diff --git a/boot/zephyr/CMakeLists.txt b/boot/zephyr/CMakeLists.txt index 925d869074..76ba148be1 100644 --- a/boot/zephyr/CMakeLists.txt +++ b/boot/zephyr/CMakeLists.txt @@ -1,341 +1,23 @@ # CMakeLists.txt for building mcuboot as a Zephyr project # # Copyright (c) 2017 Open Source Foundries Limited +# Copyright (c) 2022 Legrand North America, LLC. # # SPDX-License-Identifier: Apache-2.0 cmake_minimum_required(VERSION 3.13.1) -# Enable Zephyr runner options which request mass erase if so -# configured. -# -# Note that this also disables the default "leave" option when -# targeting STM32 DfuSe devices with dfu-util, making the chip stay in -# the bootloader after flashing. -# -# That's the right thing, because mcuboot has nothing to do since the -# chip was just erased. The next thing the user is going to want to do -# is flash the application. (Developers can reset DfuSE devices -# manually to test mcuboot behavior on an otherwise erased flash -# device.) -macro(app_set_runner_args) - if(CONFIG_ZEPHYR_TRY_MASS_ERASE) - board_runner_args(dfu-util "--dfuse-modifiers=force:mass-erase") - board_runner_args(pyocd "--flash-opt=-e=chip") - board_runner_args(nrfjprog "--erase") - endif() -endmacro() +# NOTE: ${ZEPHYR_MCUBOOT_MODULE_DIR} requires delayed evaluation, +# as it has not yet been defined. Relative paths must be used at this point. +include(${CMAKE_CURRENT_LIST_DIR}/../../zephyr/cmake/mcuboot_zephyr_runner_mass_erase.cmake) # find_package(Zephyr) in order to load application boilerplate: # http://docs.zephyrproject.org/application/application.html find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) project(NONE) -# Path to "boot" subdirectory of repository root. -get_filename_component(BOOT_DIR ${APPLICATION_SOURCE_DIR} DIRECTORY) -# Path to top-level repository root directory. -get_filename_component(MCUBOOT_DIR ${BOOT_DIR} DIRECTORY) -# Path to tinycrypt library source subdirectory of MCUBOOT_DIR. -set(TINYCRYPT_DIR "${MCUBOOT_DIR}/ext/tinycrypt/lib") -assert_exists(TINYCRYPT_DIR) -set(TINYCRYPT_SHA512_DIR "${MCUBOOT_DIR}/ext/tinycrypt-sha512/lib") -assert_exists(TINYCRYPT_SHA512_DIR) -# Path to crypto-fiat -set(FIAT_DIR "${MCUBOOT_DIR}/ext/fiat") -assert_exists(FIAT_DIR) -# Path to mbed-tls' asn1 parser library. -set(MBEDTLS_ASN1_DIR "${MCUBOOT_DIR}/ext/mbedtls-asn1") -assert_exists(MBEDTLS_ASN1_DIR) -set(NRF_DIR "${MCUBOOT_DIR}/ext/nrf") - -if(CONFIG_BOOT_USE_NRF_CC310_BL) -set(NRFXLIB_DIR ${ZEPHYR_BASE}/../nrfxlib) -if(NOT EXISTS ${NRFXLIB_DIR}) - message(FATAL_ERROR " - ------------------------------------------------------------------------ - No such file or directory: ${NRFXLIB_DIR} - The current configuration enables nRF CC310 crypto accelerator hardware - with the `CONFIG_BOOT_USE_NRF_CC310_BL` option. Please follow - `ext/nrf/README.md` guide to fix your setup or use tinycrypt instead of - the HW accelerator. - To use the tinycrypt set `CONFIG_BOOT_ECDSA_TINYCRYPT` to y. - ------------------------------------------------------------------------") -endif() -# Don't include this if we are using west - add_subdirectory(${NRFXLIB_DIR} ${PROJECT_BINARY_DIR}/nrfxlib) -endif() - -zephyr_library_include_directories( - include - targets - ) -if(EXISTS targets/${BOARD}.h) - zephyr_library_compile_definitions(MCUBOOT_TARGET_CONFIG="${BOARD}.h") -endif() - -# Zephyr port-specific sources. -zephyr_library_sources( - main.c - flash_map_extended.c - os.c +target_sources(app PRIVATE keys.c ) -if(DEFINED CONFIG_ENABLE_MGMT_PERUSER) - zephyr_library_sources( - boot_serial_extensions.c - ) -endif() - -if(NOT DEFINED CONFIG_FLASH_PAGE_LAYOUT) - zephyr_library_sources( - flash_map_legacy.c - ) -endif() - -# Generic bootutil sources and includes. -zephyr_library_include_directories(${BOOT_DIR}/bootutil/include) -zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/image_validate.c - ${BOOT_DIR}/bootutil/src/tlv.c - ${BOOT_DIR}/bootutil/src/encrypted.c - ${BOOT_DIR}/bootutil/src/image_rsa.c - ${BOOT_DIR}/bootutil/src/image_ec256.c - ${BOOT_DIR}/bootutil/src/image_ed25519.c - ${BOOT_DIR}/bootutil/src/bootutil_misc.c - ${BOOT_DIR}/bootutil/src/fault_injection_hardening.c - ) - -# library which might be common source code for MCUBoot and an application -zephyr_link_libraries(MCUBOOT_BOOTUTIL) - -if(CONFIG_BOOT_FIH_PROFILE_HIGH) -zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c - ) -endif() - -if(CONFIG_SINGLE_APPLICATION_SLOT) -zephyr_library_sources( - ${BOOT_DIR}/zephyr/single_loader.c - ) -zephyr_library_include_directories(${BOOT_DIR}/bootutil/src) -else() -zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/loader.c - ${BOOT_DIR}/bootutil/src/swap_misc.c - ${BOOT_DIR}/bootutil/src/swap_scratch.c - ${BOOT_DIR}/bootutil/src/swap_move.c - ${BOOT_DIR}/bootutil/src/caps.c - ) -endif() - -if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256) - zephyr_library_include_directories( - ${MBEDTLS_ASN1_DIR}/include - ) - zephyr_library_sources( - # Additionally pull in just the ASN.1 parser from mbedTLS. - ${MBEDTLS_ASN1_DIR}/src/asn1parse.c - ${MBEDTLS_ASN1_DIR}/src/platform_util.c - ) - if(CONFIG_BOOT_USE_TINYCRYPT) - # When using ECDSA signatures, pull in our copy of the tinycrypt library. - zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include - ) - zephyr_include_directories(${TINYCRYPT_DIR}/include) - - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/ecc.c - ${TINYCRYPT_DIR}/source/ecc_dsa.c - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c - ) - elseif(CONFIG_BOOT_USE_NRF_CC310_BL) - zephyr_library_sources(${NRF_DIR}/cc310_glue.c) - zephyr_library_include_directories(${NRF_DIR}) - zephyr_link_libraries(nrfxlib_crypto) - endif() - - # Since here we are not using Zephyr's mbedTLS but rather our own, we need - # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this - # variable is set by its Kconfig in the Zephyr codebase. - zephyr_library_compile_definitions( - MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h" - ) -elseif(CONFIG_BOOT_SIGNATURE_TYPE_NONE) - zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include - ) - - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c - ) -elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA) - # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file - # is set using Kconfig.) - zephyr_include_directories(include) - if(CONFIG_BOOT_ENCRYPT_RSA) - set_source_files_properties( - ${BOOT_DIR}/bootutil/src/encrypted.c - PROPERTIES - INCLUDE_DIRECTORIES ${ZEPHYR_MBEDTLS_MODULE_DIR}/library - ) - endif() -elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519) - if(CONFIG_BOOT_USE_TINYCRYPT) - zephyr_library_include_directories( - ${MBEDTLS_ASN1_DIR}/include - ${BOOT_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include - ${TINYCRYPT_SHA512_DIR}/include - ) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c - ${TINYCRYPT_SHA512_DIR}/source/sha512.c - # Additionally pull in just the ASN.1 parser from mbedTLS. - ${MBEDTLS_ASN1_DIR}/src/asn1parse.c - ${MBEDTLS_ASN1_DIR}/src/platform_util.c - ) - zephyr_library_compile_definitions( - MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h" - ) - else() - zephyr_include_directories(include) - endif() - - zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include - ${FIAT_DIR}/include/ - ) - - zephyr_library_sources( - ${FIAT_DIR}/src/curve25519.c - ) -endif() - -if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/aes_encrypt.c - ${TINYCRYPT_DIR}/source/aes_decrypt.c - ${TINYCRYPT_DIR}/source/ctr_mode.c - ${TINYCRYPT_DIR}/source/hmac.c - ${TINYCRYPT_DIR}/source/ecc_dh.c - ) -endif() - -if(CONFIG_BOOT_ENCRYPT_EC256) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/ecc_dh.c - ) -endif() - -if(CONFIG_MCUBOOT_SERIAL) - zephyr_sources(${BOOT_DIR}/zephyr/serial_adapter.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/boot_serial.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/serial_recovery_cbor.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_decode.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_encode.c) - zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_common.c) - - zephyr_sources_ifdef(CONFIG_BOOT_MGMT_ECHO ${BOOT_DIR}/boot_serial/src/serial_recovery_echo.c) - - zephyr_include_directories(${BOOT_DIR}/bootutil/include) - zephyr_include_directories(${BOOT_DIR}/boot_serial/include) - zephyr_include_directories(include) - - zephyr_include_directories_ifdef( - CONFIG_BOOT_ERASE_PROGRESSIVELY - ${BOOT_DIR}/bootutil/src - ) -endif() - -if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "") - # CONF_FILE points to the KConfig configuration files of the bootloader. - foreach (filepath ${CONF_FILE}) - file(READ ${filepath} temp_text) - string(FIND "${temp_text}" ${CONFIG_BOOT_SIGNATURE_KEY_FILE} match) - if (${match} GREATER_EQUAL 0) - if (NOT DEFINED CONF_DIR) - get_filename_component(CONF_DIR ${filepath} DIRECTORY) - else() - message(FATAL_ERROR "Signature key file defined in multiple conf files") - endif() - endif() - endforeach() - - if(IS_ABSOLUTE ${CONFIG_BOOT_SIGNATURE_KEY_FILE}) - set(KEY_FILE ${CONFIG_BOOT_SIGNATURE_KEY_FILE}) - elseif((DEFINED CONF_DIR) AND - (EXISTS ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})) - set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) - else() - set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) - endif() - message("MCUBoot bootloader key file: ${KEY_FILE}") - - set(GENERATED_PUBKEY ${ZEPHYR_BINARY_DIR}/autogen-pubkey.c) - add_custom_command( - OUTPUT ${GENERATED_PUBKEY} - COMMAND - ${PYTHON_EXECUTABLE} - ${MCUBOOT_DIR}/scripts/imgtool.py - getpub - -k - ${KEY_FILE} - > ${GENERATED_PUBKEY} - DEPENDS ${KEY_FILE} - ) - zephyr_library_sources(${GENERATED_PUBKEY}) -endif() - -if(CONFIG_BOOT_ENCRYPTION_KEY_FILE AND NOT CONFIG_BOOT_ENCRYPTION_KEY_FILE STREQUAL "") - # CONF_FILE points to the KConfig configuration files of the bootloader. - unset(CONF_DIR) - foreach(filepath ${CONF_FILE}) - file(READ ${filepath} temp_text) - string(FIND "${temp_text}" ${CONFIG_BOOT_ENCRYPTION_KEY_FILE} match) - if(${match} GREATER_EQUAL 0) - if(NOT DEFINED CONF_DIR) - get_filename_component(CONF_DIR ${filepath} DIRECTORY) - else() - message(FATAL_ERROR "Encryption key file defined in multiple conf files") - endif() - endif() - endforeach() - - if(IS_ABSOLUTE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) - set(KEY_FILE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) - elseif((DEFINED CONF_DIR) AND - (EXISTS ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE})) - set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) - else() - set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) - endif() - message("MCUBoot bootloader encryption key file: ${KEY_FILE}") - - set(GENERATED_ENCKEY ${ZEPHYR_BINARY_DIR}/autogen-enckey.c) - add_custom_command( - OUTPUT ${GENERATED_ENCKEY} - COMMAND - ${PYTHON_EXECUTABLE} - ${MCUBOOT_DIR}/scripts/imgtool.py - getpriv - -k - ${KEY_FILE} - > ${GENERATED_ENCKEY} - DEPENDS ${KEY_FILE} - ) - zephyr_library_sources(${GENERATED_ENCKEY}) -endif() - -if(CONFIG_MCUBOOT_CLEANUP_ARM_CORE) -zephyr_library_sources( - ${BOOT_DIR}/zephyr/arm_cleanup.c -) -endif() +include(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/cmake/mcuboot_signature_key_file_generation.cmake) diff --git a/boot/zephyr/Kconfig b/boot/zephyr/Kconfig index e89a0b6025..379cd1105b 100644 --- a/boot/zephyr/Kconfig +++ b/boot/zephyr/Kconfig @@ -1,674 +1,10 @@ # Copyright (c) 2017-2020 Linaro Limited # Copyright (c) 2020 Arm Limited +# Copyright (c) 2022 Legrand North America, LLC. # # SPDX-License-Identifier: Apache-2.0 # mainmenu "MCUboot configuration" -comment "MCUboot-specific configuration options" - -# Hidden option to mark a project as MCUboot -config MCUBOOT - default y - bool - select MPU_ALLOW_FLASH_WRITE if ARM_MPU - select USE_DT_CODE_PARTITION if HAS_FLASH_LOAD_OFFSET - select MCUBOOT_BOOTUTIL_LIB - -config BOOT_USE_MBEDTLS - bool - # Hidden option - default n - help - Use mbedTLS for crypto primitives. - -config BOOT_USE_TINYCRYPT - bool - # Hidden option - default n - # When building for ECDSA, we use our own copy of mbedTLS, so the - # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros - # will collide. - help - Use TinyCrypt for crypto primitives. - -config BOOT_USE_CC310 - bool - # Hidden option - default n - # When building for ECDSA, we use our own copy of mbedTLS, so the - # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros - # will collide. - help - Use cc310 for crypto primitives. - -config BOOT_USE_NRF_CC310_BL - bool - default n - -config NRFXLIB_CRYPTO - bool - default n - -config NRF_CC310_BL - bool - default n - -menu "MCUBoot settings" - -config SINGLE_APPLICATION_SLOT - bool "Single slot bootloader" - default n - help - Single image area is used for application which means that - uploading a new application overwrites the one that previously - occupied the area. - -choice BOOT_SIGNATURE_TYPE - prompt "Signature type" - default BOOT_SIGNATURE_TYPE_RSA - -config BOOT_SIGNATURE_TYPE_NONE - bool "No signature; use only hash check" - select BOOT_USE_TINYCRYPT - -config BOOT_SIGNATURE_TYPE_RSA - bool "RSA signatures" - select BOOT_USE_MBEDTLS - select MBEDTLS - -if BOOT_SIGNATURE_TYPE_RSA -config BOOT_SIGNATURE_TYPE_RSA_LEN - int "RSA signature length" - range 2048 3072 - default 2048 -endif - -config BOOT_SIGNATURE_TYPE_ECDSA_P256 - bool "Elliptic curve digital signatures with curve P-256" - -if BOOT_SIGNATURE_TYPE_ECDSA_P256 -choice BOOT_ECDSA_IMPLEMENTATION - prompt "Ecdsa implementation" - default BOOT_ECDSA_TINYCRYPT - -config BOOT_ECDSA_TINYCRYPT - bool "Use tinycrypt" - select BOOT_USE_TINYCRYPT - -config BOOT_ECDSA_CC310 - bool "Use CC310" - depends on HAS_HW_NRF_CC310 - select BOOT_USE_NRF_CC310_BL - select NRF_CC310_BL - select NRFXLIB_CRYPTO - select BOOT_USE_CC310 -endchoice # Ecdsa implementation -endif - -config BOOT_SIGNATURE_TYPE_ED25519 - bool "Edwards curve digital signatures using ed25519" - -if BOOT_SIGNATURE_TYPE_ED25519 -choice BOOT_ED25519_IMPLEMENTATION - prompt "Ecdsa implementation" - default BOOT_ED25519_TINYCRYPT -config BOOT_ED25519_TINYCRYPT - bool "Use tinycrypt" - select BOOT_USE_TINYCRYPT -config BOOT_ED25519_MBEDTLS - bool "Use mbedTLS" - select BOOT_USE_MBEDTLS - select MBEDTLS -endchoice -endif - -endchoice - -config BOOT_SIGNATURE_KEY_FILE - string "PEM key file" - default "root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256 - default "root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519 - default "root-rsa-3072.