synch with upstream d2122bc

Synchronized up to:
mcu-tools/mcuboot@d2122bc

- Added 'revert' support to direct-xip mode.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>

Author: nvlsianpu

.github/workflows/imgtool.yaml

@@ -0,0 +1,24 @@
+on:
+  push:
+    branches:
+      - master
+
+name: imgtool
+
+jobs:
+  environment:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - name: Install packages
+      run: |
+        export PATH="$HOME/.local/bin:$PATH"
+        ./ci/imgtool_install.sh
+    - name: Publish
+      env:
+        TWINE_TOKEN: ${{ secrets.TWINE_TOKEN }}
+      run: |
+        export PATH="$HOME/.local/bin:$PATH"
+        ./ci/imgtool_run.sh

.github/workflows/mynewt.yaml

@@ -1,9 +1,14 @@
 # For development, trigger this on any push.
-on: [pull_request]
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+
+name: Mynewt
 
 jobs:
   environment:
-    name: Mynewt build
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
@@ -16,6 +21,7 @@ jobs:
         free
         pwd
     - name: Signed commit check
+      if: ${{ github.event_name == 'pull_request' }}
       run: |
         ./ci/check-signed-off-by.sh
     - name: Mynewt install

.github/workflows/sim.yaml

@@ -1,5 +1,11 @@
 # For development, trigger this on any push.
-on: [pull_request]
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+
+name: Sim
 
 jobs:
   environment:
@@ -20,7 +26,6 @@ jobs:
         - "sig-rsa validate-primary-slot overwrite-only large-write"
         - "sig-ecdsa enc-ec256 validate-primary-slot"
         - "sig-rsa validate-primary-slot overwrite-only downgrade-prevention"
-    name: Sim
     runs-on: ubuntu-latest
     env:
       MULTI_FEATURES: ${{ matrix.features }}
@@ -36,6 +41,7 @@ jobs:
         free
         pwd
     - name: Signed commit check
+      if: ${{ github.event_name == 'pull_request' }}
       run: |
         ./ci/check-signed-off-by.sh
     - name: Install stable Rust

.mbedignore

@@ -0,0 +1,19 @@
+boot/boot_serial/*
+boot/mynewt/*
+boot/zephyr/*
+boot/cypress/*
+ci/*
+docs/*
+ptest/*
+samples/*
+scripts/*
+sim/*
+testplan/*
+ext/cddl_gen/*
+ext/fiat/*
+ext/mbedtls/*
+ext/mbedtls-asn1/*
+ext/nrf/*
+ext/tinycrypt/tests/*
+ext/tinycrypt/*
+ext/tinycrypt-sha512/*

.travis.yml

@@ -1,58 +1,59 @@
-# Travis configuration.  Build the simulator and run its tests.
+# Travis configuration. Run FI hardening tests.
 
-addons:
-  apt:
-    packages:
-      - "python3-pip"
+language: minimal
 
-language: rust
-
-cache:
-  directories:
-    - $HOME/TOOLCHAIN
-    - cargo
+services:
+  - docker
 
