aboutsummaryrefslogtreecommitdiff
path: root/bl2/ext/mcuboot/MCUBootConfig.cmake
blob: 06a828b374e5fb68c94bd9cababd4122b9bb83d2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#-------------------------------------------------------------------------------
# Copyright (c) 2019-2020, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
#-------------------------------------------------------------------------------

#Include BL2 bootloader related functions
include("${CMAKE_CURRENT_LIST_DIR}/MCUBoot.cmake")

set(BL2 True CACHE BOOL "Configure TF-M to use BL2 and enable building BL2")

if (BL2)
	add_definitions(-DBL2)

	set(MCUBOOT_REPO "TF-M" CACHE STRING "Configure which repository use the MCUBoot from")
	set_property(CACHE MCUBOOT_REPO PROPERTY STRINGS "TF-M;UPSTREAM")
	validate_cache_value(MCUBOOT_REPO)

	set(MCUBOOT_IMAGE_NUMBER 2 CACHE STRING "Configure the number of separately updatable firmware images")
	set_property(CACHE MCUBOOT_IMAGE_NUMBER PROPERTY STRINGS "1;2")
	validate_cache_value(MCUBOOT_IMAGE_NUMBER STRINGS)

	set(MCUBOOT_UPGRADE_STRATEGY "OVERWRITE_ONLY" CACHE STRING "Configure BL2 which upgrade strategy to use")
	set_property(CACHE MCUBOOT_UPGRADE_STRATEGY PROPERTY STRINGS "OVERWRITE_ONLY;SWAP;NO_SWAP;RAM_LOADING")
	validate_cache_value(MCUBOOT_UPGRADE_STRATEGY)

	set(MCUBOOT_SIGNATURE_TYPE "RSA-3072" CACHE STRING "Algorithm used by MCUBoot to validate signatures.")
	set_property(CACHE MCUBOOT_SIGNATURE_TYPE PROPERTY STRINGS "RSA-3072;RSA-2048")
	validate_cache_value(MCUBOOT_SIGNATURE_TYPE)

	if (MCUBOOT_REPO STREQUAL "TF-M")
		set(MCUBOOT_HW_KEY On CACHE BOOL "Configure to use HW key for image verification. Otherwise key is embedded in MCUBoot image.")
	else() #Using upstream MCUBoot
		if (MCUBOOT_HW_KEY)
			message(WARNING "Cannot use HW key for image verification when building against upstream MCUBoot."
				" Your choice was overriden (MCUBOOT_HW_KEY=Off).")
		endif()
		set(MCUBOOT_HW_KEY Off)
	endif()

	set(MCUBOOT_LOG_LEVEL "LOG_LEVEL_INFO" CACHE STRING "Configure the level of logging in MCUBoot.")
	set_property(CACHE MCUBOOT_LOG_LEVEL PROPERTY STRINGS "LOG_LEVEL_OFF;LOG_LEVEL_ERROR;LOG_LEVEL_WARNING;LOG_LEVEL_INFO;LOG_LEVEL_DEBUG")
	if (NOT CMAKE_BUILD_TYPE STREQUAL "debug")
		set(MCUBOOT_LOG_LEVEL "LOG_LEVEL_OFF")
	endif()

	validate_cache_value(MCUBOOT_LOG_LEVEL)

	if ((${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP" OR
		 ${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "RAM_LOADING") AND
		NOT (MCUBOOT_IMAGE_NUMBER EQUAL 1))
		message(WARNING "The number of separately updatable images with the NO_SWAP or the RAM_LOADING"
			" upgrade strategy can be only '1'. Your choice was overriden.")
		set(MCUBOOT_IMAGE_NUMBER 1)
	endif()

	if (MCUBOOT_REPO STREQUAL "UPSTREAM")
		set_property(CACHE MCUBOOT_UPGRADE_STRATEGY PROPERTY STRINGS "OVERWRITE_ONLY;SWAP")
		if (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP" OR
			${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "RAM_LOADING")
			message(WARNING "The ${MCUBOOT_UPGRADE_STRATEGY} upgrade strategy cannot be used when building against"
				" upstream MCUBoot. Your choice was overriden.")
			mcuboot_override_upgrade_strategy("OVERWRITE_ONLY")
		endif()

		if (DEFINED SECURITY_COUNTER OR
			DEFINED SECURITY_COUNTER_S OR
			DEFINED SECURITY_COUNTER_NS)
				message(WARNING "Ignoring the values of SECURITY_COUNTER and/or SECURITY_COUNTER_* variables as"
					" upstream MCUBoot does not support rollback protection.")
				set(SECURITY_COUNTER "")
				set(SECURITY_COUNTER_S "")
				set(SECURITY_COUNTER_NS "")
		endif()

	endif()

else() #BL2 is turned off

	if (DEFINED MCUBOOT_IMAGE_NUMBER OR
		DEFINED MCUBOOT_UPGRADE_STRATEGY OR
		DEFINED MCUBOOT_SIGNATURE_TYPE OR
		DEFINED MCUBOOT_HW_KEY OR
		DEFINED MCUBOOT_LOG_LEVEL)
			message(WARNING "Ignoring the values of MCUBOOT_* variables as BL2 option is set to False.")
			set(MCUBOOT_IMAGE_NUMBER "")
			set(MCUBOOT_UPGRADE_STRATEGY "")
			set(MCUBOOT_SIGNATURE_TYPE "")
			set(MCUBOOT_HW_KEY "")
			set(MCUBOOT_LOG_LEVEL "")
	endif()

	if (DEFINED SECURITY_COUNTER OR
		DEFINED SECURITY_COUNTER_S OR
		DEFINED SECURITY_COUNTER_NS)
			message(WARNING "Ignoring the values of SECURITY_COUNTER and/or SECURITY_COUNTER_* variables as BL2 option is set to False.")
			set(SECURITY_COUNTER "")
			set(SECURITY_COUNTER_S "")
			set(SECURITY_COUNTER_NS "")
	endif()

	if (DEFINED IMAGE_VERSION OR
		DEFINED IMAGE_VERSION_S OR
		DEFINED IMAGE_VERSION_NS)
			message(WARNING "Ignoring the values of IMAGE_VERSION and/or IMAGE_VERSION_* variables as BL2 option is set to False.")
			set(IMAGE_VERSION "")
			set(IMAGE_VERSION_S "")
			set(IMAGE_VERSION_NS "")
	endif()
	if (DEFINED S_IMAGE_MIN_VER OR
		DEFINED NS_IMAGE_MIN_VER)
			message(WARNING "Ignoring the values of *_IMAGE_MIN_VER variables as BL2 option is set to False.")
			set(S_IMAGE_MIN_VER "")
			set(NS_IMAGE_MIN_VER "")
	endif()
endif()