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=3072 - default "root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=2048 - default "" - help - You can use either absolute or relative path. - In case relative path is used, the build system assumes that it starts - from the directory where the MCUBoot KConfig configuration file is - located. If the key file is not there, the build system uses relative - path that starts from the MCUBoot repository root directory. - The key file will be parsed by imgtool's getpub command and a .c source - with the public key information will be written in a format expected by - MCUboot. - -config MCUBOOT_CLEANUP_ARM_CORE - bool "Perform core cleanup before chain-load the application" - depends on CPU_CORTEX_M - default y if !ARCH_SUPPORTS_ARCH_HW_INIT - help - This option instructs MCUboot to perform a clean-up of a set of - architecture core HW registers before junping to the application - firmware. The clean-up sets these registers to their warm-reset - values as specified by the architecture. - - By default, this option is enabled only if the architecture does - not have the functionality to perform such a register clean-up - during application firmware boot. - - Zephyr applications on Cortex-M will perform this register clean-up - by default, if they are chain-loadable by MCUboot, so MCUboot does - not need to perform such a cleanup itself. - -config MBEDTLS_CFG_FILE - default "mcuboot-mbedtls-cfg.h" - -config BOOT_HW_KEY - bool "Use HW key for image verification" - default n - help - Use HW key for image verification, otherwise the public key is embedded - in MCUBoot. If enabled the public key is appended to the signed image - and requires the hash of the public key to be provisioned to the device - beforehand. - -config BOOT_VALIDATE_SLOT0 - bool "Validate image in the primary slot on every boot" - default y - help - If y, the bootloader attempts to validate the signature of the - primary slot every boot. This adds the signature check time to - every boot, but can mitigate against some changes that are - able to modify the flash image itself. - -config BOOT_VALIDATE_SLOT0_ONCE - bool "Validate image in the primary slot just once after after upgrade" - depends on !BOOT_VALIDATE_SLOT0 && SINGLE_APPLICATION_SLOT - default n - help - If y, the bootloader attempts to validate the signature of the - primary slot only once after an upgrade of the main slot. - It caches the result in the magic area, which makes it an unsecure - method. This option is usefull for lowering the boot up time for - low end devices with as a compromise lowering the security level. - If unsure, leave at the default value. - -config BOOT_PREFER_SWAP_MOVE - bool "Prefer the newer swap move algorithm" - default y if SOC_FAMILY_NRF - default y if !$(dt_nodelabel_enabled,scratch_partition) - help - If y, the BOOT_IMAGE_UPGRADE_MODE will default to using - "move" instead of "scratch". This is a separate bool config - option, because Kconfig doesn't allow defaults to be - overridden in choice options. Most devices should be using - swap move. - -if !SINGLE_APPLICATION_SLOT -choice BOOT_IMAGE_UPGRADE_MODE - prompt "Image upgrade modes" - default BOOT_SWAP_USING_MOVE if BOOT_PREFER_SWAP_MOVE - default BOOT_SWAP_USING_SCRATCH - -config BOOT_SWAP_USING_SCRATCH - bool "Swap mode that run with the scratch partition" - help - This is the most conservative swap mode but it can work even on - devices with heterogeneous flash page layout. - -config BOOT_UPGRADE_ONLY - bool "Overwrite image updates instead of swapping" - help - If y, overwrite the primary slot with the upgrade image instead - of swapping them. This prevents the fallback recovery, but - uses a much simpler code path. - -config BOOT_SWAP_USING_MOVE - bool "Swap mode that can run without a scratch partition" - help - If y, the swap upgrade is done in two steps, where first every - sector of the primary slot is moved up one sector, then for - each sector X in the secondary slot, it is moved to index X in - the primary slot, then the sector at X+1 in the primary is - moved to index X in the secondary. - This allows a swap upgrade without using a scratch partition, - but is currently limited to all sectors in both slots being of - the same size. - -config BOOT_DIRECT_XIP - bool "Run the latest image directly from its slot" - help - If y, mcuboot selects the newest valid image based on the image version - numbers, thereafter the selected image can run directly from its slot - without having to move/copy it into the primary slot. For this reason the - images must be linked to be executed from the given image slot. Using this - mode results in a simpler code path and smaller code size. - -config BOOT_RAM_LOAD - bool "RAM load" - help - If y, mcuboot selects the newest valid image based on the image version - numbers, thereafter the selected image is copied to RAM and executed from - there. For this reason, the image has to be linked to be executed from RAM. - The address that the image is copied to is specified using the load-addr - argument to the imgtool.py script which writes it to the image header. - -endchoice - -# Workaround for not being able to have commas in macro arguments -DT_CHOSEN_Z_SRAM := zephyr,sram - -if BOOT_RAM_LOAD -config BOOT_IMAGE_EXECUTABLE_RAM_START - hex "Boot image executable ram start" - default $(dt_chosen_reg_addr_hex,$(DT_CHOSEN_Z_SRAM)) - -config BOOT_IMAGE_EXECUTABLE_RAM_SIZE - int "Boot image executable base size" - default $(dt_chosen_reg_size_int,$(DT_CHOSEN_Z_SRAM),0) -endif - -config BOOT_DIRECT_XIP_REVERT - bool "Enable the revert mechanism in direct-xip mode" - depends on BOOT_DIRECT_XIP - default n - help - If y, enables the revert mechanism in direct-xip similar to the one in - swap mode. It requires the trailer magic to be added to the signed image. - When a reboot happens without the image being confirmed at runtime, the - bootloader considers the image faulty and erases it. After this it will - attempt to boot the previous image. The images can also be made permanent - (marked as confirmed in advance) just like in swap mode. - -config BOOT_BOOTSTRAP - bool "Bootstrap erased the primary slot from the secondary slot" - default n - help - If y, enables bootstraping support. Bootstrapping allows an erased - primary slot to be initialized from a valid image in the secondary slot. - If unsure, leave at the default value. - -config BOOT_SWAP_SAVE_ENCTLV - bool "Save encrypted key TLVs instead of plaintext keys in swap metadata" - default n - help - If y, instead of saving the encrypted image keys in plaintext in the - swap resume metadata, save the encrypted image TLVs. This should be used - when there is no security mechanism protecting the data in the primary - slot from being dumped. If n is selected (default), the keys are written - after being decrypted from the image TLVs and could be read by an - attacker who has access to the flash contents of the primary slot (eg - JTAG/SWD or primary slot in external flash). - If unsure, leave at the default value. - -config BOOT_ENCRYPT_IMAGE - bool - help - Hidden option used to check if any image encryption is enabled. - -config BOOT_ENCRYPT_RSA - bool "Support for encrypted upgrade images using RSA" - select BOOT_ENCRYPT_IMAGE - help - If y, images in the secondary slot can be encrypted and are decrypted - on the fly when upgrading to the primary slot, as well as encrypted - back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is RSA-OAEP (2048 bits). - -config BOOT_ENCRYPT_EC256 - bool "Support for encrypted upgrade images using ECIES-P256" - select BOOT_ENCRYPT_IMAGE - help - If y, images in the secondary slot can be encrypted and are decrypted - on the fly when upgrading to the primary slot, as well as encrypted - back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is ECIES using primitives - described under "ECIES-P256 encryption" in docs/encrypted_images.md. - -config BOOT_ENCRYPT_X25519 - bool "Support for encrypted upgrade images using ECIES-X25519" - select BOOT_ENCRYPT_IMAGE - help - If y, images in the secondary slot can be encrypted and are decrypted - on the fly when upgrading to the primary slot, as well as encrypted - back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is ECIES using primitives - described under "ECIES-X25519 encryption" in docs/encrypted_images.md. -endif # !SINGLE_APPLICATION_SLOT - -config BOOT_ENCRYPTION_KEY_FILE - string "encryption key file" - depends on BOOT_ENCRYPT_EC256 || BOOT_SERIAL_ENCRYPT_EC256 - default "enc-ec256-priv.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256 - default "" - help - You can use either absolute or relative path. - In case relative path is used, the build system assumes that it starts - from the directory where the MCUBoot KConfig configuration file is - located. If the key file is not there, the build system uses relative - path that starts from the MCUBoot repository root directory. - The key file will be parsed by imgtool's getpriv command and a .c source - with the public key information will be written in a format expected by - MCUboot. - -config BOOT_MAX_IMG_SECTORS - int "Maximum number of sectors per image slot" - default 128 - help - This option controls the maximum number of sectors that each of - the two image areas can contain. Smaller values reduce MCUboot's - memory usage; larger values allow it to support larger images. - If unsure, leave at the default value. - -config MEASURED_BOOT - bool "Store the boot state/measurements in shared memory" - default n - help - If enabled, the bootloader will store certain boot measurements such as - the hash of the firmware image in a shared memory area. This data can - be used later by runtime services (e.g. by a device attestation service). - -config BOOT_SHARE_DATA - bool "Save application specific data in shared memory area" - default n - -choice BOOT_FAULT_INJECTION_HARDENING_PROFILE - prompt "Fault injection hardening profile" - default BOOT_FIH_PROFILE_OFF - -config BOOT_FIH_PROFILE_OFF - bool "No hardening against hardware level fault injection" - help - No hardening in SW against hardware level fault injection: power or - clock glitching, etc. - -config BOOT_FIH_PROFILE_LOW - bool "Moderate level hardening against hardware level fault injection" - help - Moderate level hardening: Long global fail loop to avoid break out, - control flow integrity check to discover discrepancy in expected code - flow. - -config BOOT_FIH_PROFILE_MEDIUM - bool "Medium level hardening against hardware level fault injection" - help - Medium level hardening: Long global fail loop to avoid break out, - control flow integrity check to discover discrepancy in expected code - flow, double variables to discover register or memory corruption. - -config BOOT_FIH_PROFILE_HIGH - bool "Maximum level hardening against hardware level fault injection" - select MBEDTLS - help - Maximum level hardening: Long global fail loop to avoid break out, - control flow integrity check to discover discrepancy in expected code - flow, double variables to discover register or memory corruption, random - delays to make code execution less predictable. Random delays requires an - entropy source. - -endchoice - -choice BOOT_USB_DFU - prompt "USB DFU" - default BOOT_USB_DFU_NO - -config BOOT_USB_DFU_NO - prompt "Disabled" - -config BOOT_USB_DFU_WAIT - bool "Wait for a prescribed duration to see if USB DFU is invoked" - select USB_DEVICE_STACK - select USB_DFU_CLASS - select IMG_MANAGER - help - If y, MCUboot waits for a prescribed duration of time to allow - for USB DFU to be invoked. Please note DFU always updates the - slot1 image. - -config BOOT_USB_DFU_GPIO - bool "Use GPIO to detect whether to trigger DFU mode" - select USB_DEVICE_STACK - select USB_DFU_CLASS - select IMG_MANAGER - help - If y, MCUboot uses GPIO to detect whether to invoke USB DFU. - -endchoice - -config BOOT_USB_DFU_WAIT_DELAY_MS - int "USB DFU wait duration" - depends on BOOT_USB_DFU_WAIT - default 12000 - help - Milliseconds to wait for USB DFU to be invoked. - -if BOOT_USB_DFU_GPIO - -config BOOT_USB_DFU_DETECT_PORT - string "GPIO device to trigger USB DFU mode (DEPRECATED)" - default GPIO_0 if SOC_FAMILY_NRF - help - Zephyr GPIO device that contains the pin used to trigger - USB DFU. - -config BOOT_USB_DFU_DETECT_PIN - int "Pin to trigger USB DFU mode (DEPRECATED)" - default 6 if BOARD_NRF9160DK_NRF9160 - default 11 if BOARD_NRF52840DK_NRF52840 - default 13 if BOARD_NRF52DK_NRF52832 - default 23 if BOARD_NRF5340_DK_NRF5340_CPUAPP || BOARD_NRF5340_DK_NRF5340_CPUAPP_NS - default 43 if BOARD_BL5340_DVK_CPUAPP || BOARD_BL5340_DVK_CPUAPP_NS - default -1 - help - Pin on the DFU detect port that triggers DFU mode. - -config BOOT_USB_DFU_DETECT_PIN_VAL - int "USB DFU detect pin trigger value (DEPRECATED)" - default 0 - range 0 1 - help - Logic value of the detect pin that triggers USB DFU mode. - -config BOOT_USB_DFU_DETECT_DELAY - int "Serial detect pin detection delay time [ms]" - default 0 - help - Used to prevent the bootloader from loading on button press. - Useful for powering on when using the same button as - the one used to place the device in bootloader mode. - -endif # BOOT_USB_DFU_GPIO - -config ZEPHYR_TRY_MASS_ERASE - bool "Try to mass erase flash when flashing MCUboot image" - default y - help - If y, attempt to configure the Zephyr build system's "flash" - target to mass-erase the flash device before flashing the - MCUboot image. This ensures the scratch and other partitions - are in a consistent state. - - This is not available for all targets. - -config BOOT_USE_BENCH - bool "Enable benchmark code" - default n - help - If y, adds support for simple benchmarking that can record - time intervals between two calls. The time printed depends - on the particular Zephyr target, and is generally ticks of a - specific board-specific timer. - -module = MCUBOOT -module-str = MCUBoot bootloader -source "subsys/logging/Kconfig.template.log_config" - -config MCUBOOT_LOG_THREAD_STACK_SIZE - int "Stack size for the MCUBoot log processing thread" - depends on LOG && !LOG_IMMEDIATE - default 2048 if COVERAGE_GCOV - default 1024 if NO_OPTIMIZATIONS - default 1024 if XTENSA - default 4096 if (X86 && X86_64) - default 4096 if ARM64 - default 768 - help - Set the internal stack size for MCUBoot log processing thread. - -config MCUBOOT_INDICATION_LED - bool "Turns on LED indication when device is in DFU" - default n - help - Device device activates the LED while in bootloader mode. - bootloader-led0 alias must be set in the device's .dts - definitions for this to work. - -rsource "Kconfig.serial_recovery" - -config