TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / a4818a556524ebb21c12fc3527061db3fcfdad51
commita4818a556524ebb21c12fc3527061db3fcfdad51[log] [tgz]
authorMarti Bolivar <marti@opensourcefoundries.com>Thu Apr 12 13:02:38 2018 -0400
committerFabio Utzig <utzig@utzig.org>Wed Apr 25 18:44:03 2018 -0300
treeb3d3a1beb43d67db273c44576a4460471f31e4d0
parentf91bca51a635bba90e92df00d829abeb6b6f6949 [diff]
zephyr: migrate signature type to Kconfig

Handle the CONFIG_BOOT_SIGNATURE_TYPE_xxx values in Zephyr's
mcuboot_config.h by converting them into the platform-agnostic MCUboot
definitions.

This requires some changes to the way the release test Makefile is
structured, since Kconfig symbols cannot be set from the command line.

Instead, use the OVERLAY_CONFIG feature of the Zephyr build system,
which allows specifying extra fragments to merge into the final
.config. (This is an orthogonal mechanism to setting CONF_FILE; it is
used by Zephyr's CI script sanitycheck to add additional fragments, so
it's appropriate for use by MCUboot's testing scripts as well.)

We additionally need to move to a single prj.conf file due to a
dependency issue. We can no longer determine CONF_FILE from the
signature type, since that is now determined from the final .config or
autoconf.h, which is a build output that depends on CONF_FILE.

To move to a single prj.conf:

- delete prj-p256.conf and adjust prj.conf to serve both signature types
- add a top-level mbedTLS configuration file which dispatches to
  the right sub-header depending on the key type
- as a side effect, have the simulator pick the right config file
  depending on the case

This fixes and cleans up quite a bit of the signature type handling,
which had become something of a mess over time. For example, it fixes
a bug in ECDSA mode's configuration that wasn't actually selecting
config-asn1.h, and forces the simulator to use the same mbedTLS
configuration file as builds for real hardware.

Finally, we also have to move the mbedTLS vs. TinyCrypt choice into
mcuboot_config.h at the same time as well, since CMakeLists.txt was
making that decision based on the signature type.

Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
13 files changed
tree: b3d3a1beb43d67db273c44576a4460471f31e4d0
  1. boot/
  2. docs/
  3. ext/
  4. samples/
  5. scripts/
  6. sim/
  7. testplan/
  8. .gitignore
  9. .gitmodules
  10. .travis.yml
  11. LICENSE
  12. NOTICE
  13. project.yml
  14. README.md
  15. repository.yml
  16. root-ec-p256.pem
  17. root-rsa-2048.pem
README.md

mcuboot

Coverity Scan Build Status Build/Test

This is mcuboot, version 1.1.0

MCUboot is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to define a common infrastructure for the bootloader, system flash layout on microcontroller systems, and to provide a secure bootloader that enables easy software upgrade.

MCUboot is operating system and hardware independent, and relies on hardware porting layers from the operating system it works with. Currently mcuboot works with both the Apache Mynewt, and Zephyr operating systems, but more ports are planned in the future. RIOT is currently supported as a boot target with a complete port planned.

Using MCUboot

Instructions for different operating systems can be found here:

Roadmap

The issues being planned and worked on are tracked on Jira. To participate please visit:

https://runtimeco.atlassian.net/projects/MCUB/summary

Browsing

Information and documentation on the bootloader is stored within the source, and on confluence:

https://runtimeco.atlassian.net/wiki/discover/all-updates

For more information in the source, here are some pointers:

  • boot/bootutil: The core of the bootloader itself.
  • boot/boot_serial: Support for serial upgrade within the bootloader itself.
  • boot/zephyr: Port of the bootloader to Zephyr
  • boot/mynewt: Mynewt bootloader app
  • imgtool: A tool to securely sign firmware images for booting by mcuboot.
  • sim: A bootloader simulator for testing and regression

Joining

Developers welcome!