include/config-kw.h (100%) rename {boot/zephyr => zephyr}/include/config-rsa-kw.h (100%) rename {boot/zephyr => zephyr}/include/config-rsa.h (100%) rename {boot/zephyr => zephyr}/include/flash_map_backend/flash_map_backend.h (100%) rename {boot/zephyr => zephyr}/include/hal/hal_bsp.h (100%) rename {boot/zephyr => zephyr}/include/hal/hal_flash.h (100%) rename {boot/zephyr => zephyr}/include/mcuboot-mbedtls-cfg.h (100%) rename {boot/zephyr => zephyr}/include/mcuboot_config/mcuboot_config.h (100%) rename {boot/zephyr => zephyr}/include/mcuboot_config/mcuboot_logging.h (100%) rename {boot/zephyr => zephyr}/include/os/os.h (100%) rename {boot/zephyr => zephyr}/include/os/os_heap.h (100%) rename {boot/zephyr => zephyr}/include/os/os_malloc.h (100%) rename {boot/zephyr => zephyr}/include/platform-bench.h (100%) rename {boot/zephyr => zephyr}/include/serial_adapter/serial_adapter.h (100%) rename {boot/zephyr => zephyr}/include/single_loader.h (100%) rename {boot/zephyr => zephyr}/include/sysflash/sysflash.h (100%) rename {boot/zephyr => zephyr}/include/target.h (100%) diff --git a/boot/bootutil/zephyr/CMakeLists.txt b/boot/bootutil/zephyr/CMakeLists.txt index 402c994faf..bc8efb931d 100644 --- a/boot/bootutil/zephyr/CMakeLists.txt +++ b/boot/bootutil/zephyr/CMakeLists.txt @@ -8,9 +8,9 @@ if(CONFIG_MCUBOOT_BOOTUTIL_LIB) zephyr_interface_library_named(MCUBOOT_BOOTUTIL) zephyr_include_directories(MCUBOOT_BOOTUTIL INTERFACE - ../ - ../include - ../../zephyr/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/bootutil + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/bootutil/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include ) zephyr_library_named(mcuboot_util) @@ -31,7 +31,7 @@ target_link_libraries(MCUBOOT_BOOTUTIL INTERFACE zephyr_interface) if(CONFIG_BOOT_USE_TINYCRYPT) target_include_directories(MCUBOOT_BOOTUTIL INTERFACE - ../../../ext/tinycrypt/lib/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/tinycrypt/lib/include ) endif() diff --git a/boot/cypress/MCUBootApp/config/mcuboot_config/mcuboot_config.h b/boot/cypress/MCUBootApp/config/mcuboot_config/mcuboot_config.h index e925717b42..acb9fdb116 100644 --- a/boot/cypress/MCUBootApp/config/mcuboot_config/mcuboot_config.h +++ b/boot/cypress/MCUBootApp/config/mcuboot_config/mcuboot_config.h @@ -16,7 +16,7 @@ * * For examples, see: * - * boot/zephyr/include/mcuboot_config/mcuboot_config.h + * zephyr/include/mcuboot_config/mcuboot_config.h * boot/mynewt/mcuboot_config/include/mcuboot_config/mcuboot_config.h */ /* Default maximum number of flash sectors per image slot; change diff --git a/boot/zephyr/CMakeLists.txt b/boot/zephyr/CMakeLists.txt index 6070cd5827..3b69af563e 100644 --- a/boot/zephyr/CMakeLists.txt +++ b/boot/zephyr/CMakeLists.txt @@ -1,6 +1,7 @@ # CMakeLists.txt for building mcuboot as a Zephyr project # # Copyright (c) 2017 Open Source Foundries Limited +# Copyright (c) 2022 Legrand North America, LLC. # # SPDX-License-Identifier: Apache-2.0 @@ -79,7 +80,7 @@ endif() endif() zephyr_library_include_directories( - include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include targets ) if(EXISTS targets/${BOARD}.h) @@ -155,7 +156,7 @@ if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_ if(CONFIG_BOOT_USE_TINYCRYPT) # When using ECDSA signatures, pull in our copy of the tinycrypt library. zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include ${TINYCRYPT_DIR}/include ) zephyr_include_directories(${TINYCRYPT_DIR}/include) @@ -176,11 +177,11 @@ if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_ # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this # variable is set by its Kconfig in the Zephyr codebase. zephyr_library_compile_definitions( - MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h" + MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h" ) elseif(CONFIG_BOOT_SIGNATURE_TYPE_NONE) zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include ${TINYCRYPT_DIR}/include ) @@ -191,7 +192,7 @@ elseif(CONFIG_BOOT_SIGNATURE_TYPE_NONE) elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA) # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file # is set using Kconfig.) - zephyr_include_directories(include) + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) if(CONFIG_BOOT_ENCRYPT_RSA) set_source_files_properties( ${BOOT_DIR}/bootutil/src/encrypted.c @@ -203,7 +204,7 @@ elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519) if(CONFIG_BOOT_USE_TINYCRYPT) zephyr_library_include_directories( ${MBEDTLS_ASN1_DIR}/include - ${BOOT_DIR}/zephyr/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include ${TINYCRYPT_DIR}/include ${TINYCRYPT_SHA512_DIR}/include ) @@ -216,14 +217,14 @@ elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519) ${MBEDTLS_ASN1_DIR}/src/platform_util.c ) zephyr_library_compile_definitions( - MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h" + MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h" ) else() - zephyr_include_directories(include) + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) endif() zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include ${FIAT_DIR}/include/ ) @@ -260,7 +261,7 @@ if(CONFIG_MCUBOOT_SERIAL) zephyr_include_directories(${BOOT_DIR}/bootutil/include) zephyr_include_directories(${BOOT_DIR}/boot_serial/include) - zephyr_include_directories(include) + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) zephyr_include_directories_ifdef( CONFIG_BOOT_ERASE_PROGRESSIVELY diff --git a/docs/PORTING.md b/docs/PORTING.md index 48040960ad..e51a2b7849 100644 --- a/docs/PORTING.md +++ b/docs/PORTING.md @@ -64,7 +64,7 @@ by MCUboot. For example, Mynewt uses MYNEWT_VAL() and Zephyr uses Kconfig; these configuration systems are converted to MCUBOOT_ options in the following files: -- boot/zephyr/include/mcuboot_config/mcuboot_config.h +- zephyr/include/mcuboot_config/mcuboot_config.h - boot/mynewt/mcuboot_config/include/mcuboot_config/mcuboot_config.h ## Flash Map diff --git a/docs/readme-zephyr.md b/docs/readme-zephyr.md index ea18fe9f48..fdd1ca4dff 100644 --- a/docs/readme-zephyr.md +++ b/docs/readme-zephyr.md @@ -61,7 +61,7 @@ it as usual: In addition to the partitions defined in DTS, some additional information about the flash layout is currently required to build MCUboot itself. All the needed configuration is collected in -`boot/zephyr/include/target.h`. Depending on the board, this information +`zephyr/include/target.h`. Depending on the board, this information may come from board-specific headers, Device Tree, or be configured by MCUboot on a per-SoC family basis. diff --git a/samples/mcuboot_config/mcuboot_config.template.h b/samples/mcuboot_config/mcuboot_config.template.h index 989ec61838..b1bee0fabd 100644 --- a/samples/mcuboot_config/mcuboot_config.template.h +++ b/samples/mcuboot_config/mcuboot_config.template.h @@ -17,7 +17,7 @@ * * For examples, see: * - * boot/zephyr/include/mcuboot_config/mcuboot_config.h + * zephyr/include/mcuboot_config/mcuboot_config.h * boot/mynewt/mcuboot_config/include/mcuboot_config/mcuboot_config.h */ diff --git a/sim/src/image.rs b/sim/src/image.rs index 568cf0aea9..6ad73d03fc 100644 --- a/sim/src/image.rs +++ b/sim/src/image.rs @@ -141,7 +141,7 @@ impl ImagesBuilder { let mut slots = Vec::with_capacity(num_images); for image in 0..num_images { // This mapping must match that defined in - // `boot/zephyr/include/sysflash/sysflash.h`. + // `zephyr/include/sysflash/sysflash.h`. let id0 = match image { 0 => FlashId::Image0, 1 => FlashId::Image2, diff --git a/boot/zephyr/include/arm_cleanup.h b/zephyr/include/arm_cleanup.h similarity index 100% rename from boot/zephyr/include/arm_cleanup.h rename to zephyr/include/arm_cleanup.h diff --git a/boot/zephyr/include/config-asn1.h b/zephyr/include/config-asn1.h similarity index 100% rename from boot/zephyr/include/config-asn1.h rename to zephyr/include/config-asn1.h diff --git a/boot/zephyr/include/config-ec.h b/zephyr/include/config-ec.h similarity index 100% rename from boot/zephyr/include/config-ec.h rename to zephyr/include/config-ec.h diff --git a/boot/zephyr/include/config-ed25519.h b/zephyr/include/config-ed25519.h similarity index 100% rename from boot/zephyr/include/config-ed25519.h rename to zephyr/include/config-ed25519.h diff --git a/boot/zephyr/include/config-kw.h b/zephyr/include/config-kw.h similarity index 100% rename from boot/zephyr/include/config-kw.h rename to zephyr/include/config-kw.h diff --git a/boot/zephyr/include/config-rsa-kw.h b/zephyr/include/config-rsa-kw.h similarity index 100% rename from boot/zephyr/include/config-rsa-kw.h rename to zephyr/include/config-rsa-kw.h diff --git a/boot/zephyr/include/config-rsa.h b/zephyr/include/config-rsa.h similarity index 100% rename from boot/zephyr/include/config-rsa.h rename to zephyr/include/config-rsa.h diff --git a/boot/zephyr/include/flash_map_backend/flash_map_backend.h b/zephyr/include/flash_map_backend/flash_map_backend.h similarity index 100% rename from boot/zephyr/include/flash_map_backend/flash_map_backend.h rename to zephyr/include/flash_map_backend/flash_map_backend.h diff --git a/boot/zephyr/include/hal/hal_bsp.h b/zephyr/include/hal/hal_bsp.h similarity index 100% rename from boot/zephyr/include/hal/hal_bsp.h rename to zephyr/include/hal/hal_bsp.h diff --git a/boot/zephyr/include/hal/hal_flash.h b/zephyr/include/hal/hal_flash.h similarity index 100% rename from boot/zephyr/include/hal/hal_flash.h rename to zephyr/include/hal/hal_flash.h diff --git a/boot/zephyr/include/mcuboot-mbedtls-cfg.h b/zephyr/include/mcuboot-mbedtls-cfg.h similarity index 100% rename from boot/zephyr/include/mcuboot-mbedtls-cfg.h rename to zephyr/include/mcuboot-mbedtls-cfg.h diff --git a/boot/zephyr/include/mcuboot_config/mcuboot_config.h b/zephyr/include/mcuboot_config/mcuboot_config.h