BOOT_INTR_VEC_RELOC - bool "Relocate the interrupt vector to the application" - default n - depends on SW_VECTOR_RELAY || CPU_CORTEX_M_HAS_VTOR - help - Relocate the interrupt vector to the application before it is started. - Select this option if application requires vector relocation, - but it doesn't relocate vector in its reset handler. - -config UPDATEABLE_IMAGE_NUMBER - int "Number of updateable images" - default 1 - range 1 1 if SINGLE_APPLICATION_SLOT - help - Enables support of multi image update. - -choice BOOT_DOWNGRADE_PREVENTION_CHOICE - prompt "Downgrade prevention" - optional - -config MCUBOOT_DOWNGRADE_PREVENTION - bool "SW based downgrade prevention" - depends on !BOOT_DIRECT_XIP - help - Prevent downgrades by enforcing incrementing version numbers. - When this option is set, any upgrade must have greater major version - or greater minor version with equal major version. This mechanism - only protects against some attacks against version downgrades (for - example, a JTAG could be used to write an older version). - -config MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER - bool "Use image security counter instead of version number" - depends on MCUBOOT_DOWNGRADE_PREVENTION - depends on (BOOT_SWAP_USING_MOVE || BOOT_SWAP_USING_SCRATCH) - help - Security counter is used for version eligibility check instead of pure - version. When this option is set, any upgrade must have greater or - equal security counter value. - Because of the acceptance of equal values it allows for software - downgrades to some extent. - -config MCUBOOT_HW_DOWNGRADE_PREVENTION - bool "HW based downgrade prevention" - help - Prevent undesirable/malicious software downgrades. When this option is - set, any upgrade must have greater or equal security counter value. - Because of the acceptance of equal values it allows for software - downgrade to some extent. - -endchoice - -config BOOT_WATCHDOG_FEED - bool "Feed the watchdog while doing swap" - default y if WATCHDOG - default y if SOC_FAMILY_NRF - # for nRF nrfx based implementation is available - imply NRFX_WDT if SOC_FAMILY_NRF - imply NRFX_WDT0 if SOC_FAMILY_NRF - imply NRFX_WDT1 if SOC_FAMILY_NRF - help - Enables implementation of MCUBOOT_WATCHDOG_FEED() macro which is - used to feed watchdog while doing time consuming operations. - -config BOOT_IMAGE_ACCESS_HOOKS - bool "Enable hooks for overriding MCUboot's native routines" - help - Allow to provide procedures for override or extend native - MCUboot's routines required for access the image data and the image - update. It is up to the project customization to add required source - files to the build. - -config MCUBOOT_ACTION_HOOKS - bool "Enable hooks for responding to MCUboot status changes" - help - This will call a handler when the MCUboot status changes which allows - for some level of user feedback, for instance to change LED status to - indicate a failure, using the callback: - 'void mcuboot_status_change(mcuboot_status_type_t status)' where - 'mcuboot_status_type_t' is listed in - boot/bootutil/include/bootutil/mcuboot_status.h - -endmenu - -config MCUBOOT_DEVICE_SETTINGS - # Hidden selector for device-specific settings - bool - default y - # CPU options - select MCUBOOT_DEVICE_CPU_CORTEX_M0 if CPU_CORTEX_M0 - # Enable flash page layout if available - select FLASH_PAGE_LAYOUT if FLASH_HAS_PAGE_LAYOUT - # Enable flash_map module as flash I/O back-end - select FLASH_MAP - -config MCUBOOT_DEVICE_CPU_CORTEX_M0 - # Hidden selector for Cortex-M0 settings - bool - default n - select SW_VECTOR_RELAY if !CPU_CORTEX_M0_HAS_VECTOR_TABLE_REMAP - -comment "Zephyr configuration options" - -# Disabling MULTITHREADING provides a code size advantage, but -# it requires peripheral drivers (particularly a flash driver) -# that works properly with the option enabled. -# -# If you know for sure that your hardware will work, you can default -# it to n here. Otherwise, having it on by default makes the most -# hardware work. -config MULTITHREADING - default y if BOOT_SERIAL_CDC_ACM #usb driver requires MULTITHREADING - default y if BOOT_USB_DFU_GPIO || BOOT_USB_DFU_WAIT - default n if SOC_FAMILY_NRF - default y - -config LOG_PROCESS_THREAD - default n # mcuboot has its own log processing thread - -# override USB device name -config USB_DEVICE_PRODUCT - default "MCUBOOT" - -# use MCUboot's own log configuration -config MCUBOOT_BOOTUTIL_LIB_OWN_LOG - bool - default n - -config MCUBOOT_VERIFY_IMG_ADDRESS - bool "Verify reset address of image in secondary slot" - depends on UPDATEABLE_IMAGE_NUMBER > 1 - depends on !BOOT_ENCRYPT_IMAGE - depends on ARM - default y if BOOT_UPGRADE_ONLY - help - Verify that the reset address in the image located in the secondary slot - is contained within the corresponding primary slot. This is recommended - if swapping is not used (that is, BOOT_UPGRADE_ONLY is set). If a user - incorrectly uploads an update for image 1 to image 0's secondary slot - MCUboot will overwrite image 0's primary slot with this image even - though it will not boot. If swapping is enabled this will be handled - since the image will not confirm itself. If, however, swapping is not - enabled then the only mitigation is serial recovery. This feature can - also be useful when BOOT_DIRECT_XIP is enabled, to ensure that the image - linked at the correct address is loaded. - source "Kconfig.zephyr" diff --git a/boot/zephyr/prj.conf b/boot/zephyr/prj.conf index e4c0129437..13dd6b4c86 100644 --- a/boot/zephyr/prj.conf +++ b/boot/zephyr/prj.conf @@ -1,7 +1,13 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_MCUBOOT_APP=y CONFIG_DEBUG=y CONFIG_PM=n CONFIG_MAIN_STACK_SIZE=10240 +CONFIG_CUSTOM_MBEDTLS_CFG_FILE=y CONFIG_MBEDTLS_CFG_FILE="mcuboot-mbedtls-cfg.h" CONFIG_BOOT_SWAP_SAVE_ENCTLV=n @@ -34,3 +40,4 @@ CONFIG_LOG_MODE_MINIMAL=y # former CONFIG_MODE_MINIMAL CONFIG_LOG_DEFAULT_LEVEL=0 ### Decrease footprint by ~4 KB in comparison to CBPRINTF_COMPLETE=y CONFIG_CBPRINTF_NANO=y +CONFIG_MCUBOOT_DEVICE_SETTINGS=y diff --git a/zephyr/CMakeLists.txt b/zephyr/CMakeLists.txt new file mode 100644 index 0000000000..9cb70c5bbd --- /dev/null +++ b/zephyr/CMakeLists.txt @@ -0,0 +1,38 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + + +cmake_minimum_required(VERSION 3.10 FATAL_ERROR) + + +# Detect the platform reliably +if(NOT ZEPHYR_BASE) + message(FATAL_ERROR "ZEPHYR_BASE needs to be defined for Zephyr builds") +endif() + +# Verify the module name is set correctly +set(expected_module_name "mcuboot") +if(NOT "${module_name}" STREQUAL ${expected_module_name}) + message(FATAL_ERROR " + ------------------------------------------------------------------------ + A module configuration error has occurred. + + This module is named '${module_name}' when '${expected_module_name}' is expected. + Verify `module.yml` contains the line 'name: ${expected_module_name}'. + ------------------------------------------------------------------------") +endif() +unset(expected_module_name) + +# Do not allow in source builds +set(CMAKE_DISABLE_SOURCE_CHANGES ON) +set(CMAKE_DISABLE_IN_SOURCE_BUILD ON) + + +# +# Module options managed through Kconfig and use names CONFIG_* +# + +zephyr_include_directories(../boot/zephyr/include) + +add_subdirectory(subsys) diff --git a/zephyr/Kconfig b/zephyr/Kconfig new file mode 100644 index 0000000000..dadc4892e1 --- /dev/null +++ b/zephyr/Kconfig @@ -0,0 +1,676 @@ +# Copyright (c) 2017-2020 Linaro Limited +# Copyright (c) 2020 Arm Limited +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 +# + +comment "MCUboot-specific configuration options" + +# Option to build the project with the MCUBoot application +config MCUBOOT_APP + bool "MCUBoot application" + select MPU_ALLOW_FLASH_WRITE if ARM_MPU + select USE_DT_CODE_PARTITION if HAS_FLASH_LOAD_OFFSET + select MCUBOOT_BOOTUTIL_LIB + select MCUBOOT + +config MCUBOOT_BOOTUTIL_LIB_OWN_LOG + default n if MCUBOOT_APP + +config BOOT_USE_MBEDTLS + bool + # Hidden option + default n + help + Use mbedTLS for crypto primitives. + +config BOOT_USE_TINYCRYPT + bool + # Hidden option + default n + # When building for ECDSA, we use our own copy of mbedTLS, so the + # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros + # will collide. + help + Use TinyCrypt for crypto primitives. + +config BOOT_USE_CC310 + bool + # Hidden option + default n + # When building for ECDSA, we use our own copy of mbedTLS, so the + # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros + # will collide. + help + Use cc310 for crypto primitives. + +config BOOT_USE_NRF_CC310_BL + bool + default n + +config NRFXLIB_CRYPTO + bool + default n + +config NRF_CC310_BL + bool + default n + +menu "MCUBoot settings" + +config SINGLE_APPLICATION_SLOT + bool "Single slot bootloader" + default n + help + Single image area is used for application which means that + uploading a new application overwrites the one that previously + occupied the area. + +choice BOOT_SIGNATURE_TYPE + prompt "Signature type" + default BOOT_SIGNATURE_TYPE_RSA + +config BOOT_SIGNATURE_TYPE_NONE + bool "No signature; use only hash check" + select BOOT_USE_TINYCRYPT + +config BOOT_SIGNATURE_TYPE_RSA + bool "RSA signatures" + select BOOT_USE_MBEDTLS + select MBEDTLS + +if BOOT_SIGNATURE_TYPE_RSA +config BOOT_SIGNATURE_TYPE_RSA_LEN + int "RSA signature length" + range 2048 3072 + default 2048 +endif + +config BOOT_SIGNATURE_TYPE_ECDSA_P256 + bool "Elliptic curve digital signatures with curve P-256" + +if BOOT_SIGNATURE_TYPE_ECDSA_P256 +choice BOOT_ECDSA_IMPLEMENTATION + prompt "Ecdsa implementation" + default BOOT_ECDSA_TINYCRYPT + +config BOOT_ECDSA_TINYCRYPT + bool "Use tinycrypt" + select BOOT_USE_TINYCRYPT + +config BOOT_ECDSA_CC310 + bool "Use CC310" + depends on HAS_HW_NRF_CC310 + select BOOT_USE_NRF_CC310_BL + select NRF_CC310_BL + select NRFXLIB_CRYPTO + select BOOT_USE_CC310 +endchoice # Ecdsa implementation +endif + +config BOOT_SIGNATURE_TYPE_ED25519 + bool "Edwards curve digital signatures using ed25519" + +if BOOT_SIGNATURE_TYPE_ED25519 +choice BOOT_ED25519_IMPLEMENTATION + prompt "Ecdsa implementation" + default BOOT_ED25519_TINYCRYPT +config BOOT_ED25519_TINYCRYPT + bool "Use tinycrypt" + select BOOT_USE_TINYCRYPT +config BOOT_ED25519_MBEDTLS + bool "Use mbedTLS" + select BOOT_USE_MBEDTLS + select MBEDTLS +endchoice +endif + +endchoice + +config BOOT_SIGNATURE_KEY_FILE + string "PEM key file" + default "root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256 + default "root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519 + default "root-rsa-3072.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=3072 + default "root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA && BOOT_SIGNATURE_TYPE_RSA_LEN=2048 + default "" + help + You can use either absolute or relative path. + In case relative path is used, the build system assumes that it starts + from the directory where the MCUBoot KConfig configuration file is + located. If the key file is not there, the build system uses relative + path that starts from the MCUBoot repository root directory. + The key file will be parsed by imgtool's getpub command and a .c source + with the public key information will be written in a format expected by + MCUboot. + +config MCUBOOT_CLEANUP_ARM_CORE + bool "Perform core cleanup before chain-load the application" + depends on CPU_CORTEX_M + default y if !ARCH_SUPPORTS_ARCH_HW_INIT + help + This option instructs MCUboot to perform a clean-up of a set of + architecture core HW registers before junping to the application + firmware. The clean-up sets these registers to their warm-reset + values as specified by the architecture. + + By default, this option is enabled only if the architecture does + not have the functionality to perform such a register clean-up + during application firmware boot. + + Zephyr applications on Cortex-M will perform this register clean-up + by default, if they are chain-loadable by MCUboot, so MCUboot does + not need to perform such a cleanup itself. + +config MBEDTLS_CFG_FILE + default "mcuboot-mbedtls-cfg.h" if MCUBOOT_APP + +config BOOT_HW_KEY + bool "Use HW key for image verification" + default n + help + Use HW key for image verification, otherwise the public key is embedded + in MCUBoot. If enabled the public key is appended to the signed image + and requires the hash of the public key to be provisioned to the device + beforehand. + +config BOOT_VALIDATE_SLOT0 + bool "Validate image in the primary slot on every boot" + default y + help + If y, the bootloader attempts to validate the signature of the + primary slot every boot. This adds the signature check time to + every boot, but can mitigate against some changes that are + able to modify the flash image itself. + +config BOOT_VALIDATE_SLOT0_ONCE + bool "Validate image in the primary slot just once after after upgrade" + depends on !BOOT_VALIDATE_SLOT0 && SINGLE_APPLICATION_SLOT + default n + help + If y, the bootloader attempts to validate the signature of the + primary slot only once after an upgrade of the main slot. + It caches the result in the magic area, which makes it an unsecure + method. This option is usefull for lowering the boot up time for + low end devices with as a compromise lowering the security level. + If unsure, leave at the default value. + +config BOOT_PREFER_SWAP_MOVE + bool "Prefer the newer swap move algorithm" + default y if SOC_FAMILY_NRF + default y if !