 matrix:
   include:
-    # Runs each value defined in $SINGLE_FEATURES by itself in the order
-    # the were defined.
-    # - os: linux
-    #   env: SINGLE_FEATURES="sig-ecdsa sig-ed25519 enc-kw bootstrap" TEST=sim
-    # - os: linux
-    #   env: SINGLE_FEATURES="none sig-rsa sig-rsa3072 overwrite-only validate-primary-slot swap-move" TEST=sim
-    # - os: linux
-    #   env: SINGLE_FEATURES="enc-rsa enc-ec256 enc-x25519" TEST=sim
-
-    # Values defined in $MULTI_FEATURES consist of any number of features
-    # to be enabled at the same time. The list of multi-values should be
-    # separated by ',' and each list of values is run sequentially in the
-    # defined order.
-    # - os: linux
-    #   env: MULTI_FEATURES="sig-rsa overwrite-only large-write,sig-ecdsa overwrite-only large-write,multiimage overwrite-only large-write" TEST=sim
-    # - os: linux
-    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot,sig-ecdsa validate-primary-slot,sig-rsa multiimage validate-primary-slot" TEST=sim
-    # - os: linux
-    #   env: MULTI_FEATURES="enc-kw overwrite-only large-write,enc-rsa overwrite-only large-write" TEST=sim
-    # - os: linux
-    #   env: MULTI_FEATURES="sig-rsa enc-rsa validate-primary-slot,swap-move enc-rsa sig-rsa validate-primary-slot" TEST=sim
-    # - os: linux
-    #   env: MULTI_FEATURES="sig-rsa enc-kw validate-primary-slot bootstrap,sig-ed25519 enc-x25519 validate-primary-slot" TEST=sim
-    # - os: linux
-    #   env: MULTI_FEATURES="sig-ecdsa enc-kw validate-primary-slot" TEST=sim
-    # - os: linux
-    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only large-write,sig-ecdsa enc-ec256 validate-primary-slot" TEST=sim
-    # - os: linux
-    #   env: MULTI_FEATURES="sig-rsa validate-primary-slot overwrite-only downgrade-prevention" TEST=sim
-
-    # - os: linux
-    #   language: go
-    #   env: TEST=mynewt
-    #   go:
-    #     - "1.12"
+    - os: linux
+      language: minimal
+      env: BUILD_TYPE=RELEASE SKIP_SIZE=2,4,6,8,10 TEST=fih-tests DAMAGE_TYPE=SIGNATURE
+
+    - os: linux
+      language: minimal
+      env: BUILD_TYPE=RELEASE SKIP_SIZE=2,4,6,8,10 FIH_LEVEL=LOW TEST=fih-tests DAMAGE_TYPE=SIGNATURE
+
+    - os: linux
+      language: minimal
+      env: BUILD_TYPE=RELEASE SKIP_SIZE=2,4,6,8,10 FIH_LEVEL=MEDIUM TEST=fih-tests DAMAGE_TYPE=SIGNATURE
+
+    - os: linux
+      language: minimal
+      env: BUILD_TYPE=MINSIZEREL SKIP_SIZE=2,4,6 TEST=fih-tests DAMAGE_TYPE=SIGNATURE
+
+    - os: linux
+      language: minimal
+      env: BUILD_TYPE=MINSIZEREL SKIP_SIZE=2,4,6 FIH_LEVEL=LOW TEST=fih-tests DAMAGE_TYPE=SIGNATURE
+
+    - os: linux
+      language: minimal
+      env: BUILD_TYPE=MINSIZEREL SKIP_SIZE=2,4,6 FIH_LEVEL=MEDIUM TEST=fih-tests DAMAGE_TYPE=SIGNATURE
+
+    - os: linux
+      language: minimal
+      env: BUILD_TYPE=MINSIZEREL SKIP_SIZE=8,10 TEST=fih-tests DAMAGE_TYPE=SIGNATURE
 
     - os: linux
-      language: python
-      env: TEST=imgtool
+      language: minimal
+      env: BUILD_TYPE=MINSIZEREL SKIP_SIZE=8,10 FIH_LEVEL=LOW TEST=fih-tests DAMAGE_TYPE=SIGNATURE
+
+    - os: linux
+      language: minimal
+      env: BUILD_TYPE=MINSIZEREL SKIP_SIZE=8,10 FIH_LEVEL=MEDIUM TEST=fih-tests DAMAGE_TYPE=SIGNATURE
+
+    ## Corrupt image hash is not tested as it is in the unprotected TLV section
+    ## and is easy to calculate a valid hash for a changed image
+    #- os: linux
+    #  language: minimal
+    #  env: BUILD_TYPE=MINSIZEREL SKIP_SIZE=2,4,6 TEST=fih-tests DAMAGE_TYPE=IMAGE_HASH
+
+    ## Max profile is not tested as it requires HW entropy source which is not
+    ## present in the QEMU system being used for the tests.
+    #- os: linux
+    #  language: minimal
+    #  env: FIH_LEVEL=MAX TEST=fih-tests
 
 before_install:
   - |

README.md

@@ -1,12 +1,22 @@
 # [mcuboot](http://mcuboot.com/)
 