similarity index 100% rename from boot/zephyr/include/mcuboot_config/mcuboot_config.h rename to zephyr/include/mcuboot_config/mcuboot_config.h diff --git a/boot/zephyr/include/mcuboot_config/mcuboot_logging.h b/zephyr/include/mcuboot_config/mcuboot_logging.h similarity index 100% rename from boot/zephyr/include/mcuboot_config/mcuboot_logging.h rename to zephyr/include/mcuboot_config/mcuboot_logging.h diff --git a/boot/zephyr/include/os/os.h b/zephyr/include/os/os.h similarity index 100% rename from boot/zephyr/include/os/os.h rename to zephyr/include/os/os.h diff --git a/boot/zephyr/include/os/os_heap.h b/zephyr/include/os/os_heap.h similarity index 100% rename from boot/zephyr/include/os/os_heap.h rename to zephyr/include/os/os_heap.h diff --git a/boot/zephyr/include/os/os_malloc.h b/zephyr/include/os/os_malloc.h similarity index 100% rename from boot/zephyr/include/os/os_malloc.h rename to zephyr/include/os/os_malloc.h diff --git a/boot/zephyr/include/platform-bench.h b/zephyr/include/platform-bench.h similarity index 100% rename from boot/zephyr/include/platform-bench.h rename to zephyr/include/platform-bench.h diff --git a/boot/zephyr/include/serial_adapter/serial_adapter.h b/zephyr/include/serial_adapter/serial_adapter.h similarity index 100% rename from boot/zephyr/include/serial_adapter/serial_adapter.h rename to zephyr/include/serial_adapter/serial_adapter.h diff --git a/boot/zephyr/include/single_loader.h b/zephyr/include/single_loader.h similarity index 100% rename from boot/zephyr/include/single_loader.h rename to zephyr/include/single_loader.h diff --git a/boot/zephyr/include/sysflash/sysflash.h b/zephyr/include/sysflash/sysflash.h similarity index 100% rename from boot/zephyr/include/sysflash/sysflash.h rename to zephyr/include/sysflash/sysflash.h diff --git a/boot/zephyr/include/target.h b/zephyr/include/target.h similarity index 100% rename from boot/zephyr/include/target.h rename to zephyr/include/target.h From 3ad1049dc34ea54ffe1a03cb6d35dd0a6bc25f05 Mon Sep 17 00:00:00 2001 From: Gregory SHUE Date: Fri, 8 Jul 2022 10:51:31 -0700 Subject: [PATCH 5/6] boot: zephyr: boot/zephyr/CMakeLists.txt under zephyr/subsys/ Refactor `boot/zephyr/CMakeLists.txt` and `boot/bootutil/zephyr/CMakeLists.txt` into more standard subsystems beneath `$mcuboot/zephyr/`. This required changing which CMake file was pointed to by `module.yml`. Verified by: 1. building `$mcuboot/boot/zephyr` for mimxrt1064_evk and verifying the map file reported the same output and the same functions exist. (Since they are linked in a different order the sizes may be different by a few padding bytes. 2. Further verified that the following testcases still pass with mcuboot options on twister: mcuboot/boot/zephyr zephyr/tests/subsys/dfu zephyr/samples/subsys/mgmt/mcumgr/smp_svr Signed-off-by: Gregory SHUE --- boot/zephyr/CMakeLists.txt | 272 +----------------- zephyr/CMakeLists.txt | 36 +++ zephyr/module.yml | 2 +- zephyr/subsys/CMakeLists.txt | 9 + zephyr/subsys/mcuboot_svc/CMakeLists.txt | 234 +++++++++++++++ .../subsys/mcuboot_util}/CMakeLists.txt | 6 +- 6 files changed, 285 insertions(+), 274 deletions(-) create mode 100644 zephyr/CMakeLists.txt create mode 100644 zephyr/subsys/CMakeLists.txt create mode 100644 zephyr/subsys/mcuboot_svc/CMakeLists.txt rename {boot/bootutil/zephyr => zephyr/subsys/mcuboot_util}/CMakeLists.txt (93%) diff --git a/boot/zephyr/CMakeLists.txt b/boot/zephyr/CMakeLists.txt index 3b69af563e..23761c0466 100644 --- a/boot/zephyr/CMakeLists.txt +++ b/boot/zephyr/CMakeLists.txt @@ -45,230 +45,10 @@ endmacro() find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) project(NONE) -# Path to "boot" subdirectory of repository root. -get_filename_component(BOOT_DIR ${APPLICATION_SOURCE_DIR} DIRECTORY) -# Path to top-level repository root directory. -get_filename_component(MCUBOOT_DIR ${BOOT_DIR} DIRECTORY) -# Path to tinycrypt library source subdirectory of MCUBOOT_DIR. -set(TINYCRYPT_DIR "${MCUBOOT_DIR}/ext/tinycrypt/lib") -assert_exists(TINYCRYPT_DIR) -set(TINYCRYPT_SHA512_DIR "${MCUBOOT_DIR}/ext/tinycrypt-sha512/lib") -assert_exists(TINYCRYPT_SHA512_DIR) -# Path to crypto-fiat -set(FIAT_DIR "${MCUBOOT_DIR}/ext/fiat") -assert_exists(FIAT_DIR) -# Path to mbed-tls' asn1 parser library. -set(MBEDTLS_ASN1_DIR "${MCUBOOT_DIR}/ext/mbedtls-asn1") -assert_exists(MBEDTLS_ASN1_DIR) -set(NRF_DIR "${MCUBOOT_DIR}/ext/nrf") - -if(CONFIG_BOOT_USE_NRF_CC310_BL) -set(NRFXLIB_DIR ${ZEPHYR_BASE}/../nrfxlib) -if(NOT EXISTS ${NRFXLIB_DIR}) - message(FATAL_ERROR " - ------------------------------------------------------------------------ - No such file or directory: ${NRFXLIB_DIR} - The current configuration enables nRF CC310 crypto accelerator hardware - with the `CONFIG_BOOT_USE_NRF_CC310_BL` option. Please follow - `ext/nrf/README.md` guide to fix your setup or use tinycrypt instead of - the HW accelerator. - To