$(dt_nodelabel_enabled,scratch_partition) + help + If y, the BOOT_IMAGE_UPGRADE_MODE will default to using + "move" instead of "scratch". This is a separate bool config + option, because Kconfig doesn't allow defaults to be + overridden in choice options. Most devices should be using + swap move. + +if !SINGLE_APPLICATION_SLOT +choice BOOT_IMAGE_UPGRADE_MODE + prompt "Image upgrade modes" + default BOOT_SWAP_USING_MOVE if BOOT_PREFER_SWAP_MOVE + default BOOT_SWAP_USING_SCRATCH + +config BOOT_SWAP_USING_SCRATCH + bool "Swap mode that run with the scratch partition" + help + This is the most conservative swap mode but it can work even on + devices with heterogeneous flash page layout. + +config BOOT_UPGRADE_ONLY + bool "Overwrite image updates instead of swapping" + help + If y, overwrite the primary slot with the upgrade image instead + of swapping them. This prevents the fallback recovery, but + uses a much simpler code path. + +config BOOT_SWAP_USING_MOVE + bool "Swap mode that can run without a scratch partition" + help + If y, the swap upgrade is done in two steps, where first every + sector of the primary slot is moved up one sector, then for + each sector X in the secondary slot, it is moved to index X in + the primary slot, then the sector at X+1 in the primary is + moved to index X in the secondary. + This allows a swap upgrade without using a scratch partition, + but is currently limited to all sectors in both slots being of + the same size. + +config BOOT_DIRECT_XIP + bool "Run the latest image directly from its slot" + help + If y, mcuboot selects the newest valid image based on the image version + numbers, thereafter the selected image can run directly from its slot + without having to move/copy it into the primary slot. For this reason the + images must be linked to be executed from the given image slot. Using this + mode results in a simpler code path and smaller code size. + +config BOOT_RAM_LOAD + bool "RAM load" + help + If y, mcuboot selects the newest valid image based on the image version + numbers, thereafter the selected image is copied to RAM and executed from + there. For this reason, the image has to be linked to be executed from RAM. + The address that the image is copied to is specified using the load-addr + argument to the imgtool.py script which writes it to the image header. + +endchoice + +# Workaround for not being able to have commas in macro arguments +DT_CHOSEN_Z_SRAM := zephyr,sram + +if BOOT_RAM_LOAD +config BOOT_IMAGE_EXECUTABLE_RAM_START + hex "Boot image executable ram start" + default $(dt_chosen_reg_addr_hex,$(DT_CHOSEN_Z_SRAM)) + +config BOOT_IMAGE_EXECUTABLE_RAM_SIZE + int "Boot image executable base size" + default $(dt_chosen_reg_size_int,$(DT_CHOSEN_Z_SRAM),0) +endif + +config BOOT_DIRECT_XIP_REVERT + bool "Enable the revert mechanism in direct-xip mode" + depends on BOOT_DIRECT_XIP + default n + help + If y, enables the revert mechanism in direct-xip similar to the one in + swap mode. It requires the trailer magic to be added to the signed image. + When a reboot happens without the image being confirmed at runtime, the + bootloader considers the image faulty and erases it. After this it will + attempt to boot the previous image. The images can also be made permanent + (marked as confirmed in advance) just like in swap mode. + +config BOOT_BOOTSTRAP + bool "Bootstrap erased the primary slot from the secondary slot" + default n + help + If y, enables bootstraping support. Bootstrapping allows an erased + primary slot to be initialized from a valid image in the secondary slot. + If unsure, leave at the default value. + +config BOOT_SWAP_SAVE_ENCTLV + bool "Save encrypted key TLVs instead of plaintext keys in swap metadata" + default n + help + If y, instead of saving the encrypted image keys in plaintext in the + swap resume metadata, save the encrypted image TLVs. This should be used + when there is no security mechanism protecting the data in the primary + slot from being dumped. If n is selected (default), the keys are written + after being decrypted from the image TLVs and could be read by an + attacker who has access to the flash contents of the primary slot (eg + JTAG/SWD or primary slot in external flash). + If unsure, leave at the default value. + +config BOOT_ENCRYPT_IMAGE + bool + help + Hidden option used to check if any image encryption is enabled. + +config BOOT_ENCRYPT_RSA + bool "Support for encrypted upgrade images using RSA" + select BOOT_ENCRYPT_IMAGE + help + If y, images in the secondary slot can be encrypted and are decrypted + on the fly when upgrading to the primary slot, as well as encrypted + back when swapping from the primary slot to the secondary slot. The + encryption mechanism used in this case is RSA-OAEP (2048 bits). + +config BOOT_ENCRYPT_EC256 + bool "Support for encrypted upgrade images using ECIES-P256" + select BOOT_ENCRYPT_IMAGE + help + If y, images in the secondary slot can be encrypted and are decrypted + on the fly when upgrading to the primary slot, as well as encrypted + back when swapping from the primary slot to the secondary slot. The + encryption mechanism used in this case is ECIES using primitives + described under "ECIES-P256 encryption" in docs/encrypted_images.md. + +config BOOT_ENCRYPT_X25519 + bool "Support for encrypted upgrade images using ECIES-X25519" + select BOOT_ENCRYPT_IMAGE + help + If y, images in the secondary slot can be encrypted and are decrypted + on the fly when upgrading to the primary slot, as well as encrypted + back when swapping from the primary slot to the secondary slot. The + encryption mechanism used in this case is ECIES using primitives + described under "ECIES-X25519 encryption" in docs/encrypted_images.md. +endif # !SINGLE_APPLICATION_SLOT + +config BOOT_ENCRYPTION_KEY_FILE + string "encryption key file" + depends on BOOT_ENCRYPT_EC256 || BOOT_SERIAL_ENCRYPT_EC256 + default "enc-ec256-priv.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256 + default "" + help + You can use either absolute or relative path. + In case relative path is used, the build system assumes that it starts + from the directory where the MCUBoot KConfig configuration file is + located. If the key file is not there, the build system uses relative + path that starts from the MCUBoot repository root directory. + The key file will be parsed by imgtool's getpriv command and a .c source + with the public key information will be written in a format expected by + MCUboot. + +config BOOT_MAX_IMG_SECTORS + int "Maximum number of sectors per image slot" + default 128 + help + This option controls the maximum number of sectors that each of + the two image areas can contain. Smaller values reduce MCUboot's + memory usage; larger values allow it to support larger images. + If unsure, leave at the default value. + +config MEASURED_BOOT + bool "Store the boot state/measurements in shared memory" + default n + help + If enabled, the bootloader will store certain boot measurements such as + the hash of the firmware image in a shared memory area. This data can + be used later by runtime services (e.g. by a device attestation service). + +config BOOT_SHARE_DATA + bool "Save application specific data in shared memory area" + default n + +choice BOOT_FAULT_INJECTION_HARDENING_PROFILE + prompt "Fault injection hardening profile" + default BOOT_FIH_PROFILE_OFF + +config BOOT_FIH_PROFILE_OFF + bool "No hardening against hardware level fault injection" + help + No hardening in SW against hardware level fault injection: power or + clock glitching, etc. + +config BOOT_FIH_PROFILE_LOW + bool "Moderate level hardening against hardware level fault injection" + help + Moderate level hardening: Long global fail loop to avoid break out, + control flow integrity check to discover discrepancy in expected code + flow. + +config BOOT_FIH_PROFILE_MEDIUM + bool "Medium level hardening against hardware level fault injection" + help + Medium level hardening: Long global fail loop to avoid break out, + control flow integrity check to discover discrepancy in expected code + flow, double variables to discover register or memory corruption. + +config BOOT_FIH_PROFILE_HIGH + bool "Maximum level hardening against hardware level fault injection" + select MBEDTLS + help + Maximum level hardening: Long global fail loop to avoid break out, + control flow integrity check to discover discrepancy in expected code + flow, double variables to discover register or memory corruption, random + delays to make code execution less predictable. Random delays requires an + entropy source. + +endchoice + +choice BOOT_USB_DFU + prompt "USB DFU" + default BOOT_USB_DFU_NO + +config BOOT_USB_DFU_NO + prompt "Disabled" + +config BOOT_USB_DFU_WAIT + bool "Wait for a prescribed duration to see if USB DFU is invoked" + select USB_DEVICE_STACK + select USB_DFU_CLASS + select IMG_MANAGER + help + If y, MCUboot waits for a prescribed duration of time to allow + for USB DFU to be invoked. Please note DFU always updates the + slot1 image. + +config BOOT_USB_DFU_GPIO + bool "Use GPIO to detect whether to trigger DFU mode" + select USB_DEVICE_STACK + select USB_DFU_CLASS + select IMG_MANAGER + help + If y, MCUboot uses GPIO to detect whether to invoke USB DFU. + +endchoice + +config BOOT_USB_DFU_WAIT_DELAY_MS + int "USB DFU wait duration" + depends on BOOT_USB_DFU_WAIT + default 12000 + help + Milliseconds to wait for USB DFU to be invoked. + +if BOOT_USB_DFU_GPIO + +config BOOT_USB_DFU_DETECT_PORT + string "GPIO device to trigger USB DFU mode (DEPRECATED)" + default GPIO_0 if SOC_FAMILY_NRF + help + Zephyr GPIO device that contains the pin used to trigger + USB DFU. + +config BOOT_USB_DFU_DETECT_PIN + int "Pin to trigger USB DFU mode (DEPRECATED)" + default 6 if BOARD_NRF9160DK_NRF9160 + default 11 if BOARD_NRF52840DK_NRF52840 + default 13 if BOARD_NRF52DK_NRF52832 + default 23 if BOARD_NRF5340_DK_NRF5340_CPUAPP || BOARD_NRF5340_DK_NRF5340_CPUAPP_NS + default 43 if BOARD_BL5340_DVK_CPUAPP || BOARD_BL5340_DVK_CPUAPP_NS + default -1 + help + Pin on the DFU detect port that triggers DFU mode. + +config BOOT_USB_DFU_DETECT_PIN_VAL + int "USB DFU detect pin trigger value (DEPRECATED)" + default 0 + range 0 1 + help + Logic value of the detect pin that triggers USB DFU mode. + +config BOOT_USB_DFU_DETECT_DELAY + int "Serial detect pin detection delay time [ms]" + default 0 + help + Used to prevent the bootloader from loading on button press. + Useful for powering on when using the same button as + the one used to place the device in bootloader mode. + +endif # BOOT_USB_DFU_GPIO + +config ZEPHYR_TRY_MASS_ERASE + bool "Try to mass erase flash when flashing MCUboot image" + default y + help + If y, attempt to configure the Zephyr build system's "flash" + target to mass-erase the flash device before flashing the + MCUboot image. This ensures the scratch and other partitions + are in a consistent state. + + This is not available for all targets. + +config BOOT_USE_BENCH + bool "Enable benchmark code" + default n + help + If y, adds support for simple benchmarking that can record + time intervals between two calls. The time printed depends + on the particular Zephyr target, and is generally ticks of a + specific board-specific timer. + +if MCUBOOT_APP +module = MCUBOOT +module-str = MCUBoot bootloader +source "subsys/logging/Kconfig.template.log_config" +endif + +config MCUBOOT_LOG_THREAD_STACK_SIZE + int "Stack size for the MCUBoot log processing thread" + depends on LOG && !LOG_IMMEDIATE + default 2048 if COVERAGE_GCOV + default 1024 if NO_OPTIMIZATIONS + default 1024 if XTENSA + default 4096 if (X86 && X86_64) + default 4096 if ARM64 + default 768 + help + Set the internal stack size for MCUBoot log processing thread. + +config MCUBOOT_INDICATION_LED + bool "Turns on LED indication when device is in DFU" + default n + help + Device device activates the LED while in bootloader mode. + bootloader-led0 alias must be set in the device's .dts + definitions for this to work. + +rsource "Kconfig.serial_recovery" + +config BOOT_INTR_VEC_RELOC + bool "Relocate the interrupt vector to the application" + default n + depends on SW_VECTOR_RELAY || CPU_CORTEX_M_HAS_VTOR + help + Relocate the interrupt vector to the application before it is started. + Select this option if application requires vector relocation, + but it doesn't relocate vector in its reset handler. + +config UPDATEABLE_IMAGE_NUMBER + int "Number of updateable images" + default 1 + range 1 1 if SINGLE_APPLICATION_SLOT + help + Enables support of multi image update. + +choice BOOT_DOWNGRADE_PREVENTION_CHOICE + prompt "Downgrade prevention" + optional + +config MCUBOOT_DOWNGRADE_PREVENTION + bool "SW based downgrade prevention" + depends on !BOOT_DIRECT_XIP + help + Prevent downgrades by enforcing incrementing version numbers. + When this option is set, any upgrade must have greater major version + or greater minor version with equal major version. This mechanism + only protects against some attacks against version downgrades (for + example, a JTAG could be used to write an older version). + +config MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER + bool "Use image security counter instead of version number" + depends on MCUBOOT_DOWNGRADE_PREVENTION + depends on (BOOT_SWAP_USING_MOVE || BOOT_SWAP_USING_SCRATCH) + help + Security counter is used for version eligibility check instead of pure + version. When this option is set, any upgrade must have greater or + equal security counter value. + Because of the acceptance of equal values it allows for software + downgrades to some extent. + +config MCUBOOT_HW_DOWNGRADE_PREVENTION + bool "HW based downgrade prevention" + help + Prevent undesirable/malicious software downgrades. When this option is + set, any upgrade must have greater or equal security counter value. + Because of the acceptance of equal values it allows for software + downgrade to some extent. + +endchoice + +config BOOT_WATCHDOG_FEED + bool "Feed the watchdog while doing swap" + default y if WATCHDOG + default y if SOC_FAMILY_NRF + # for nRF nrfx based implementation is available + imply NRFX_WDT if SOC_FAMILY_NRF + imply NRFX_WDT0 if SOC_FAMILY_NRF + imply NRFX_WDT1 if SOC_FAMILY_NRF + help + Enables implementation of MCUBOOT_WATCHDOG_FEED() macro which is + used to feed watchdog while doing time consuming operations. + +config BOOT_IMAGE_ACCESS_HOOKS + bool "Enable hooks for overriding MCUboot's native routines" + help + Allow to provide procedures for override or extend native + MCUboot's routines required for access the image data and the image + update. It is up to the project customization to add required source + files to the build. + +config MCUBOOT_ACTION_HOOKS + bool "Enable hooks for responding to MCUboot status changes" + help + This will call a handler when the MCUboot status changes which allows + for some level of user feedback, for instance to change LED status to + indicate a failure, using the callback: + 'void mcuboot_status_change(mcuboot_status_type_t status)' where + 'mcuboot_status_type_t' is listed in + boot/bootutil/include/bootutil/mcuboot_status.h + +endmenu + +config MCUBOOT_DEVICE_SETTINGS + # Hidden selector for device-specific settings + bool "Non-hidden selector for device-specific settings" + default n + # CPU options + select MCUBOOT_DEVICE_CPU_CORTEX_M0 if CPU_CORTEX_M0 + # Enable flash page layout if available + select FLASH_PAGE_LAYOUT if FLASH_HAS_PAGE_LAYOUT + # Enable flash_map module as flash I/O back-end + select FLASH_MAP + +config MCUBOOT_DEVICE_CPU_CORTEX_M0 + # Hidden selector for Cortex-M0 settings + bool + default n + select SW_VECTOR_RELAY if !CPU_CORTEX_M0_HAS_VECTOR_TABLE_REMAP + +comment "Zephyr configuration options" + +# Disabling MULTITHREADING provides a code