+[![Package on PyPI](https://img.shields.io/pypi/v/imgtool.svg)][pypi]
 [![Coverity Scan Build Status](https://scan.coverity.com/projects/12307/badge.svg)][coverity]
-[![Build/Test](https://img.shields.io/travis/JuulLabs-OSS/mcuboot/master.svg?label=travis-ci)][travis]
+[![Build Status (Sim)](https://github.com/mcu-tools/mcuboot/workflows/Sim/badge.svg)][sim]
+[![Build Status (Mynewt)](https://github.com/mcu-tools/mcuboot/workflows/Mynewt/badge.svg)][mynewt]
+[![Publishing Status (imgtool)](https://github.com/mcu-tools/mcuboot/workflows/imgtool/badge.svg)][imgtool]
+[![Build Status (Travis CI)](https://img.shields.io/travis/mcu-tools/mcuboot/master.svg?label=travis-ci)][travis]
+[![Apache 2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)][license]
 
+[pypi]: https://pypi.org/project/imgtool/
 [coverity]: https://scan.coverity.com/projects/mcuboot
-[travis]: https://travis-ci.org/JuulLabs-OSS/mcuboot
+[sim]: https://github.com/mcu-tools/mcuboot/actions?query=workflow:Sim
+[mynewt]: https://github.com/mcu-tools/mcuboot/actions?query=workflow:Mynewt
+[imgtool]: https://github.com/mcu-tools/mcuboot/actions?query=workflow:imgtool
+[travis]: https://travis-ci.org/mcu-tools/mcuboot
+[license]: https://github.com/mcu-tools/mcuboot/blob/master/LICENSE
 
-This is mcuboot version 1.6.0
+This is mcuboot version 1.7.0-rc2
 
 MCUboot is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to
 define a common infrastructure for the bootloader, system flash layout on
@@ -25,14 +35,15 @@ Instructions for different operating systems can be found here:
 - [Zephyr](docs/readme-zephyr.md)
 - [Mynewt](docs/readme-mynewt.md)
 - [RIOT](docs/readme-riot.md)
+- [Mbed-OS](docs/readme-mbed.md)
 - [Simulator](sim/README.rst)
 
 ## Roadmap
 
 The issues being planned and worked on are tracked using GitHub issues. To
 participate please visit:
 
-[MCUBoot GitHub Issues](https://github.com/JuulLabs-OSS/mcuboot/issues)
+[MCUBoot GitHub Issues](https://github.com/mcu-tools/mcuboot/issues)
 
 ~~Issues were previously tracked on [MCUboot JIRA](https://runtimeco.atlassian.net/projects/MCUB/summary)
 , but it is now deprecated.~~

boot/bootutil/include/bootutil/image.h

@@ -89,6 +89,16 @@ struct flash_area;
 #define IMAGE_TLV_DEPENDENCY        0x40   /* Image depends on other image */
 #define IMAGE_TLV_SEC_CNT           0x50   /* security counter */
 #define IMAGE_TLV_BOOT_RECORD       0x60   /* measured boot record */
+					   /*
+					    * vendor reserved TLVs at xxA0-xxFF,
+					    * where xx denotes the upper byte
+					    * range.  Examples:
+					    * 0x00a0 - 0x00ff
+					    * 0x01a0 - 0x01ff
+					    * 0x02a0 - 0x02ff
+					    * ...
+					    * 0xffa0 - 0xfffe
+					    */
 #define IMAGE_TLV_ANY               0xffff /* Used to iterate over all TLV */
 
 struct image_version {