use the tinycrypt set `CONFIG_BOOT_ECDSA_TINYCRYPT` to y. - ------------------------------------------------------------------------") -endif() -# Don't include this if we are using west - add_subdirectory(${NRFXLIB_DIR} ${PROJECT_BINARY_DIR}/nrfxlib) -endif() - -zephyr_library_include_directories( - ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include - targets - ) -if(EXISTS targets/${BOARD}.h) - zephyr_library_compile_definitions(MCUBOOT_TARGET_CONFIG="${BOARD}.h") -endif() - -# Zephyr port-specific sources. -zephyr_library_sources( - main.c - flash_map_extended.c - os.c +target_sources(app PRIVATE keys.c ) -if(DEFINED CONFIG_ENABLE_MGMT_PERUSER) - zephyr_library_sources( - boot_serial_extensions.c - ) -endif() - -if(NOT DEFINED CONFIG_FLASH_PAGE_LAYOUT) - zephyr_library_sources( - flash_map_legacy.c - ) -endif() - -# Generic bootutil sources and includes. -zephyr_library_include_directories(${BOOT_DIR}/bootutil/include) -zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/image_validate.c - ${BOOT_DIR}/bootutil/src/tlv.c - ${BOOT_DIR}/bootutil/src/encrypted.c - ${BOOT_DIR}/bootutil/src/image_rsa.c - ${BOOT_DIR}/bootutil/src/image_ec256.c - ${BOOT_DIR}/bootutil/src/image_ed25519.c - ${BOOT_DIR}/bootutil/src/bootutil_misc.c - ${BOOT_DIR}/bootutil/src/fault_injection_hardening.c - ) - -# library which might be common source code for MCUBoot and an application -zephyr_link_libraries(MCUBOOT_BOOTUTIL) - -if(CONFIG_BOOT_FIH_PROFILE_HIGH) -zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c - ) -endif() - -if(CONFIG_SINGLE_APPLICATION_SLOT) -zephyr_library_sources( - ${BOOT_DIR}/zephyr/single_loader.c - ) -zephyr_library_include_directories(${BOOT_DIR}/bootutil/src) -else() -zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/loader.c - ${BOOT_DIR}/bootutil/src/swap_misc.c - ${BOOT_DIR}/bootutil/src/swap_scratch.c - ${BOOT_DIR}/bootutil/src/swap_move.c - ${BOOT_DIR}/bootutil/src/caps.c - ) -endif() - -if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256) - zephyr_library_include_directories( - ${MBEDTLS_ASN1_DIR}/include - ) - zephyr_library_sources( - # Additionally pull in just the ASN.1 parser from mbedTLS. - ${MBEDTLS_ASN1_DIR}/src/asn1parse.c - ${MBEDTLS_ASN1_DIR}/src/platform_util.c - ) - if(CONFIG_BOOT_USE_TINYCRYPT) - # When using ECDSA signatures, pull in our copy of the tinycrypt library. - zephyr_library_include_directories( - ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include - ) - zephyr_include_directories(${TINYCRYPT_DIR}/include) - - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/ecc.c - ${TINYCRYPT_DIR}/source/ecc_dsa.c - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c - ) - elseif(CONFIG_BOOT_USE_NRF_CC310_BL) - zephyr_library_sources(${NRF_DIR}/cc310_glue.c) - zephyr_library_include_directories(${NRF_DIR}) - zephyr_link_libraries(nrfxlib_crypto) - endif() - - # Since here we are not using Zephyr's mbedTLS but rather our own, we need - # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this - # variable is set by its Kconfig in the Zephyr codebase. - zephyr_library_compile_definitions( - MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h" - ) -elseif(CONFIG_BOOT_SIGNATURE_TYPE_NONE) - zephyr_library_include_directories( - ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include - ) - - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c - ) -elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA) - # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file - # is set using Kconfig.) - zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) - if(CONFIG_BOOT_ENCRYPT_RSA) - set_source_files_properties( - ${BOOT_DIR}/bootutil/src/encrypted.c - PROPERTIES - INCLUDE_DIRECTORIES ${ZEPHYR_MBEDTLS_MODULE_DIR}/library - ) - endif() -elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519) - if(CONFIG_BOOT_USE_TINYCRYPT) - zephyr_library_include_directories( - ${MBEDTLS_ASN1_DIR}/include - ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include - ${TINYCRYPT_SHA512_DIR}/include - ) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c - ${TINYCRYPT_SHA512_DIR}/source/sha512.c - # Additionally pull in just the ASN.1 parser from mbedTLS. - ${MBEDTLS_ASN1_DIR}/src/asn1parse.c - ${MBEDTLS_ASN1_DIR}/src/platform_util.c - ) - zephyr_library_compile_definitions( - MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h" - ) - else() - zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) - endif() - - zephyr_library_include_directories( - ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include - ${FIAT_DIR}/include/ - ) - - zephyr_library_sources( - ${FIAT_DIR}/src/curve25519.c - ) -endif() - -if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/aes_encrypt.c - ${TINYCRYPT_DIR}/source/aes_decrypt.c - ${TINYCRYPT_DIR}/source/ctr_mode.c - ${TINYCRYPT_DIR}/source/hmac.c - ${TINYCRYPT_DIR}/source/ecc_dh.c - ) -endif() - -if(CONFIG_BOOT_ENCRYPT_EC256) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/ecc_dh.c - ) -endif() - -if(CONFIG_MCUBOOT_SERIAL) - zephyr_sources(${BOOT_DIR}/zephyr/serial_adapter.