size advantage, but +# it requires peripheral drivers (particularly a flash driver) +# that works properly with the option enabled. +# +# If you know for sure that your hardware will work, you can default +# it to n here. Otherwise, having it on by default makes the most +# hardware work. + +if MCUBOOT_APP +config MULTITHREADING + default y if BOOT_SERIAL_CDC_ACM #usb driver requires MULTITHREADING + default y if BOOT_USB_DFU_GPIO || BOOT_USB_DFU_WAIT + default n if SOC_FAMILY_NRF + default y +endif + +config LOG_PROCESS_THREAD + default n # mcuboot has its own log processing thread + +# override USB device name +config USB_DEVICE_PRODUCT + default "MCUBOOT" + +config MCUBOOT_VERIFY_IMG_ADDRESS + bool "Verify reset address of image in secondary slot" + depends on UPDATEABLE_IMAGE_NUMBER > 1 + depends on !BOOT_ENCRYPT_IMAGE + depends on ARM + default y if BOOT_UPGRADE_ONLY + help + Verify that the reset address in the image located in the secondary slot + is contained within the corresponding primary slot. This is recommended + if swapping is not used (that is, BOOT_UPGRADE_ONLY is set). If a user + incorrectly uploads an update for image 1 to image 0's secondary slot + MCUboot will overwrite image 0's primary slot with this image even + though it will not boot. If swapping is enabled this will be handled + since the image will not confirm itself. If, however, swapping is not + enabled then the only mitigation is serial recovery. This feature can + also be useful when BOOT_DIRECT_XIP is enabled, to ensure that the image + linked at the correct address is loaded. + +source "modules/Kconfig.mcuboot_bootutil" diff --git a/boot/zephyr/Kconfig.serial_recovery b/zephyr/Kconfig.serial_recovery similarity index 100% rename from boot/zephyr/Kconfig.serial_recovery rename to zephyr/Kconfig.serial_recovery diff --git a/zephyr/cmake/mcuboot_signature_key_file_generation.cmake b/zephyr/cmake/mcuboot_signature_key_file_generation.cmake new file mode 100644 index 0000000000..fb474170a5 --- /dev/null +++ b/zephyr/cmake/mcuboot_signature_key_file_generation.cmake @@ -0,0 +1,49 @@ +# Copyright (c) 2017 Open Source Foundaries Limited +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + +#cmake_minimum_required(VERSION 3.20.0) + +# This is a MCUBoot-specific fragment for top-level CMakeLists.txt files. +# Sourcing this file brings in reusable logic to generate the public key file. + +if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "") + # CONF_FILE points to the KConfig configuration files of the bootloader. + foreach (mcuboot_filepath ${CONF_FILE}) + string(CONFIGURE "${mcuboot_filepath}" mcuboot_filepath_expanded) + file(READ ${mcuboot_filepath_expanded} temp_text) + string(FIND "${temp_text}" ${CONFIG_BOOT_SIGNATURE_KEY_FILE} match) + if (${match} GREATER_EQUAL 0) + if (NOT DEFINED mcuboot_signature_file_dir) + get_filename_component(mcuboot_signature_file_dir ${mcuboot_filepath_expanded} DIRECTORY) + else() + message(FATAL_ERROR "Signature key file defined in multiple conf files") + endif() + endif() + endforeach() + + if(IS_ABSOLUTE ${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + set(KEY_FILE ${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + elseif((DEFINED mcuboot_signature_file_dir) AND + (EXISTS ${mcuboot_signature_file_dir}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})) + set(KEY_FILE ${mcuboot_signature_file_dir}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + else() + set(KEY_FILE ${ZEPHYR_MCUBOOT_MODULE_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + endif() + message("MCUBoot bootloader key file: ${KEY_FILE}") + + set(GENERATED_PUBKEY ${ZEPHYR_BINARY_DIR}/autogen-pubkey.c) + add_custom_command( + OUTPUT ${GENERATED_PUBKEY} + COMMAND + ${PYTHON_EXECUTABLE} + ${ZEPHYR_MCUBOOT_MODULE_DIR}/scripts/imgtool.py + getpub + -k + ${KEY_FILE} + > ${GENERATED_PUBKEY} + DEPENDS ${KEY_FILE} + ) + zephyr_library_sources(${GENERATED_PUBKEY}) +endif() diff --git a/zephyr/cmake/mcuboot_zephyr_runner_mass_erase.cmake b/zephyr/cmake/mcuboot_zephyr_runner_mass_erase.cmake new file mode 100644 index 0000000000..7338638414 --- /dev/null +++ b/zephyr/cmake/mcuboot_zephyr_runner_mass_erase.cmake @@ -0,0 +1,23 @@ +# Copyright (c) 2017 Open Source Foundaries Limited +# +# SPDX-License-Identifier: Apache-2.0 + +# Enable Zephyr runner options which request mass erase if so +# configured. +# +# Note that this also disables the default "leave" option when +# targeting STM32 DfuSe devices with dfu-util, making the chip stay in +# the bootloader after flashing. +# +# That's the right thing, because mcuboot has nothing to do since the +# chip was just erased. The next thing the user is going to want to do +# is flash the application. (Developers can reset DfuSE devices +# manually to test mcuboot behavior on an otherwise erased flash +# device.) +macro(app_set_runner_args) + if(CONFIG_ZEPHYR_TRY_MASS_ERASE) + board_runner_args(dfu-util "--dfuse-modifiers=force:mass-erase") + board_runner_args(pyocd "--flash-opt=-e=chip") + board_runner_args(nrfjprog "--erase") + endif() +endmacro() diff --git a/zephyr/module.yml b/zephyr/module.yml index 3a14210070..e2372e2d4b 100644 --- a/zephyr/module.yml +++ b/zephyr/module.yml @@ -1,5 +1,12 @@ +# Copyright (c) 2019-2021 Nordic Semiconductor ASA +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + name: mcuboot samples: - boot/zephyr + - zephyr/samples build: - cmake: ./boot/bootutil/zephyr + cmake: ./zephyr + kconfig: ./zephyr/Kconfig diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/CMakeLists.txt b/zephyr/samples/modules/mcuboot/mcuboot_external_config/CMakeLists.txt new file mode 100644 index 0000000000..9403096b1f --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/CMakeLists.txt @@ -0,0 +1,19 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# SPDX-License-Identifier: Apache-2.0 + +cmake_minimum_required(VERSION 3.20.0) + +# NOTE: ${ZEPHYR_MCUBOOT_MODULE_DIR} requires delayed evaluation, +# as it has not yet been defined. Relative paths must be used at this point. +include(${CMAKE_CURRENT_LIST_DIR}/../../../../cmake/mcuboot_zephyr_runner_mass_erase.cmake) + +# find_package(Zephyr) in order to load application boilerplate: +# http://docs.zephyrproject.org/application/application.html +find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) +project(mcuboot_exernal_config) + +target_sources(app PRIVATE + keys.c + ) + +include(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/cmake/mcuboot_signature_key_file_generation.cmake) diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/README.rst b/zephyr/samples/modules/mcuboot/mcuboot_external_config/README.rst new file mode 100644 index 0000000000..c9eb40cadb --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/README.rst @@ -0,0 +1,30 @@ +.. _mcuboot_external_config: + +MCUBoot External Config +####################### + +Overview +******** + +A simple sample illustrating how to configure from a different module +an MCUBoot image, using local keys and certificates. + +NOTE: This references ``${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr`` +for most configuration files for the verified set of boards. Other +board configuration files will need to be provided locally. + +Building and Running +******************** + +This application can be built and executed on QEMU as follows: + +.. code-block:: console + + west build -b nrf52840dk_nrf52840 \ + bootloader/mcuboot/samples/modules/mcuboot/mcuboot_external_config + + +Sample Output +============= + +None. diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/app.overlay b/zephyr/samples/modules/mcuboot/mcuboot_external_config/app.overlay new file mode 100644 index 0000000000..74d3dfbfd2 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/app.overlay @@ -0,0 +1,5 @@ +/ { + chosen { + zephyr,code-partition = &boot_partition; + }; +}; diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/actinius_icarus.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/actinius_icarus.conf new file mode 100644 index 0000000000..ae2fa1e428 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/actinius_icarus.conf @@ -0,0 +1,8 @@ +# Disable Zephyr console +CONFIG_CONSOLE=n + +# MCUBoot settings +CONFIG_BOOT_MAX_IMG_SECTORS=256 + +# MCUboot serial recovery +CONFIG_MCUBOOT_SERIAL=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/bl5340_dvk_cpuapp.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/bl5340_dvk_cpuapp.conf new file mode 100644 index 0000000000..00a8dfb461 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/bl5340_dvk_cpuapp.conf @@ -0,0 +1,6 @@ +CONFIG_MULTITHREADING=y +# Enable QSPI (MX25R64) - Slot 1 in QSPI +CONFIG_NORDIC_QSPI_NOR=y +CONFIG_NORDIC_QSPI_NOR_FLASH_LAYOUT_PAGE_SIZE=4096 +CONFIG_NORDIC_QSPI_NOR_STACK_WRITE_BUFFER_SIZE=4 +CONFIG_BOOT_MAX_IMG_SECTORS=256 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/circuitdojo_feather_nrf9160.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/circuitdojo_feather_nrf9160.conf new file mode 100644 index 0000000000..656239c81d --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/circuitdojo_feather_nrf9160.conf @@ -0,0 +1,16 @@ +# Disable Zephyr console +CONFIG_CONSOLE=n + +# Multithreading +CONFIG_MULTITHREADING=y + +# MCUBoot settings +CONFIG_BOOT_MAX_IMG_SECTORS=256 + +# MCUboot serial recovery +CONFIG_MCUBOOT_SERIAL=y +CONFIG_BOOT_SERIAL_DETECT_DELAY=450 +CONFIG_MCUBOOT_INDICATION_LED=y + +# Size of mcuboot partition +CONFIG_SIZE_OPTIMIZATIONS=y \ No newline at end of file diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/conexio_stratus.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/conexio_stratus.conf new file mode 100644 index 0000000000..6bc5f8cd0c --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/conexio_stratus.conf @@ -0,0 +1,21 @@ +# Disable Zephyr console +CONFIG_CONSOLE=n +CONFIG_CONSOLE_HANDLER=n +CONFIG_UART_CONSOLE=n + +# Multithreading +CONFIG_MULTITHREADING=y + +# MCUBoot settings +CONFIG_BOOT_MAX_IMG_SECTORS=256 + +# MCUboot serial recovery +CONFIG_MCUBOOT_SERIAL=y +CONFIG_BOOT_SERIAL_DETECT_PORT="GPIO_0" +CONFIG_BOOT_SERIAL_DETECT_PIN=12 +CONFIG_BOOT_SERIAL_DETECT_PIN_VAL=0 +CONFIG_BOOT_SERIAL_DETECT_DELAY=450 +CONFIG_MCUBOOT_INDICATION_LED=y + +# Size of mcuboot partition +CONFIG_SIZE_OPTIMIZATIONS=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/disco_l475_iot1.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/disco_l475_iot1.conf new file mode 100644 index 0000000000..cbf3886be3 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/disco_l475_iot1.conf @@ -0,0 +1,2 @@ +CONFIG_BOOT_MAX_IMG_SECTORS=256 +CONFIG_WATCHDOG=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/flash_sim_driver.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/flash_sim_driver.conf new file mode 100644 index 0000000000..7e5e58eca3 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/flash_sim_driver.conf @@ -0,0 +1,2 @@ +CONFIG_FLASH_SIMULATOR=y +CONFIG_FLASH_SIMULATOR_UNALIGNED_READ=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/frdm_k64f.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/frdm_k64f.conf new file mode 100644 index 0000000000..80e211dced --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/frdm_k64f.conf @@ -0,0 +1 @@ +CONFIG_WATCHDOG=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/intel_s1000_crb.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/intel_s1000_crb.conf new file mode 100644 index 0000000000..ab2bfd6922 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/intel_s1000_crb.conf @@ -0,0 +1,4 @@ +CONFIG_DEBUG=n +CONFIG_I2C=n +CONFIG_BOOT_MAX_IMG_SECTORS=512 +CONFIG_BOOT_WAIT_FOR_USB_DFU=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/intel_s1000_crb.overlay b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/intel_s1000_crb.overlay new file mode 100644 index 0000000000..61f0d436c9 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/intel_s1000_crb.overlay @@ -0,0 +1,13 @@ +/* + * Copyright (c) 2018 Intel Corporation + * + * SPDX-License-Identifier: Apache-2.0 + */ +/ { + sram0: memory@be000000 { + device_type = "memory"; + compatible = "mmio-sram"; + reg = <0xbe000000 0x30000>; + }; +}; + diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1020_evk.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1020_evk.conf new file mode 100644 index 0000000000..37ed5f87d4 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1020_evk.conf @@ -0,0 +1,4 @@ +# Copyright 2021 NXP +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=1024 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1024_evk.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1024_evk.conf new file mode 100644 index 0000000000..22e3320cbb --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1024_evk.conf @@ -0,0 +1,4 @@ +# Copyright (c) 2021 Prevas A/S +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=512 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1050_evk_qspi.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1050_evk_qspi.conf new file mode 100644 index 0000000000..7850953a39 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1050_evk_qspi.conf @@ -0,0 +1,5 @@ +# Copyright 2021-2022 NXP +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=1024 +CONFIG_BOOT_ERASE_PROGRESSIVELY=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1060_evk.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1060_evk.conf new file mode 100644 index 0000000000..7850953a39 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1060_evk.conf @@ -0,0 +1,5 @@ +# Copyright 2021-2022 NXP +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=1024 +CONFIG_BOOT_ERASE_PROGRESSIVELY=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1060_evkb.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1060_evkb.conf new file mode 100644 index 0000000000..7850953a39 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1060_evkb.conf @@ -0,0 +1,5 @@ +# Copyright 2021-2022 NXP +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=1024 +CONFIG_BOOT_ERASE_PROGRESSIVELY=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1064_evk.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1064_evk.conf new file mode 100644 index 0000000000..1c50bc9f6a --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1064_evk.conf @@ -0,0 +1,4 @@ +# Copyright 2021 NXP +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=512 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1160_evk_cm7.