BL2: Add MCUBOOT_BOOTSTRAP support
With this option, installing images from secondary slot with empty
primary slot is possible (i.e with MCUBOOT_ENC_IMAGES and UPGRADE_STRATEGY
in SWAP, encrypted images can be installed from secondary slot on
a virgin board)
Change-Id: I9be99c1dc66393317102060c44523748664126e1
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
diff --git a/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in b/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
index e846386..a00ce48 100644
--- a/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
+++ b/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
@@ -37,6 +37,7 @@
#cmakedefine MCUBOOT_MEASURED_BOOT
#cmakedefine MCUBOOT_DATA_SHARING
+#cmakedefine MCUBOOT_BOOTSTRAP
/*
* Maximum size of the measured boot record.
*
diff --git a/bl2/ext/mcuboot/mcuboot_default_config.cmake b/bl2/ext/mcuboot/mcuboot_default_config.cmake
index 4e116bb..db7c3e3 100644
--- a/bl2/ext/mcuboot/mcuboot_default_config.cmake
+++ b/bl2/ext/mcuboot/mcuboot_default_config.cmake
@@ -36,6 +36,7 @@
set(MCUBOOT_DIRECT_XIP_REVERT ON CACHE BOOL "Enable the revert mechanism in direct-xip mode")
set(MCUBOOT_HW_ROLLBACK_PROT ON CACHE BOOL "Enable security counter validation against non-volatile HW counters")
set(MCUBOOT_ENC_IMAGES OFF CACHE BOOL "Enable encrypted image upgrade support")
+set(MCUBOOT_BOOTSTRAP OFF CACHE BOOL "Support initial state with empty primary slot and images installed from secondary slots")
set(MCUBOOT_ENCRYPT_RSA OFF CACHE BOOL "Use RSA for encrypted image upgrade support")
set(MCUBOOT_FIH_PROFILE OFF CACHE STRING "Fault injection hardening profile [OFF, LOW, MEDIUM, HIGH]")