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/boot_serial.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/serial_recovery_cbor.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_decode.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_encode.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_common.c) - - zephyr_sources_ifdef(CONFIG_BOOT_MGMT_ECHO ${BOOT_DIR}/boot_serial/src/serial_recovery_echo.c) - - zephyr_include_directories(${BOOT_DIR}/bootutil/include) - zephyr_include_directories(${BOOT_DIR}/boot_serial/include) - zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) - - zephyr_include_directories_ifdef( - CONFIG_BOOT_ERASE_PROGRESSIVELY - ${BOOT_DIR}/bootutil/src - ) -endif() - if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "") # CONF_FILE points to the KConfig configuration files of the bootloader. foreach (filepath ${CONF_FILE}) @@ -289,7 +69,7 @@ if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "") (EXISTS ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})) set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) else() - set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + set(KEY_FILE ${ZEPHYR_MCUBOOT_MODULE_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) endif() message("MCUBoot bootloader key file: ${KEY_FILE}") @@ -298,7 +78,7 @@ if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "") OUTPUT ${GENERATED_PUBKEY} COMMAND ${PYTHON_EXECUTABLE} - ${MCUBOOT_DIR}/scripts/imgtool.py + ${ZEPHYR_MCUBOOT_MODULE_DIR}/scripts/imgtool.py getpub -k ${KEY_FILE} @@ -307,49 +87,3 @@ if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "") ) zephyr_library_sources(${GENERATED_PUBKEY}) endif() - -if(CONFIG_BOOT_ENCRYPTION_KEY_FILE AND NOT CONFIG_BOOT_ENCRYPTION_KEY_FILE STREQUAL "") - # CONF_FILE points to the KConfig configuration files of the bootloader. - unset(CONF_DIR) - foreach(filepath ${CONF_FILE}) - file(READ ${filepath} temp_text) - string(FIND "${temp_text}" ${CONFIG_BOOT_ENCRYPTION_KEY_FILE} match) - if(${match} GREATER_EQUAL 0) - if(NOT DEFINED CONF_DIR) - get_filename_component(CONF_DIR ${filepath} DIRECTORY) - else() - message(FATAL_ERROR "Encryption key file defined in multiple conf files") - endif() - endif() - endforeach() - - if(IS_ABSOLUTE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) - set(KEY_FILE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) - elseif((DEFINED CONF_DIR) AND - (EXISTS ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE})) - set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) - else() - set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) - endif() - message("MCUBoot bootloader encryption key file: ${KEY_FILE}") - - set(GENERATED_ENCKEY ${ZEPHYR_BINARY_DIR}/autogen-enckey.c) - add_custom_command( - OUTPUT ${GENERATED_ENCKEY} - COMMAND - ${PYTHON_EXECUTABLE} - ${MCUBOOT_DIR}/scripts/imgtool.py - getpriv - -k - ${KEY_FILE} - > ${GENERATED_ENCKEY} - DEPENDS ${KEY_FILE} - ) - zephyr_library_sources(${GENERATED_ENCKEY}) -endif() - -if(CONFIG_MCUBOOT_CLEANUP_ARM_CORE) -zephyr_library_sources( - ${BOOT_DIR}/zephyr/arm_cleanup.c -) -endif() diff --git a/zephyr/CMakeLists.txt b/zephyr/CMakeLists.txt new file mode 100644 index 0000000000..c36d4857ee --- /dev/null +++ b/zephyr/CMakeLists.txt @@ -0,0 +1,36 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + + +cmake_minimum_required(VERSION 3.10 FATAL_ERROR) + + +# Detect the platform reliably +if(ZEPHYR_BASE) +else() + message(FATAL_ERROR "ZEPHYR_BASE needs to be defined for Zephyr builds") +endif() + +# Verify the module name is set correctly +set(expected_module_name "mcuboot") +if(NOT "${module_name}" STREQUAL ${expected_module_name}) + message(FATAL_ERROR "A module configuration error has occurred. +This module is named '${module_name}' when '${expected_module_name}' \ +is expected. +Verify `module.yml` contains the line 'name: ${expected_module_name}'.") +endif() +unset(expected_module_name) + +#Do not allow in source builds +set(CMAKE_DISABLE_SOURCE_CHANGES ON) +set(CMAKE_DISABLE_IN_SOURCE_BUILD ON) + + +# +# Module options managed through Kconfig and use names CONFIG_* +# + +zephyr_include_directories(include) + +add_subdirectory(subsys) diff --git a/zephyr/module.yml b/zephyr/module.yml index dacb375f49..68ba030f68 100644 --- a/zephyr/module.yml +++ b/zephyr/module.yml @@ -7,4 +7,4 @@ samples: - boot/zephyr build: kconfig: zephyr/Kconfig - cmake: ./boot/bootutil/zephyr + cmake: zephyr diff --git a/zephyr/subsys/CMakeLists.txt b/zephyr/subsys/CMakeLists.txt new file mode 100644 index 0000000000..6bb351fb08 --- /dev/null +++ b/zephyr/subsys/CMakeLists.txt @@ -0,0 +1,9 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + + +cmake_minimum_required(VERSION 