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1160_evk_cm7.conf new file mode 100644 index 0000000000..480796d09c --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1160_evk_cm7.conf @@ -0,0 +1,7 @@ +# Copyright 2022 NXP +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=1024 +CONFIG_BOOT_ERASE_PROGRESSIVELY=y +# Move swap provides better wear levelling, so use it by default +CONFIG_BOOT_SWAP_USING_MOVE=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1170_evk_cm7.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1170_evk_cm7.conf new file mode 100644 index 0000000000..480796d09c --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt1170_evk_cm7.conf @@ -0,0 +1,7 @@ +# Copyright 2022 NXP +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=1024 +CONFIG_BOOT_ERASE_PROGRESSIVELY=y +# Move swap provides better wear levelling, so use it by default +CONFIG_BOOT_SWAP_USING_MOVE=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt685_evk_cm33.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt685_evk_cm33.conf new file mode 100644 index 0000000000..f93c663d7d --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/mimxrt685_evk_cm33.conf @@ -0,0 +1,4 @@ +# Copyright 2021 NXP +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=8192 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf51dk_nrf51422.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf51dk_nrf51422.conf new file mode 100644 index 0000000000..bd4eaac8dd --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf51dk_nrf51422.conf @@ -0,0 +1,6 @@ +# Due the small boot partition, we can't enable logging or the debug +# optimization level out off the box. You need to increase the boot +# partition size with a zephyr DTS overlay to make MCUboot's debug +# builds fit. +CONFIG_LOG=n +CONFIG_SIZE_OPTIMIZATIONS=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840_big.overlay b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840_big.overlay new file mode 100644 index 0000000000..8ad19fca28 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840_big.overlay @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2020 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/delete-node/ &boot_partition; +/delete-node/ &slot0_partition; +/delete-node/ &slot1_partition; + +&flash0 { + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + boot_partition: partition@0 { + label = "mcuboot"; + reg = <0x000000000 0x00010000>; + }; + slot0_partition: partition@10000 { + label = "image-0"; + reg = <0x000010000 0x000074000>; + }; + slot1_partition: partition@75000 { + label = "image-1"; + reg = <0x00084000 0x000074000>; + }; + }; +}; + +&zephyr_udc0 { + cdc_acm_uart0 { + compatible = "zephyr,cdc-acm-uart"; + }; +}; diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840_single_slot.overlay b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840_single_slot.overlay new file mode 100644 index 0000000000..8e7cc333c4 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840_single_slot.overlay @@ -0,0 +1,26 @@ +/* + * Copyright (c) 2020 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/delete-node/ &boot_partition; +/delete-node/ &slot0_partition; +/delete-node/ &slot1_partition; + +&flash0 { + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + boot_partition: partition@0 { + label = "mcuboot"; + reg = <0x000000000 0x00010000>; + }; + slot0_partition: partition@10000 { + label = "image-0"; + reg = <0x000010000 0x0000E8000>; + }; + }; +}; diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_hooks_sample_overlay.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_hooks_sample_overlay.conf new file mode 100644 index 0000000000..fd336db8b9 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_hooks_sample_overlay.conf @@ -0,0 +1,6 @@ +CONFIG_UPDATEABLE_IMAGE_NUMBER=2 + +CONFIG_FLASH_SIMULATOR=y +CONFIG_FLASH_SIMULATOR_UNALIGNED_READ=y + +CONFIG_BOOT_IMAGE_ACCESS_HOOKS=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_nrf52840.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_nrf52840.conf new file mode 100644 index 0000000000..3bd75a29d6 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_nrf52840.conf @@ -0,0 +1,2 @@ +# Ensure that the qspi driver is disabled by default +CONFIG_NORDIC_QSPI_NOR=n diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_nor.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_nor.conf new file mode 100644 index 0000000000..3205eafd60 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_nor.conf @@ -0,0 +1,3 @@ +CONFIG_NORDIC_QSPI_NOR=y +CONFIG_NORDIC_QSPI_NOR_FLASH_LAYOUT_PAGE_SIZE=4096 +CONFIG_NORDIC_QSPI_NOR_STACK_WRITE_BUFFER_SIZE=16 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_nor_secondary.overlay b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_nor_secondary.overlay new file mode 100644 index 0000000000..7c9a87c32e --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_nor_secondary.overlay @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2020 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/delete-node/ &boot_partition; +/delete-node/ &slot0_partition; +/delete-node/ &slot1_partition; +/delete-node/ &scratch_partition; + +&flash0 { + partitions { + boot_partition: partition@0 { + label = "mcuboot"; + reg = <0x000000000 0x00010000>; + }; + slot0_partition: partition@10000 { + label = "image-0"; + reg = <0x000010000 0x0000e8000>; + }; + }; +}; + +&mx25r64 { + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + slot1_partition: partition@0 { + label = "image-1"; + reg = <0x000000000 0x0000e8000>; + }; + }; +}; diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_secondary_boot.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_secondary_boot.conf new file mode 100644 index 0000000000..9f984be4fe --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_qspi_secondary_boot.conf @@ -0,0 +1,2 @@ +CONFIG_MULTITHREADING=y +CONFIG_BOOT_MAX_IMG_SECTORS=256 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_ram.overlay b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_ram.overlay new file mode 100644 index 0000000000..d489e97e73 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_ram.overlay @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2021 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/delete-node/ &slot1_partition; +/delete-node/ &slot0_partition; +/delete-node/ &boot_partition; + +&flash0 { + partitions { + boot_partition: partition@0 { + label = "mcuboot"; + reg = <0x000000000 0x00010000>; + }; + slot0_partition: partition@10000 { + label = "image-0"; + reg = <0x000010000 0x00000A000>; + }; + }; +}; + +/ { + soc { + flash_controller2: flash-controller@2 { + compatible = "zephyr,sim-flash"; + reg = <0x00000000 DT_SIZE_K(40)>; + + #address-cells = <1>; + #size-cells = <1>; + erase-value = <0xff>; + + flash_sim0: flash_sim@0 { + status = "okay"; + compatible = "soc-nv-flash"; + erase-block-size = <4096>; + write-block-size = <1>; + reg = <0x00000000 DT_SIZE_K(40)>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + slot1_partition: partition@0 { + label = "image-1"; + reg = <0x00000000 0x00000A000>; + }; + }; + }; + }; + }; +}; diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_ram_multi.overlay b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_ram_multi.overlay new file mode 100644 index 0000000000..aeb0b05b42 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dk_ram_multi.overlay @@ -0,0 +1,62 @@ +/* + * Copyright (c) 2021 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/delete-node/ &slot1_partition; +/delete-node/ &slot0_partition; +/delete-node/ &boot_partition; + +&flash0 { + partitions { + boot_partition: partition@0 { + label = "mcuboot"; + reg = <0x000000000 0x00010000>; + }; + slot0_partition: partition@10000 { + label = "image-0"; + reg = <0x000010000 0x00000A000>; + }; + slot1_partition: partition@1A000 { + label = "image-1"; + reg = <0x00001A000 0x00000A000>; + }; + slot3_partition: partition@24000 { + label = "image-3"; + reg = <0x000024000 0x00000A000>; + }; + }; +}; + +/ { + soc { + flash_controller2: flash-controller@2 { + compatible = "zephyr,sim-flash"; + reg = <0x00000000 DT_SIZE_K(40)>; + + #address-cells = <1>; + #size-cells = <1>; + erase-value = <0xff>; + + flash_sim0: flash_sim@0 { + status = "okay"; + compatible = "soc-nv-flash"; + erase-block-size = <4096>; + write-block-size = <1>; + reg = <0x00000000 DT_SIZE_K(40)>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + slot2_partition: partition@0 { + label = "image-2"; + reg = <0x00000000 0x00000A000>; + }; + }; + }; + }; + }; +}; diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dongle_nrf52840.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dongle_nrf52840.conf new file mode 100644 index 0000000000..c1a9384471 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52840dongle_nrf52840.conf @@ -0,0 +1,31 @@ +# The UART is used for Serial Recovery, so logging requires +# an RTT console, which is not available out of the box on this board. +# Disable logging. +CONFIG_LOG=n + +# The build won't fit on the partition allocated for it without size +# optimizations. +CONFIG_SIZE_OPTIMIZATIONS=y + +# Serial +CONFIG_SERIAL=y +CONFIG_UART_NRFX=y +CONFIG_UART_INTERRUPT_DRIVEN=y +CONFIG_UART_LINE_CTRL=y + +# MCUBoot serial +CONFIG_GPIO=y +CONFIG_MCUBOOT_SERIAL=y +CONFIG_BOOT_SERIAL_CDC_ACM=y + +# Required by USB +CONFIG_MULTITHREADING=y + +# USB +CONFIG_USB_DEVICE_STACK=y +CONFIG_USB_DEVICE_REMOTE_WAKEUP=n +CONFIG_USB_DEVICE_PRODUCT="MCUBOOT" +CONFIG_USB_COMPOSITE_DEVICE=n +CONFIG_USB_MASS_STORAGE=n + +CONFIG_NORDIC_QSPI_NOR=n diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52_minimal_footprint.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52_minimal_footprint.conf new file mode 100644 index 0000000000..c315b441a2 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/nrf52_minimal_footprint.conf @@ -0,0 +1,65 @@ +# Minimal MCUBoot flash footprint configuration +# for nRF52832 SoC targets +# This is not recomendet configuration because of security and reliability +# reasons. + + +# Generated by Kconfiglib (https://github.com/ulfalizer/Kconfiglib) +CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=y +CONFIG_BOOT_SIGNATURE_KEY_FILE="root-ec-p256.pem" + +# In any real project CONFIG_BOOT_VALIDATE_SLOT0 enabling is recommended +# by security reason. +# CONFIG_BOOT_VALIDATE_SLOT0 is not set + +# In most of projects CONFIG_BOOT_UPGRADE_ONLY disabling is recommended +# by reliability reason. +CONFIG_BOOT_UPGRADE_ONLY=y + +# CONFIG_ZEPHYR_TRY_MASS_ERASE is not set +# CONFIG_BOARD_ENABLE_DCDC is not set +CONFIG_SOC_SERIES_NRF52X=y +CONFIG_SOC_NRF52832_QFAA=y +CONFIG_ARM=y +CONFIG_ARM_MPU=n +CONFIG_MAIN_STACK_SIZE=10240 +CONFIG_THREAD_STACK_INFO=n +# CONFIG_TICKLESS_KERNEL is not set +CONFIG_FLASH=y + +CONFIG_CONSOLE=n +CONFIG_DEBUG=n +CONFIG_EARLY_CONSOLE=n +CONFIG_PRINTK=n + +CONFIG_SYS_CLOCK_EXISTS=n + +# Drivers and peripherals +CONFIG_I2C=n +CONFIG_WATCHDOG=n +CONFIG_GPIO=n +CONFIG_PINMUX=n +CONFIG_SPI=n +CONFIG_SERIAL=n + +# Power management +CONFIG_PM=n + +# Interrupts +CONFIG_DYNAMIC_INTERRUPTS=n +CONFIG_IRQ_OFFLOAD=n + +# Memory protection +CONFIG_MEMORY_PROTECTION=n +CONFIG_THREAD_CUSTOM_DATA=n +CONFIG_FPU=n + +# Boot +CONFIG_BOOT_BANNER=n +CONFIG_BOOT_DELAY=0 + +# Console +CONFIG_STDOUT_CONSOLE=n + +# Build +CONFIG_SIZE_OPTIMIZATIONS=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/pinnacle_100_dvk.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/pinnacle_100_dvk.conf new file mode 100644 index 0000000000..00a8dfb461 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/pinnacle_100_dvk.conf @@ -0,0 +1,6 @@ +CONFIG_MULTITHREADING=y +# Enable QSPI (MX25R64) - Slot 1 in QSPI +CONFIG_NORDIC_QSPI_NOR=y +CONFIG_NORDIC_QSPI_NOR_FLASH_LAYOUT_PAGE_SIZE=4096 +CONFIG_NORDIC_QSPI_NOR_STACK_WRITE_BUFFER_SIZE=4 +CONFIG_BOOT_MAX_IMG_SECTORS=256 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/sparkfun_thing_plus_nrf9160.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/sparkfun_thing_plus_nrf9160.conf new file mode 100644 index 0000000000..656239c81d --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/sparkfun_thing_plus_nrf9160.conf @@ -0,0 +1,16 @@ +# Disable Zephyr console +CONFIG_CONSOLE=n + +# Multithreading +CONFIG_MULTITHREADING=y + +# MCUBoot settings +CONFIG_BOOT_MAX_IMG_SECTORS=256 + +# MCUboot serial recovery +CONFIG_MCUBOOT_SERIAL=y +CONFIG_BOOT_SERIAL_DETECT_DELAY=450 +CONFIG_MCUBOOT_INDICATION_LED=y + +# Size of mcuboot partition +CONFIG_SIZE_OPTIMIZATIONS=y \ No newline at end of file diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/thingy53_nrf5340_cpuapp.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/thingy53_nrf5340_cpuapp.conf new file mode 100644 index 0000000000..cde9d45b0e --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/thingy53_nrf5340_cpuapp.conf @@ -0,0 +1,72 @@ +CONFIG_SIZE_OPTIMIZATIONS=y + +CONFIG_SYSTEM_CLOCK_NO_WAIT=y +CONFIG_PM=n + +CONFIG_MAIN_STACK_SIZE=10240 +CONFIG_MBEDTLS_CFG_FILE="mcuboot-mbedtls-cfg.h" + +CONFIG_BOOT_MAX_IMG_SECTORS=2048 +CONFIG_BOOT_SIGNATURE_TYPE_RSA=y + +# Flash +CONFIG_FLASH=y +CONFIG_BOOT_ERASE_PROGRESSIVELY=y +CONFIG_SOC_FLASH_NRF_EMULATE_ONE_BYTE_WRITE_ACCESS=y +CONFIG_FPROTECT=y + +# Serial +CONFIG_SERIAL=y +CONFIG_UART_LINE_CTRL=y + +# MCUBoot serial +CONFIG_GPIO=y +CONFIG_MCUBOOT_SERIAL=y +CONFIG_MCUBOOT_SERIAL_DIRECT_IMAGE_UPLOAD=y +CONFIG_BOOT_SERIAL_CDC_ACM=y + +# Required by QSPI +CONFIG_NORDIC_QSPI_NOR=y +CONFIG_NORDIC_QSPI_NOR_FLASH_LAYOUT_PAGE_SIZE=4096 +CONFIG_NORDIC_QSPI_NOR_STACK_WRITE_BUFFER_SIZE=16 + +# Required by USB and QSPI +CONFIG_MULTITHREADING=y + +# USB +CONFIG_USB_DEVICE_REMOTE_WAKEUP=n +CONFIG_USB_DEVICE_MANUFACTURER="Nordic Semiconductor ASA" +CONFIG_USB_DEVICE_PRODUCT="Bootloader Thingy:53" +CONFIG_USB_DEVICE_VID=0x1915 +CONFIG_USB_DEVICE_PID=0x5300 +CONFIG_USB_CDC_ACM=y + +# Decrease memory footprint +CONFIG_CBPRINTF_NANO=y +CONFIG_TIMESLICING=n +CONFIG_BOOT_BANNER=n +CONFIG_CONSOLE=n +CONFIG_CONSOLE_HANDLER=n +CONFIG_UART_CONSOLE=n +CONFIG_USE_SEGGER_RTT=n +CONFIG_LOG=n +CONFIG_ERRNO=n +CONFIG_PRINTK=n +CONFIG_RESET_ON_FATAL_ERROR=n +CONFIG_SPI=n +CONFIG_I2C=n +CONFIG_UART_NRFX=n + +# The following configurations are required to support simultaneous multi image update +CONFIG_PCD_APP=y +CONFIG_UPDATEABLE_IMAGE_NUMBER=2 +CONFIG_BOOT_UPGRADE_ONLY=y +# The network core cannot access external flash directly. The flash simulator must be used to +# provide a memory region that is used to forward the new firmware to the network core. +CONFIG_FLASH_SIMULATOR=y +CONFIG_FLASH_SIMULATOR_DOUBLE_WRITES=y +CONFIG_FLASH_SIMULATOR_STATS=n + +# Enable custom command to erase settings partition. +CONFIG_ENABLE_MGMT_PERUSER=y +CONFIG_BOOT_MGMT_CUSTOM_STORAGE_ERASE=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/tlsr9518adk80d.