3.10 FATAL_ERROR) + +add_subdirectory_ifdef(CONFIG_MCUBOOT_BOOTUTIL_LIB mcuboot_util) +add_subdirectory_ifdef(CONFIG_MCUBOOT mcuboot_svc) diff --git a/zephyr/subsys/mcuboot_svc/CMakeLists.txt b/zephyr/subsys/mcuboot_svc/CMakeLists.txt new file mode 100644 index 0000000000..06411be749 --- /dev/null +++ b/zephyr/subsys/mcuboot_svc/CMakeLists.txt @@ -0,0 +1,234 @@ +# CMakeLists.txt for building mcuboot as a Zephyr project +# +# Copyright (c) 2017 Open Source Foundries Limited +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + +cmake_minimum_required(VERSION 3.13.1) + +# Path to "boot" subdirectory of repository root. +set(BOOT_DIR ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot) +# Path to top-level repository root directory. +set(MCUBOOT_DIR ${ZEPHYR_MCUBOOT_MODULE_DIR}) +# Path to tinycrypt library source subdirectory of MCUBOOT_DIR. +set(TINYCRYPT_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/tinycrypt/lib") +assert_exists(TINYCRYPT_DIR) +set(TINYCRYPT_SHA512_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/tinycrypt-sha512/lib") +assert_exists(TINYCRYPT_SHA512_DIR) +# Path to crypto-fiat +set(FIAT_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/fiat") +assert_exists(FIAT_DIR) +# Path to mbed-tls' asn1 parser library. +set(MBEDTLS_ASN1_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/mbedtls-asn1") +assert_exists(MBEDTLS_ASN1_DIR) +set(NRF_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/nrf") + +if(CONFIG_BOOT_USE_NRF_CC310_BL) +set(NRFXLIB_DIR ${ZEPHYR_NRFXLIB_MODULE_DIR}) +if(NOT EXISTS ${NRFXLIB_DIR}) + message(FATAL_ERROR " + ------------------------------------------------------------------------ + No such file or directory: ${NRFXLIB_DIR} + The current configuration enables nRF CC310 crypto accelerator hardware + with the `CONFIG_BOOT_USE_NRF_CC310_BL` option. Please follow + `ext/nrf/README.md` guide to fix your setup or use tinycrypt instead of + the HW accelerator. + To use the tinycrypt set `CONFIG_BOOT_ECDSA_TINYCRYPT` to y. + ------------------------------------------------------------------------") +endif() +# Don't include this if we are using west + add_subdirectory(${NRFXLIB_DIR} ${PROJECT_BINARY_DIR}/nrfxlib) +endif() + +zephyr_library_include_directories( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/targets + ) +if(EXISTS targets/${BOARD}.h) + zephyr_library_compile_definitions(MCUBOOT_TARGET_CONFIG="${BOARD}.h") +endif() + +# Zephyr port-specific sources. +zephyr_library_sources( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/main.c + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/flash_map_extended.c + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/os.c + ) + +if(DEFINED CONFIG_ENABLE_MGMT_PERUSER) + zephyr_library_sources( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/boot_serial_extensions.c + ) +endif() + +if(NOT DEFINED CONFIG_FLASH_PAGE_LAYOUT) + zephyr_library_sources( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/flash_map_legacy.c + ) +endif() + +# Generic bootutil sources and includes. +zephyr_library_include_directories(${BOOT_DIR}/bootutil/include) +zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/image_validate.c + ${BOOT_DIR}/bootutil/src/tlv.c + ${BOOT_DIR}/bootutil/src/encrypted.c + ${BOOT_DIR}/bootutil/src/image_rsa.c + ${BOOT_DIR}/bootutil/src/image_ec256.c + ${BOOT_DIR}/bootutil/src/image_ed25519.c + ${BOOT_DIR}/bootutil/src/bootutil_misc.c + ${BOOT_DIR}/bootutil/src/fault_injection_hardening.c + ) + +if(CONFIG_BOOT_FIH_PROFILE_HIGH) +zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c + ) +endif() + +if(CONFIG_SINGLE_APPLICATION_SLOT) +zephyr_library_sources( + ${BOOT_DIR}/zephyr/single_loader.c + ) +zephyr_library_include_directories(${BOOT_DIR}/bootutil/src) +else() +zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/loader.c + ${BOOT_DIR}/bootutil/src/swap_misc.c + ${BOOT_DIR}/bootutil/src/swap_scratch.c + ${BOOT_DIR}/bootutil/src/swap_move.c + ${BOOT_DIR}/bootutil/src/caps.c + ) +endif() + +if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256) + zephyr_library_include_directories( + ${MBEDTLS_ASN1_DIR}/include + ) + zephyr_library_sources( + # Additionally pull in just the ASN.1 parser from mbedTLS. + ${MBEDTLS_ASN1_DIR}/src/asn1parse.c + ${MBEDTLS_ASN1_DIR}/src/platform_util.c + ) + if(CONFIG_BOOT_USE_TINYCRYPT) + # When using ECDSA signatures, pull in our copy of the tinycrypt library. + zephyr_library_include_directories( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include + ) + zephyr_include_directories(${TINYCRYPT_DIR}/include) + + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/ecc.c + ${TINYCRYPT_DIR}/source/ecc_dsa.c + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c + ) + elseif(CONFIG_BOOT_USE_NRF_CC310_BL) + zephyr_library_sources(${NRF_DIR}/cc310_glue.c) + zephyr_library_include_directories(${NRF_DIR}) + zephyr_link_libraries(nrfxlib_crypto) + endif() + + # Since here we are not using Zephyr's mbedTLS but rather our own, we need + # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this + # variable is set by its Kconfig in the Zephyr codebase. + zephyr_library_compile_definitions( + MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h" + ) +elseif(CONFIG_BOOT_SIGNATURE_TYPE_NONE) + zephyr_library_include_directories( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include + ) + + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c + ) +elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA) + # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file + # is set using Kconfig.) + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) + if(CONFIG_BOOT_ENCRYPT_RSA) + set_source_files_properties( + ${BOOT_DIR}/bootutil/src/encrypted.c + PROPERTIES + INCLUDE_DIRECTORIES ${ZEPHYR_MBEDTLS_MODULE_DIR}/library + ) + endif() +elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519) + if(CONFIG_BOOT_USE_TINYCRYPT) + zephyr_library_include_directories( + ${MBEDTLS_ASN1_DIR}/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include + ${TINYCRYPT_SHA512_DIR}/include + ) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c + ${TINYCRYPT_SHA512_DIR}/source/sha512.c + # Additionally pull in just the ASN.1 parser from mbedTLS. + ${MBEDTLS_ASN1_DIR}/src/asn1parse.c + ${MBEDTLS_ASN1_DIR}/src/platform_util.c + ) + zephyr_library_compile_definitions( + MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h" + ) + else() + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) + endif() + + zephyr_library_include_directories( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${FIAT_DIR}/include/ + ) + + zephyr_library_sources( + ${FIAT_DIR}/src/curve25519.c + ) +endif() + +if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/aes_encrypt.c + ${TINYCRYPT_DIR}/source/aes_decrypt.c + ${TINYCRYPT_DIR}/source/ctr_mode.c + ${TINYCRYPT_DIR}/source/hmac.c + ${TINYCRYPT_DIR}/source/ecc_dh.c + ) +endif() + +if(CONFIG_BOOT_ENCRYPT_EC256) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/ecc_dh.c + ) +endif() + +if(CONFIG_MCUBOOT_SERIAL) + zephyr_sources(${BOOT_DIR}/zephyr/serial_adapter.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/boot_serial.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/serial_recovery_cbor.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_decode.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_encode.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_common.c) + + zephyr_sources_ifdef(CONFIG_BOOT_MGMT_ECHO ${BOOT_DIR}/boot_serial/src/serial_recovery_echo.c) + + zephyr_include_directories(${BOOT_DIR}/bootutil/include) + zephyr_include_directories(${BOOT_DIR}/boot_serial/include) + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) + + zephyr_include_directories_ifdef( + CONFIG_BOOT_ERASE_PROGRESSIVELY + ${BOOT_DIR}/bootutil/src + ) +endif() + +if(CONFIG_MCUBOOT_CLEANUP_ARM_CORE) +zephyr_library_sources( + ${BOOT_DIR}/zephyr/arm_cleanup.c +) +endif() diff --git a/boot/bootutil/zephyr/CMakeLists.txt b/zephyr/subsys/mcuboot_util/CMakeLists.txt similarity index 93% rename from boot/bootutil/zephyr/CMakeLists.txt rename to zephyr/subsys/mcuboot_util/CMakeLists.txt index bc8efb931d..17bb2da766 100644 --- a/boot/bootutil/zephyr/CMakeLists.txt +++ b/zephyr/subsys/mcuboot_util/CMakeLists.txt @@ -3,7 +3,6 @@ # # SPDX-License-Identifier: Apache-2.0 -if(CONFIG_MCUBOOT_BOOTUTIL_LIB) zephyr_interface_library_named(MCUBOOT_BOOTUTIL) @@ -15,8 +14,8 @@ zephyr_include_directories(MCUBOOT_BOOTUTIL INTERFACE zephyr_library_named(mcuboot_util) zephyr_library_sources( - ../src/bootutil_public.c - ) + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/bootutil/src/bootutil_public.c + ) # Sensitivity to the TEST_BOOT_IMAGE_ACCESS_HOOKS define is implemented for # allowing the test-build with the hooks feature enabled. @@ -38,4 +37,3 @@ endif() if(CONFIG_BOOT_USE_MBEDTLS) zephyr_link_libraries(mbedTLS) endif() -endif() From ac37fb2c243095736ed2bf0df5aba525f3447bd6 Mon Sep 17 00:00:00 2001 From: Gregory SHUE Date: Fri, 8 Jul 2022 14:19:43 -0700 Subject: [PATCH 6/6] boot: zephyr: Move zephyr sources to `zephyr/subsys/mcuboot_svc` Relocate `$mcuboot/boot/zephyr/*.c` files to `$mcuboot/zephyr/subsys/mcuboot_svc/` to become a reusable subsystem. NOTE: keys.c was not put into `mcuboot_svc` as this will need to be project-specific and may need to be kept in a different module. Verified by: 1. Building `$mcuboot/boot/zephyr` and verifying the zephyr.map files showed the same functions and that the flash an ram usage was the same. 2. Further verified that the following testcases still pass with mcuboot options on twister: mcuboot/boot/zephyr zephyr/tests/subsys/dfu zephyr/samples/subsys/mgmt/mcumgr/smp_svr Resolve #1410 Signed-off-by: Gregory SHUE --- zephyr/subsys/mcuboot_svc/CMakeLists.txt | 