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/tlsr9518adk80d.conf new file mode 100644 index 0000000000..d0f5330829 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/boards/tlsr9518adk80d.conf @@ -0,0 +1,4 @@ +# Copyright 2022 Telink Semiconductor +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_BOOT_MAX_IMG_SECTORS=4096 diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/hooks_sample.c b/zephyr/samples/modules/mcuboot/mcuboot_external_config/hooks_sample.c new file mode 100644 index 0000000000..baa2b7552e --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/hooks_sample.c @@ -0,0 +1,95 @@ +/* + * Copyright (c) 2021 Nordic Semiconductor ASA + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include "bootutil/image.h" +#include "bootutil/bootutil.h" +#include "bootutil/fault_injection_hardening.h" +#include "flash_map_backend/flash_map_backend.h" + +/* @retval 0: header was read/populated + * FIH_FAILURE: image is invalid, + * BOOT_HOOK_REGULAR if hook not implemented for the image-slot, + * othervise an error-code value. + */ +int boot_read_image_header_hook(int img_index, int slot, + struct image_header *img_hed) +{ + if (img_index == 1 && slot == 0) { + img_hed->ih_magic = IMAGE_MAGIC; + return 0; + } + + return BOOT_HOOK_REGULAR; +} + +/* @retval FIH_SUCCESS: image is valid, + * FIH_FAILURE: image is invalid, + * fih encoded BOOT_HOOK_REGULAR if hook not implemented for + * the image-slot. + */ +fih_int boot_image_check_hook(int img_index, int slot) +{ + if (img_index == 1 && slot == 0) { + FIH_RET(FIH_SUCCESS); + } + + FIH_RET(fih_int_encode(BOOT_HOOK_REGULAR)); +} + +int boot_perform_update_hook(int img_index, struct image_header *img_head, + const struct flash_area *area) +{ + if (img_index == 1) { + return 0; + } + + return BOOT_HOOK_REGULAR; +} + +int boot_read_swap_state_primary_slot_hook(int image_index, + struct boot_swap_state *state) +{ + if (image_index == 1) { + state->magic = BOOT_MAGIC_UNSET; + state->swap_type = BOOT_SWAP_TYPE_NONE; + state->image_num = image_index ; // ? + state->copy_done = BOOT_FLAG_UNSET; + state->image_ok = BOOT_FLAG_UNSET; + + return 0; + } + + return BOOT_HOOK_REGULAR; +} + +int boot_copy_region_post_hook(int img_index, const struct flash_area *area, + size_t size) +{ + return 0; +} + +int boot_serial_uploaded_hook(int img_index, const struct flash_area *area, + size_t size) +{ + return 0; +} + +int boot_img_install_stat_hook(int image_index, int slot, int *img_install_stat) +{ + return BOOT_HOOK_REGULAR; +} diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/keys.c b/zephyr/samples/modules/mcuboot/mcuboot_external_config/keys.c new file mode 100644 index 0000000000..b7a9edf791 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/keys.c @@ -0,0 +1,209 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +#include + +/* + * Even though this is in principle a Zephyr-specific file, the + * simulator builds it and uses it as well. Because of that, we can't + * use Kconfig symbols for key types, and have to rely on the MCUBoot + * symbols (which Zephyr provides via this header, and the simulator + * provides via the compiler command line). + */ +#include + +#if !defined(MCUBOOT_HW_KEY) +#if defined(MCUBOOT_SIGN_RSA) +#define HAVE_KEYS +extern const unsigned char rsa_pub_key[]; +extern unsigned int rsa_pub_key_len; +#elif defined(MCUBOOT_SIGN_EC256) +#define HAVE_KEYS +extern const unsigned char ecdsa_pub_key[]; +extern unsigned int ecdsa_pub_key_len; +#elif defined(MCUBOOT_SIGN_ED25519) +#define HAVE_KEYS +extern const unsigned char ed25519_pub_key[]; +extern unsigned int ed25519_pub_key_len; +#endif + +/* + * NOTE: *_pub_key and *_pub_key_len are autogenerated based on the provided + * key file. If no key file was configured, the array and length must be + * provided and added to the build manually. + */ +#if defined(HAVE_KEYS) +const struct bootutil_key bootutil_keys[] = { + { +#if defined(MCUBOOT_SIGN_RSA) + .key = rsa_pub_key, + .len = &rsa_pub_key_len, +#elif defined(MCUBOOT_SIGN_EC256) + .key = ecdsa_pub_key, + .len = &ecdsa_pub_key_len, +#elif defined(MCUBOOT_SIGN_ED25519) + .key = ed25519_pub_key, + .len = &ed25519_pub_key_len, +#endif + }, +}; +const int bootutil_key_cnt = 1; +#endif /* HAVE_KEYS */ +#else +unsigned int pub_key_len; +struct bootutil_key bootutil_keys[1] = { + { + .key = 0, + .len = &pub_key_len, + } +}; +const int bootutil_key_cnt = 1; +#endif /* !MCUBOOT_HW_KEY */ + +#if defined(MCUBOOT_ENCRYPT_RSA) +unsigned char enc_priv_key[] = { + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, + 0xb4, 0x26, 0x14, 0x49, 0x3d, 0x16, 0x13, 0x3a, 0x6d, 0x9c, 0x84, 0xa9, + 0x8b, 0x6a, 0x10, 0x20, 0x61, 0xef, 0x48, 0x04, 0xa4, 0x4b, 0x24, 0xf3, + 0x00, 0x32, 0xac, 0x22, 0xe0, 0x30, 0x27, 0x70, 0x18, 0xe5, 0x55, 0xc8, + 0xb8, 0x05, 0x34, 0x03, 0xb0, 0xf8, 0xa5, 0x96, 0xd2, 0x48, 0x58, 0xef, + 0x70, 0xb0, 0x09, 0xdb, 0xe3, 0x58, 0x62, 0xef, 0x99, 0x63, 0x01, 0xb2, + 0x89, 0xc4, 0xb3, 0xf6, 0x9e, 0x62, 0xbf, 0x4d, 0xc2, 0x8a, 0xd0, 0xc9, + 0x4d, 0x43, 0xa3, 0xd8, 0xe5, 0x1d, 0xec, 0x62, 0x63, 0x08, 0xe2, 0x20, + 0xa5, 0xfc, 0x78, 0xd0, 0x3e, 0x74, 0xc8, 0xa4, 0x1b, 0x36, 0xad, 0x7b, + 0xf5, 0x06, 0xae, 0x4d, 0x51, 0x9b, 0x40, 0xce, 0x30, 0x4f, 0x6c, 0xea, + 0xf9, 0xe9, 0x74, 0xea, 0x06, 0xee, 0x9c, 0xe4, 0x14, 0x68, 0x20, 0xb9, + 0x3d, 0xe7, 0x11, 0x14, 0x8b, 0x25, 0xa3, 0xff, 0x4c, 0x8a, 0xf3, 0x53, + 0xee, 0x6b, 0x3e, 0xef, 0x34, 0xcd, 0x6a, 0x3f, 0x62, 0x68, 0xc0, 0xff, + 0x78, 0x4c, 0xb0, 0xc3, 0xe6, 0x96, 0x61, 0xfc, 0x1f, 0x18, 0xf1, 0x7a, + 0x82, 0xe2, 0x8f, 0x35, 0xa8, 0x2b, 0x86, 0x16, 0xa4, 0x46, 0xfb, 0xac, + 0x7e, 0x41, 0xdb, 0x02, 0x05, 0x91, 0x6d, 0xdf, 0xc1, 0xde, 0x13, 0x95, + 0x9c, 0xf9, 0x9e, 0x5e, 0x72, 0xba, 0xa7, 0x25, 0x93, 0xfb, 0xdc, 0xe8, + 0xab, 0x86, 0x45, 0x88, 0x47, 0x2d, 0xed, 0xee, 0xee, 0x97, 0x9e, 0xce, + 0x5d, 0x9b, 0x04, 0x04, 0x40, 0x7c, 0xcb, 0x7c, 0x3d, 0x2c, 0x74, 0xab, + 0xa4, 0xcc, 0x64, 0xa3, 0x5c, 0x95, 0x3d, 0xd4, 0xa2, 0xdc, 0x92, 0xb2, + 0xc8, 0x18, 0xcb, 0xf9, 0x00, 0x39, 0x81, 0x8f, 0x8f, 0x40, 0xc2, 0xdf, + 0x99, 0x29, 0xac, 0x8a, 0xc2, 0x3b, 0xd8, 0xa4, 0xf2, 0xad, 0xaf, 0x74, + 0xc0, 0x11, 0xc7, 0x99, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, + 0x00, 0x42, 0x47, 0x80, 0x4f, 0x31, 0xda, 0x5d, 0x58, 0xb1, 0xdb, 0x54, + 0x33, 0xcc, 0xc7, 0x49, 0x07, 0xa1, 0x00, 0x98, 0x4e, 0x9c, 0xe3, 0xc8, + 0xc4, 0x5e, 0xde, 0x45, 0xd6, 0xcf, 0x04, 0xe8, 0x7d, 0xa5, 0xab, 0x3a, + 0xd4, 0x8e, 0x5f, 0xdb, 0xb3, 0x3f, 0xf9, 0x3b, 0x73, 0x32, 0x0a, 0xcc, + 0x2d, 0xcc, 0x17, 0xf8, 0x88, 0x9e, 0x2c, 0x76, 0xba, 0x10, 0x85, 0x0c, + 0xaa, 0xd3, 0x65, 0x3b, 0x91, 0x10, 0xd4, 0xe3, 0xed, 0x88, 0x15, 0xea, + 0x9b, 0x25, 0x82, 0x2d, 0x56, 0x2f, 0x75, 0xc2, 0xf2, 0xaf, 0xdd, 0x24, + 0xd5, 0x3e, 0x3c, 0x95, 0x76, 0x88, 0x84, 0x0f, 0x0d, 0xd1, 0xb5, 0x5c, + 0x3e, 0xae, 0xf7, 0xb6, 0x49, 0x5c, 0x2c, 0xf2, 0xba, 0xe9, 0xab, 0x4f, + 0x37, 0x64, 0x9b, 0x30, 0x18, 0xaa, 0x54, 0x40, 0x04, 0xea, 0x3d, 0x25, + 0x4d, 0x02, 0x29, 0x71, 0x6f, 0x4d, 0x82, 0x9b, 0xc3, 0x44, 0x2a, 0x9d, + 0x0c, 0x98, 0xd3, 0xc8, 0x15, 0x0d, 0x04, 0x93, 0x60, 0x30, 0xc7, 0x5e, + 0x79, 0xea, 0x53, 0x9d, 0xc0, 0x0e, 0x81, 0xac, 0x90, 0xbc, 0x9e, 0x1e, + 0xd2, 0x28, 0x0f, 0x10, 0xf5, 0x1f, 0xdf, 0x38, 0x7f, 0x8a, 0x90, 0x8d, + 0x49, 0x07, 0x7d, 0x78, 0xcb, 0xa7, 0xef, 0x92, 0x6d, 0x3b, 0x13, 0x95, + 0x9b, 0xba, 0x83, 0xc6, 0xb3, 0x71, 0x25, 0x27, 0x07, 0x99, 0x54, 0x82, + 0x3d, 0xec, 0xc5, 0xf8, 0xb4, 0xa0, 0x38, 0x7a, 0x59, 0x6a, 0x0b, 0xca, + 0x69, 0x6c, 0x17, 0xa4, 0x18, 0xe0, 0xb4, 0xaa, 0x89, 0x99, 0x8f, 0xcb, + 0x71, 0x34, 0x09, 0x1b, 0x6e, 0xe6, 0x87, 0x00, 0xb5, 0xba, 0x70, 0x8a, + 0x29, 0x3d, 0x9a, 0x06, 0x18, 0x2d, 0x66, 0x5e, 0x61, 0x37, 0xeb, 0xdd, + 0x5e, 0xc8, 0x28, 0x92, 0x05, 0x30, 0xfd, 0xb8, 0x65, 0xb1, 0x7f, 0xbf, + 0x2d, 0x55, 0x12, 0x91, 0xc1, 0x02, 0x81, 0x81, 0x00, 0xda, 0x65, 0xda, + 0x38, 0x7c, 0x18, 0xfb, 0x00, 0x11, 0x60, 0xeb, 0x37, 0x65, 0xb8, 0x83, + 0x62, 0x88, 0xc4, 0x3a, 0x4e, 0x64, 0x6a, 0xf3, 0x3e, 0x4e, 0xc0, 0x34, + 0x19, 0x8a, 0xcb, 0x4a, 0xca, 0x2f, 0x5d, 0x50, 0x7a, 0xac, 0xf7, 0x9e, + 0x87, 0x5a, 0xfc, 0x4d, 0x49, 0xd7, 0xf9, 0x21, 0xf5, 0x0b, 0x6f, 0x57, + 0x41, 0x3d, 0x8f, 0xb8, 0xec, 0x7f, 0xcc, 0x92, 0x09, 0xbe, 0xd3, 0xa4, + 0xc3, 0x14, 0x85, 0x21, 0x5d, 0x05, 0xa3, 0xaa, 0x20, 0xf6, 0x62, 0x44, + 0x50, 0x03, 0x5e, 0x53, 0x4a, 0xcd, 0x6a, 0xb6, 0x65, 0x8e, 0x4e, 0x4b, + 0x3f, 0x25, 0xc6, 0x16, 0x31, 0xf5, 0x99, 0x13, 0x77, 0x42, 0xda, 0xdc, + 0x70, 0x4d, 0x65, 0xb0, 0x99, 0x0f, 0xdf, 0x5a, 0xb1, 0x45, 0xf0, 0xb9, + 0x8e, 0xa0, 0xae, 0x4f, 0x4d, 0x65, 0x09, 0x84, 0xb5, 0x38, 0x29, 0xbf, + 0x69, 0xe0, 0x88, 0x1f, 0x27, 0x02, 0x81, 0x81, 0x00, 0xd3, 0x2a, 0x59, + 0xec, 0x28, 0xc3, 0x0d, 0x4f, 0x92, 0x96, 0xca, 0x67, 0x94, 0xfc, 0x2e, + 0xa6, 0x86, 0x68, 0x45, 0x53, 0x92, 0xcc, 0x86, 0x7f, 0x8a, 0xe1, 0x5d, + 0xe8, 0x1d, 0x9e, 0xbb, 0x1e, 0x00, 0x26, 0x1d, 0x80, 0x12, 0xff, 0x9c, + 0x11, 0x0a, 0xbd, 0xa6, 0xc3, 0x8d, 0x48, 0xda, 0xfc, 0x10, 0xf7, 0x7a, + 0x16, 0x07, 0x15, 0xa0, 0x3a, 0xd3, 0x94, 0xfb, 0x52, 0x87, 0x39, 0xee, + 0xe7, 0xc4, 0x26, 0x49, 0x16, 0xc6, 0xc0, 0x83, 0x25, 0xbf, 0x6a, 0x4e, + 0x8c, 0x0b, 0x10, 0x85, 0x66, 0xab, 0x7e, 0xae, 0xac, 0x4c, 0x69, 0x3c, + 0x44, 0xeb, 0xcd, 0xe9, 0xf6, 0x64, 0x8b, 0x4a, 0xd8, 0x6a, 0x4d, 0x6d, + 0x47, 0xa9, 0xb8, 0x55, 0x72, 0xc1, 0xfd, 0xf4, 0x81, 0x4c, 0x66, 0xbe, + 0x49, 0xf2, 0x75, 0x4f, 0x80, 0xf1, 0x20, 0x38, 0xb8, 0x6a, 0x1b, 0x75, + 0x41, 0x30, 0x0f, 0x1b, 0x3f, 0x02, 0x81, 0x80, 0x09, 0x35, 0xfa, 0x7a, + 0x1f, 0x61, 0xbe, 0x54, 0x46, 0x67, 0x5c, 0x04, 0x3e, 0x1a, 0x06, 0x10, + 0x85, 0xcc, 0x20, 0xd9, 0x65, 0x8a, 0xcd, 0x2f, 0x77, 0x8a, 0xcb, 0xa7, + 0xb8, 0x1e, 0xd2, 0xcc, 0xac, 0x2a, 0xb7, 0x56, 0x35, 0x2d, 0x4c, 0x56, + 0x51, 0x14, 0x0a, 0xfe, 0x6e, 0x49, 0x67, 0x91, 0x3a, 0x26, 0x3b, 0xfb, + 0xd8, 0x68, 0xd3, 0x57, 0xc6, 0x1c, 0x0e, 0x9c, 0xb2, 0x9b, 0xa2, 0x7b, + 0x47, 0xc6, 0x45, 0x9d, 0xf2, 0xba, 0xf0, 0x55, 0xeb, 0x8e, 0x41, 0x6b, + 0x4e, 0x79, 0x0f, 0xf2, 0x3b, 0xaf, 0xa0, 0x79, 0xb0, 0x02, 0xc5, 0x51, + 0xa8, 0x7a, 0x2e, 0x3d, 0x75, 0x2a, 0x3b, 0x93, 0xf0, 0x11, 0xe2, 0xf2, + 0x29, 0x91, 0x7c, 0x5d, 0x38, 0x3a, 0x27, 0x4d, 0x0a, 0xb2, 0x18, 0x61, + 0x57, 0x8d, 0x82, 0x72, 0xb5, 0x2c, 0x2d, 0x98, 0xa7, 0x01, 0xbb, 0xbc, + 0xef, 0x67, 0x4e, 0x49, 0x02, 0x81, 0x81, 0x00, 0xb2, 0x70, 0x53, 0x54, + 0x70, 0x8d, 0x82, 0xad, 0xff, 0x1d, 0x55, 0x24, 0x7a, 0x8d, 0x2f, 0x8e, + 0xa0, 0x7d, 0x74, 0x37, 0xcf, 0x10, 0xed, 0x86, 0xd1, 0x80, 0xe7, 0xad, + 0xc1, 0x79, 0xe4, 0x7c, 0xd1, 0x7b, 0x63, 0xea, 0x5a, 0x23, 0x8d, 0x6a, + 0x09, 0x3d, 0x81, 0xb2, 0x35, 0xad, 0x9e, 0xfe, 0xea, 0x07, 0x76, 0x2f, + 0x2f, 0x05, 0x63, 0x44, 0xd2, 0x8e, 0x4e, 0x61, 0xca, 0xcb, 0x75, 0xca, + 0x7b, 0xc2, 0x2e, 0x79, 0x04, 0xb2, 0xa1, 0x20, 0x40, 0xc4, 0x40, 0x63, + 0xae, 0xe5, 0xe3, 0x14, 0x83, 0x4e, 0xa5, 0xa4, 0x0b, 0x5d, 0xd2, 0x04, + 0x1b, 0x8f, 0x01, 0x69, 0xa8, 0x44, 0xdc, 0x96, 0x4c, 0x1d, 0xe9, 0x7e, + 0x69, 0x38, 0xcf, 0x5c, 0x0d, 0xf9, 0xdf, 0xa7, 0x73, 0x3c, 0x4f, 0x08, + 0x85, 0xce, 0x03, 0xc4, 0xdd, 0xfd, 0x70, 0x70, 0xc5, 0x99, 0x36, 0x58, + 0x43, 0x98, 0x40, 0x59, 0x02, 0x81, 0x81, 0x00, 0xd5, 0xaa, 0xfb, 0xec, + 0x8d, 0xc6, 0xdd, 0xfa, 0x2b, 0x5a, 0x24, 0xd0, 0xda, 0x58, 0xbd, 0x87, + 0x92, 0x1a, 0x29, 0x62, 0x13, 0x1d, 0x4b, 0x79, 0x1b, 0xbe, 0x79, 0x7d, + 0xad, 0x79, 0xca, 0x17, 0x75, 0xda, 0xe8, 0x32, 0xe8, 0xa0, 0x9e, 0xa8, + 0x77, 0x53, 0xac, 0x38, 0xd6, 0xeb, 0xe6, 0x22, 0x65, 0xc4, 0xaa, 0x4c, + 0xc8, 0xd0, 0x33, 0x1a, 0x1e, 0xbe, 0xbd, 0x73, 0x09, 0x4a, 0xfa, 0x85, + 0x5c, 0xf3, 0x0c, 0x9c, 0x81, 0x56, 0x30, 0xa7, 0xf7, 0x9b, 0xf4, 0x92, + 0x9c, 0x6b, 0x93, 0x6a, 0x00, 0x33, 0xdc, 0x2f, 0x54, 0x1e, 0x78, 0xd4, + 0x97, 0xec, 0x24, 0xa2, 0xdb, 0x3d, 0x03, 0x33, 0x09, 0xb2, 0x2c, 0x03, + 0x05, 0x40, 0xde, 0x52, 0xf2, 0x9b, 0xfa, 0x00, 0x8d, 0x4b, 0xfe, 0x5b, + 0x9b, 0x9c, 0x73, 0xad, 0xfb, 0x7a, 0x00, 0x42, 0x62, 0x9e, 0xa0, 0x95, + 0x55, 0x50, 0x32, 0x87 +}; +static unsigned int enc_priv_key_len = 1192; + +const struct bootutil_key bootutil_enc_key = { + .key = enc_priv_key, + .len = &enc_priv_key_len, +}; +#elif defined(MCUBOOT_ENCRYPT_EC256) +extern const unsigned char enc_priv_key[]; +extern unsigned int enc_priv_key_len; +const struct bootutil_key bootutil_enc_key = { + .key = enc_priv_key, + .len = &enc_priv_key_len, +}; +#elif defined(MCUBOOT_ENCRYPT_X25519) +unsigned char enc_key[] = { + 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x6e, + 0x04, 0x22, 0x04, 0x20, 0x28, 0x80, 0x2f, 0xef, 0xef, 0x82, 0x95, 0x50, + 0xf1, 0x41, 0x93, 0x03, 0x6c, 0x1b, 0xb9, 0x49, 0x6c, 0x51, 0xe5, 0x26, + 0x87, 0x8f, 0x77, 0x07, 0xf8, 0xb4, 0x1f, 0x04, 0x45, 0x6d, 0x84, 0x4f, +}; +static unsigned int enc_key_len = 48; +const struct bootutil_key bootutil_enc_key = { + .key = enc_key, + .len = &enc_key_len, +}; +#elif defined(MCUBOOT_ENCRYPT_KW) +#error "Encrypted images with AES-KW is not implemented yet." +#endif diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/nrf52840dk_nrf52840_cc310_ecdsa.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/nrf52840dk_nrf52840_cc310_ecdsa.conf new file mode 100644 index 0000000000..d195965315 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/nrf52840dk_nrf52840_cc310_ecdsa.conf @@ -0,0 +1,2 @@ +CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=y +CONFIG_BOOT_ECDSA_CC310=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/prj.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/prj.conf new file mode 100644 index 0000000000..0166765640 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/prj.conf @@ -0,0 +1,46 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + +CONFIG_MCUBOOT_APP=y +CONFIG_MCUBOOT_DEVICE_SETTINGS=y + +CONFIG_DEBUG=y +CONFIG_PM=n + +CONFIG_MAIN_STACK_SIZE=10240 +CONFIG_CUSTOM_MBEDTLS_CFG_FILE=y +CONFIG_MBEDTLS_CFG_FILE="mcuboot-mbedtls-cfg.h" +#CONFIG_BOOT_SIGNATURE_KEY_FILE="my-rsa-2048.pem" + +CONFIG_BOOT_SWAP_SAVE_ENCTLV=n +CONFIG_BOOT_ENCRYPT_RSA=n +CONFIG_BOOT_ENCRYPT_EC256=n +CONFIG_BOOT_ENCRYPT_X25519=n + +CONFIG_BOOT_UPGRADE_ONLY=n +CONFIG_BOOT_BOOTSTRAP=n + +### mbedTLS has its own heap +# CONFIG_HEAP_MEM_POOL_SIZE is not set + +### We never want Zephyr's copy of tinycrypt. If tinycrypt is needed, +### MCUboot has its own copy in tree. +# CONFIG_TINYCRYPT is not set +# CONFIG_TINYCRYPT_ECC_DSA is not set +# CONFIG_TINYCRYPT_SHA256 is not set + +CONFIG_FLASH=y + +### Various Zephyr boards enable features that we don't want. +# CONFIG_BT is not set +# CONFIG_BT_CTLR is not set +# CONFIG_I2C is not set + +CONFIG_LOG=y +CONFIG_LOG_MODE_MINIMAL=y # former CONFIG_MODE_MINIMAL +### Ensure Zephyr logging changes don't use more resources +CONFIG_LOG_DEFAULT_LEVEL=0 +### Decrease footprint by ~4 KB in comparison to CBPRINTF_COMPLETE=y +CONFIG_CBPRINTF_NANO=y + diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/ram_load.