18 +++++++++--------- .../subsys/mcuboot_svc}/arm_cleanup.c | 0 .../mcuboot_svc}/boot_serial_extensions.c | 0 .../subsys/mcuboot_svc}/flash_map_extended.c | 0 .../subsys/mcuboot_svc}/flash_map_legacy.c | 0 .../subsys/mcuboot_svc}/main.c | 0 .../zephyr => zephyr/subsys/mcuboot_svc}/os.c | 0 .../subsys/mcuboot_svc}/serial_adapter.c | 0 .../subsys/mcuboot_svc}/single_loader.c | 0 .../subsys/mcuboot_svc}/targets/arduino_101.h | 0 10 files changed, 9 insertions(+), 9 deletions(-) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/arm_cleanup.c (100%) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/boot_serial_extensions.c (100%) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/flash_map_extended.c (100%) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/flash_map_legacy.c (100%) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/main.c (100%) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/os.c (100%) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/serial_adapter.c (100%) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/single_loader.c (100%) rename {boot/zephyr => zephyr/subsys/mcuboot_svc}/targets/arduino_101.h (100%) diff --git a/zephyr/subsys/mcuboot_svc/CMakeLists.txt b/zephyr/subsys/mcuboot_svc/CMakeLists.txt index 06411be749..e83798acf9 100644 --- a/zephyr/subsys/mcuboot_svc/CMakeLists.txt +++ b/zephyr/subsys/mcuboot_svc/CMakeLists.txt @@ -43,7 +43,7 @@ endif() zephyr_library_include_directories( ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include - ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/targets + targets ) if(EXISTS targets/${BOARD}.h) zephyr_library_compile_definitions(MCUBOOT_TARGET_CONFIG="${BOARD}.h") @@ -51,20 +51,20 @@ endif() # Zephyr port-specific sources. zephyr_library_sources( - ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/main.c - ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/flash_map_extended.c - ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/os.c + main.c + flash_map_extended.c + os.c ) if(DEFINED CONFIG_ENABLE_MGMT_PERUSER) zephyr_library_sources( - ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/boot_serial_extensions.c + boot_serial_extensions.c ) endif() if(NOT DEFINED CONFIG_FLASH_PAGE_LAYOUT) zephyr_library_sources( - ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/flash_map_legacy.c + flash_map_legacy.c ) endif() @@ -89,7 +89,7 @@ endif() if(CONFIG_SINGLE_APPLICATION_SLOT) zephyr_library_sources( - ${BOOT_DIR}/zephyr/single_loader.c + single_loader.c ) zephyr_library_include_directories(${BOOT_DIR}/bootutil/src) else() @@ -208,7 +208,7 @@ if(CONFIG_BOOT_ENCRYPT_EC256) endif() if(CONFIG_MCUBOOT_SERIAL) - zephyr_sources(${BOOT_DIR}/zephyr/serial_adapter.c) + zephyr_sources(serial_adapter.c) zephyr_sources(${BOOT_DIR}/boot_serial/src/boot_serial.c) zephyr_sources(${BOOT_DIR}/boot_serial/src/serial_recovery_cbor.c) zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_decode.c) @@ -229,6 +229,6 @@ endif() if(CONFIG_MCUBOOT_CLEANUP_ARM_CORE) zephyr_library_sources( - ${BOOT_DIR}/zephyr/arm_cleanup.c + arm_cleanup.c ) endif() diff --git a/boot/zephyr/arm_cleanup.c b/zephyr/subsys/mcuboot_svc/arm_cleanup.c similarity index 100% rename from boot/zephyr/arm_cleanup.c rename to zephyr/subsys/mcuboot_svc/arm_cleanup.c diff --git a/boot/zephyr/boot_serial_extensions.c b/zephyr/subsys/mcuboot_svc/boot_serial_extensions.c similarity index 100% rename from boot/zephyr/boot_serial_extensions.c rename to zephyr/subsys/mcuboot_svc/boot_serial_extensions.c diff --git a/boot/zephyr/flash_map_extended.c b/zephyr/subsys/mcuboot_svc/flash_map_extended.c similarity index 100% rename from boot/zephyr/flash_map_extended.c rename to zephyr/subsys/mcuboot_svc/flash_map_extended.c diff --git a/boot/zephyr/flash_map_legacy.c b/zephyr/subsys/mcuboot_svc/flash_map_legacy.c similarity index 100% rename from boot/zephyr/flash_map_legacy.c rename to zephyr/subsys/mcuboot_svc/flash_map_legacy.c diff --git a/boot/zephyr/main.c b/zephyr/subsys/mcuboot_svc/main.c similarity index 100% rename from boot/zephyr/main.c rename to zephyr/subsys/mcuboot_svc/main.c diff --git a/boot/zephyr/os.c b/zephyr/subsys/mcuboot_svc/os.c similarity index 100% rename from boot/zephyr/os.c rename to zephyr/subsys/mcuboot_svc/os.c diff --git a/boot/zephyr/serial_adapter.c b/zephyr/subsys/mcuboot_svc/serial_adapter.c similarity index 100% rename from boot/zephyr/serial_adapter.c rename to zephyr/subsys/mcuboot_svc/serial_adapter.c diff --git a/boot/zephyr/single_loader.c b/zephyr/subsys/mcuboot_svc/single_loader.c similarity index 100% rename from boot/zephyr/single_loader.c rename to zephyr/subsys/mcuboot_svc/single_loader.c diff --git a/boot/zephyr/targets/arduino_101.h b/zephyr/subsys/mcuboot_svc/targets/arduino_101.h similarity index 100% rename from boot/zephyr/targets/arduino_101.h rename to zephyr/subsys/mcuboot_svc/targets/arduino_101.h