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/ram_load.conf new file mode 100644 index 0000000000..4cca450b3a --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/ram_load.conf @@ -0,0 +1,6 @@ +# Enables RAM load mode and specifies 16 MB of memory from 0x80000000 +# as a valid location for the firmware to be loaded into. + +CONFIG_BOOT_RAM_LOAD=y +CONFIG_BOOT_IMAGE_EXECUTABLE_RAM_START=0x80000000 +CONFIG_BOOT_IMAGE_EXECUTABLE_RAM_SIZE=16777216 \ No newline at end of file diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/sample.yaml b/zephyr/samples/modules/mcuboot/mcuboot_external_config/sample.yaml new file mode 100644 index 0000000000..aebe21ed5d --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/sample.yaml @@ -0,0 +1,62 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# SPDX-License-Identifier: Apache-2.0 + +sample: + description: MCUBoot external config + name: MCUBoot external config + +tests: + mcuboot.sample.modules.mcuboot.mcuboot_external_config: + tags: bootloader_mcuboot + platform_allow: nrf52840dk_nrf52840 frdm_k64f disco_l475_iot1 + integration_platforms: + - nrf52840dk_nrf52840 + - frdm_k64f + - disco_l475_iot1 + mcuboot.sample.modules.mcuboot.serial_recovery: + extra_args: OVERLAY_CONFIG=serial_recovery.conf + platform_allow: nrf52840dk_nrf52840 + integration_platforms: + - nrf52840dk_nrf52840 + tags: bootloader_mcuboot + mcuboot.sample.modules.mcuboot.usb_cdc_acm_recovery: + tags: bootloader_mcuboot + platform_allow: nrf52840dongle_nrf52840 + extra_args: DTC_OVERLAY_FILE="./usb_cdc_acm.overlay;app.overlay" + integration_platforms: + - nrf52840dongle_nrf52840 + mcuboot.sample.modules.mcuboot.usb_cdc_acm_recovery_log: + extra_args: OVERLAY_CONFIG=./usb_cdc_acm_log_recovery.conf + DTC_OVERLAY_FILE="./boards/nrf52840_big.overlay;app.overlay" + platform_allow: nrf52840dk_nrf52840 + integration_platforms: + - nrf52840dk_nrf52840 + tags: bootloader_mcuboot + mcuboot.sample.modules.mcuboot.single_slot: + extra_args: OVERLAY_CONFIG=./single_slot.conf + DTC_OVERLAY_FILE="./boards/nrf52840_single_slot.overlay;app.overlay" + platform_allow: nrf52840dk_nrf52840 + integration_platforms: + - nrf52840dk_nrf52840 + tags: bootloader_mcuboot + mcuboot.sample.modules.mcuboot.qspi_nor_slot: + extra_args: DTC_OVERLAY_FILE="./boards/nrf52840dk_qspi_nor_secondary.overlay;app.overlay" + OVERLAY_CONFIG="./boards/nrf52840dk_qspi_nor.conf;./boards/nrf52840dk_qspi_secondary_boot.conf" + platform_allow: nrf52840dk_nrf52840 + integration_platforms: + - nrf52840dk_nrf52840 + tags: bootloader_mcuboot + mcuboot.sample.modules.mcuboot.hooks_multi: + extra_args: DTC_OVERLAY_FILE="./boards/nrf52840dk_ram_multi.overlay;app.overlay" + OVERLAY_CONFIG=./boards/nrf52840dk_hooks_sample_overlay.conf + TEST_BOOT_IMAGE_ACCESS_HOOKS=Y + platform_allow: nrf52840dk_nrf52840 + integration_platforms: + - nrf52840dk_nrf52840 + tags: bootloader_mcuboot + mcuboot.sample.modules.mcuboot.ram_load: + extra_args: OVERLAY_CONFIG=./ram_load.conf + tags: bootloader_mcuboot + platform_allow: mimxrt1020_evk + integration_platforms: + - mimxrt1020_evk diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/serial_recovery.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/serial_recovery.conf new file mode 100644 index 0000000000..ddd08fcf61 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/serial_recovery.conf @@ -0,0 +1,3 @@ +CONFIG_MCUBOOT_SERIAL=y +CONFIG_BOOT_SERIAL_UART=y +CONFIG_UART_CONSOLE=n diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/single_slot.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/single_slot.conf new file mode 100644 index 0000000000..34cc92a655 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/single_slot.conf @@ -0,0 +1 @@ +CONFIG_SINGLE_APPLICATION_SLOT=y diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/usb_cdc_acm.overlay b/zephyr/samples/modules/mcuboot/mcuboot_external_config/usb_cdc_acm.overlay new file mode 100644 index 0000000000..800d63caf0 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/usb_cdc_acm.overlay @@ -0,0 +1,5 @@ +&zephyr_udc0 { + cdc_acm_uart0 { + compatible = "zephyr,cdc-acm-uart"; + }; +}; diff --git a/zephyr/samples/modules/mcuboot/mcuboot_external_config/usb_cdc_acm_log_recovery.conf b/zephyr/samples/modules/mcuboot/mcuboot_external_config/usb_cdc_acm_log_recovery.conf new file mode 100644 index 0000000000..ae412fed59 --- /dev/null +++ b/zephyr/samples/modules/mcuboot/mcuboot_external_config/usb_cdc_acm_log_recovery.conf @@ -0,0 +1,16 @@ +CONFIG_LOG=y + +# The build won't fit on the partition allocated for it without size +# optimizations. +CONFIG_SIZE_OPTIMIZATIONS=y + +# Serial +CONFIG_SERIAL=y +CONFIG_UART_LINE_CTRL=y + +# MCUBoot serial +CONFIG_MCUBOOT_SERIAL=y +CONFIG_BOOT_SERIAL_CDC_ACM=y + +CONFIG_LOG_BACKEND_UART=y +CONFIG_LOG_BACKEND_RTT=n diff --git a/zephyr/subsys/CMakeLists.txt b/zephyr/subsys/CMakeLists.txt new file mode 100644 index 0000000000..c3d5673a87 --- /dev/null +++ b/zephyr/subsys/CMakeLists.txt @@ -0,0 +1,9 @@ +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + + +cmake_minimum_required(VERSION 3.10 FATAL_ERROR) + +add_subdirectory_ifdef(CONFIG_MCUBOOT_BOOTUTIL_LIB mcuboot_util) +add_subdirectory_ifdef(CONFIG_MCUBOOT_APP mcuboot_app) diff --git a/zephyr/subsys/mcuboot_app/CMakeLists.txt b/zephyr/subsys/mcuboot_app/CMakeLists.txt new file mode 100644 index 0000000000..922188c15e --- /dev/null +++ b/zephyr/subsys/mcuboot_app/CMakeLists.txt @@ -0,0 +1,234 @@ +# CMakeLists.txt for building mcuboot as a Zephyr project +# +# Copyright (c) 2017 Open Source Foundries Limited +# Copyright (c) 2022 Legrand North America, LLC. +# +# SPDX-License-Identifier: Apache-2.0 + +cmake_minimum_required(VERSION 3.13.1) + +# Path to "boot" subdirectory of repository root. +set(BOOT_DIR ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot) +# Path to top-level repository root directory. +set(MCUBOOT_DIR ${ZEPHYR_MCUBOOT_MODULE_DIR}) +# Path to tinycrypt library source subdirectory of MCUBOOT_DIR. +set(TINYCRYPT_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/tinycrypt/lib") +assert_exists(TINYCRYPT_DIR) +set(TINYCRYPT_SHA512_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/tinycrypt-sha512/lib") +assert_exists(TINYCRYPT_SHA512_DIR) +# Path to crypto-fiat +set(FIAT_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/fiat") +assert_exists(FIAT_DIR) +# Path to mbed-tls' asn1 parser library. +set(MBEDTLS_ASN1_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/mbedtls-asn1") +assert_exists(MBEDTLS_ASN1_DIR) +set(NRF_DIR "${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/nrf") + +if(CONFIG_BOOT_USE_NRF_CC310_BL) +set(NRFXLIB_DIR ${ZEPHYR_NRFXLIB_MODULE_DIR}) +if(NOT EXISTS ${NRFXLIB_DIR}) + message(FATAL_ERROR " + ------------------------------------------------------------------------ + No such file or directory: ${NRFXLIB_DIR} + The current configuration enables nRF CC310 crypto accelerator hardware + with the `CONFIG_BOOT_USE_NRF_CC310_BL` option. Please follow + `ext/nrf/README.md` guide to fix your setup or use tinycrypt instead of + the HW accelerator. + To use the tinycrypt set `CONFIG_BOOT_ECDSA_TINYCRYPT` to y. + ------------------------------------------------------------------------") +endif() +# Don't include this if we are using west + add_subdirectory(${NRFXLIB_DIR} ${PROJECT_BINARY_DIR}/nrfxlib) +endif() + +zephyr_library_include_directories( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + targets + ) +if(EXISTS targets/${BOARD}.h) + zephyr_library_compile_definitions(MCUBOOT_TARGET_CONFIG="${BOARD}.h") +endif() + +# Zephyr port-specific sources. +zephyr_library_sources( + ${BOOT_DIR}/zephyr/main.c + ${BOOT_DIR}/zephyr/flash_map_extended.c + ${BOOT_DIR}/zephyr/os.c + ) + +if(DEFINED CONFIG_ENABLE_MGMT_PERUSER) + zephyr_library_sources( + ${BOOT_DIR}/zephyr/boot_serial_extensions.c + ) +endif() + +if(NOT DEFINED CONFIG_FLASH_PAGE_LAYOUT) + zephyr_library_sources( + ${BOOT_DIR}/zephyr/flash_map_legacy.c + ) +endif() + +# Generic bootutil sources and includes. +zephyr_library_include_directories(${BOOT_DIR}/bootutil/include) +zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/image_validate.c + ${BOOT_DIR}/bootutil/src/tlv.c + ${BOOT_DIR}/bootutil/src/encrypted.c + ${BOOT_DIR}/bootutil/src/image_rsa.c + ${BOOT_DIR}/bootutil/src/image_ec256.c + ${BOOT_DIR}/bootutil/src/image_ed25519.c + ${BOOT_DIR}/bootutil/src/bootutil_misc.c + ${BOOT_DIR}/bootutil/src/fault_injection_hardening.c + ) + +if(CONFIG_BOOT_FIH_PROFILE_HIGH) +zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c + ) +endif() + +if(CONFIG_SINGLE_APPLICATION_SLOT) +zephyr_library_sources( + ${BOOT_DIR}/zephyr/single_loader.c + ) +zephyr_library_include_directories(${BOOT_DIR}/bootutil/src) +else() +zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/loader.c + ${BOOT_DIR}/bootutil/src/swap_misc.c + ${BOOT_DIR}/bootutil/src/swap_scratch.c + ${BOOT_DIR}/bootutil/src/swap_move.c + ${BOOT_DIR}/bootutil/src/caps.c + ) +endif() + +if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256) + zephyr_library_include_directories( + ${MBEDTLS_ASN1_DIR}/include + ) + zephyr_library_sources( + # Additionally pull in just the ASN.1 parser from mbedTLS. + ${MBEDTLS_ASN1_DIR}/src/asn1parse.c + ${MBEDTLS_ASN1_DIR}/src/platform_util.c + ) + if(CONFIG_BOOT_USE_TINYCRYPT) + # When using ECDSA signatures, pull in our copy of the tinycrypt library. + zephyr_library_include_directories( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include + ) + zephyr_include_directories(${TINYCRYPT_DIR}/include) + + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/ecc.c + ${TINYCRYPT_DIR}/source/ecc_dsa.c + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c + ) + elseif(CONFIG_BOOT_USE_NRF_CC310_BL) + zephyr_library_sources(${NRF_DIR}/cc310_glue.c) + zephyr_library_include_directories(${NRF_DIR}) + zephyr_link_libraries(nrfxlib_crypto) + endif() + + # Since here we are not using Zephyr's mbedTLS but rather our own, we need + # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this + # variable is set by its Kconfig in the Zephyr codebase. + zephyr_library_compile_definitions( + MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h" + ) +elseif(CONFIG_BOOT_SIGNATURE_TYPE_NONE) + zephyr_library_include_directories( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include + ) + + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c + ) +elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA) + # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file + # is set using Kconfig.) + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) + if(CONFIG_BOOT_ENCRYPT_RSA) + set_source_files_properties( + ${BOOT_DIR}/bootutil/src/encrypted.c + PROPERTIES + INCLUDE_DIRECTORIES ${ZEPHYR_MBEDTLS_MODULE_DIR}/library + ) + endif() +elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519) + if(CONFIG_BOOT_USE_TINYCRYPT) + zephyr_library_include_directories( + ${MBEDTLS_ASN1_DIR}/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include + ${TINYCRYPT_SHA512_DIR}/include + ) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c + ${TINYCRYPT_SHA512_DIR}/source/sha512.c + # Additionally pull in just the ASN.1 parser from mbedTLS. + ${MBEDTLS_ASN1_DIR}/src/asn1parse.c + ${MBEDTLS_ASN1_DIR}/src/platform_util.c + ) + zephyr_library_compile_definitions( + MBEDTLS_CONFIG_FILE="${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include/mcuboot-mbedtls-cfg.h" + ) + else() + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) + endif() + + zephyr_library_include_directories( + ${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include + ${FIAT_DIR}/include/ + ) + + zephyr_library_sources( + ${FIAT_DIR}/src/curve25519.c + ) +endif() + +if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/aes_encrypt.c + ${TINYCRYPT_DIR}/source/aes_decrypt.c + ${TINYCRYPT_DIR}/source/ctr_mode.c + ${TINYCRYPT_DIR}/source/hmac.c + ${TINYCRYPT_DIR}/source/ecc_dh.c + ) +endif() + +if(CONFIG_BOOT_ENCRYPT_EC256) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/ecc_dh.c + ) +endif() + +if(CONFIG_MCUBOOT_SERIAL) + zephyr_sources(${BOOT_DIR}/zephyr/serial_adapter.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/boot_serial.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/serial_recovery_cbor.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_decode.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_encode.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_common.c) + + zephyr_sources_ifdef(CONFIG_BOOT_MGMT_ECHO ${BOOT_DIR}/boot_serial/src/serial_recovery_echo.c) + + zephyr_include_directories(${BOOT_DIR}/bootutil/include) + zephyr_include_directories(${BOOT_DIR}/boot_serial/include) + zephyr_include_directories(${ZEPHYR_MCUBOOT_MODULE_DIR}/zephyr/include) + + zephyr_include_directories_ifdef( + CONFIG_BOOT_ERASE_PROGRESSIVELY + ${BOOT_DIR}/bootutil/src + ) +endif() + +if(CONFIG_MCUBOOT_CLEANUP_ARM_CORE) +zephyr_library_sources( + ${BOOT_DIR}/zephyr/arm_cleanup.c +) +endif() diff --git a/boot/bootutil/zephyr/CMakeLists.txt b/zephyr/subsys/mcuboot_util/CMakeLists.txt similarity index 67% rename from boot/bootutil/zephyr/CMakeLists.txt rename to zephyr/subsys/mcuboot_util/CMakeLists.txt index 72a6a8638f..8ea31ba4a2 100644 --- a/boot/bootutil/zephyr/CMakeLists.txt +++ b/zephyr/subsys/mcuboot_util/CMakeLists.txt @@ -1,20 +1,22 @@ # Copyright (c) 2020 Nordic Semiconductor ASA +# Copyright (c) 2022 Legrand North America, LLC. # # SPDX-License-Identifier: Apache-2.0 + if(CONFIG_MCUBOOT_BOOTUTIL_LIB) zephyr_interface_library_named(MCUBOOT_BOOTUTIL) -target_include_directories(MCUBOOT_BOOTUTIL INTERFACE - ../ - ../include - ../../zephyr/include +zephyr_include_directories(MCUBOOT_BOOTUTIL INTERFACE + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/bootutil/ + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/bootutil/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/zephyr/include ) zephyr_library_named(mcuboot_util) zephyr_library_sources( - ../src/bootutil_public.c + ${ZEPHYR_MCUBOOT_MODULE_DIR}/boot/bootutil/src/bootutil_public.c ) # Sensitivity to the TEST_BOOT_IMAGE_ACCESS_HOOKS define is implemented for @@ -30,7 +32,7 @@ target_link_libraries(MCUBOOT_BOOTUTIL INTERFACE zephyr_interface) if(CONFIG_BOOT_USE_TINYCRYPT) target_include_directories(MCUBOOT_BOOTUTIL INTERFACE - ../../../ext/tinycrypt/lib/include + ${ZEPHYR_MCUBOOT_MODULE_DIR}/ext/tinycrypt/lib/include ) endif()