Synch to upstream aa041a2

merge using GH web GUI

Synch up to upstream mcu-tools/mcuboot@aa041a2

- Added workflow verifying integration with the Zephyr
- removed deprecated DT_CHOSEN_ZEPHYR_FLASH_CONTROLLER_LABEL
- Fixed usage of CONFIG_LOG_IMMEDIATE 

Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>

Author: nvlsianpu

.github/workflows/zephyr_build.yaml

@@ -0,0 +1,103 @@
+# Copyright (c) 2022 Nordic Semiconductor ASA
+# SPDX-License-Identifier: Apache-2.0
+
+name: Build Zephyr samples with Twister
+
+# Workflow triggers on PRs, pushes to main, once per day at midnight and can be started manually.
+on:
+  # By default, pull_request includes: opened, synchronize, or reopened
+  pull_request:
+    branches:
+      - main
+  push:
+    branches:
+      - main
+  schedule:
+    - cron: 0 0 * * *
+  # When triggered manually, ask for Zephyr and MCUBoot versions to check out
+  workflow_dispatch:
+    inputs:
+      version_zephyr:
+        description: 'Which Zephyr version to checkout?'
+        required: true
+        default: 'main'
+      version_mcuboot:
+        description: 'Which MCUBoot version to checkout?'
+        required: true
+        default: 'main'
+
+env:
+  ZEPHYR_VERSION: 'main'
+  MCUBOOT_VERSION: 'main'
+
+# Only cancel ongoing runs for PRs
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  build_zephyr_with_twister:
+    runs-on: ubuntu-latest
+    # Docker image from the zephyr upstream. Includes SDK and other required tools
+    container:
+      image: zephyrprojectrtos/ci:v0.21.0
+      options: '--entrypoint /bin/bash'
+      volumes:
+        - /home/runners/zephyrproject:/github/cache/zephyrproject
+    env:
+      ZEPHYR_SDK_INSTALL_DIR: /opt/toolchains/zephyr-sdk-0.13.2
+
+    steps:
+      - name: Set versions when workflow_dispatch
+        if: github.event_name == 'workflow_dispatch'
+        run: |
+          echo "ZEPHYR_VERSION=${{ github.event.inputs.version_zephyr }}" >> $GITHUB_ENV
+          echo "MCUBOOT_VERSION=${{ github.event.inputs.version_mcuboot }}" >> $GITHUB_ENV
+
+      - name: Set versions when pull_request
+        if: github.event_name == 'pull_request'
+        run: |
+          echo "MCUBOOT_VERSION=${{ github.event.pull_request.head.sha }}" >> $GITHUB_ENV
+
+      - name: Checkout Zephyr
+        uses: actions/checkout@v2
+        with:
+          repository: 'zephyrproject-rtos/zephyr'
+          ref: ${{ env.ZEPHYR_VERSION }}
+          path: 'repos/zephyr'
+
+      - name: Setup Zephyr
+        working-directory: repos/zephyr
+        run: |
+          west init -l .
+          west update
+
+      - name: Checkout MCUBoot
+        uses: actions/checkout@v2
+        with:
+          repository: 'mcu-tools/mcuboot'
+          ref: ${{ env.MCUBOOT_VERSION }}
+          path: 'repos/bootloader/mcuboot'
+
+      - name: Run Twister tests
+        working-directory: repos/zephyr
+        env:
+          test_paths: >
+              -T ../bootloader/mcuboot/boot/zephyr
+              -T ./tests/subsys/dfu
+              -T ./samples/subsys/mgmt/mcumgr/smp_svr
+        run: |
+          export ZEPHYR_BASE=${PWD}
+          export ZEPHYR_TOOLCHAIN_VARIANT=zephyr
+          echo "Using Zephyr version: ${{ env.ZEPHYR_VERSION }}"
+          echo "Using Mcuboot version: ${{ env.MCUBOOT_VERSION }}"
+          ./scripts/twister --inline-logs -v -N -M --integration --overflow-as-errors --retry-failed 2 ${test_paths}
+
+      - name: Upload Tests Results
+        uses: actions/upload-artifact@v2
+        if: always()
+        with:
+          name: Tests Results
+          if-no-files-found: ignore
+          path: |
+            repos/zephyr/twister-out/twister.xml

README.md

@@ -16,7 +16,7 @@
 [travis]: https://travis-ci.org/mcu-tools/mcuboot
 [license]: https://github.com/mcu-tools/mcuboot/blob/main/LICENSE
 
-This is MCUboot version 1.9.0
+This is MCUboot version 1.10.0-dev
 
 MCUboot is a secure bootloader for 32-bits microcontrollers. It defines a
 common infrastructure for the bootloader and the system flash layout on

boot/espressif/bootloader.conf

@@ -3,13 +3,33 @@
 # SPDX-License-Identifier: Apache-2.0
 
 CONFIG_ESP_BOOTLOADER_SIZE=0xF000
-CONFIG_ESP_APPLICATION_PRIMARY_START_ADDRESS=0x10000
+CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS=0x10000
 CONFIG_ESP_APPLICATION_SIZE=0x100000
-CONFIG_ESP_APPLICATION_SECONDARY_START_ADDRESS=0x110000
+CONFIG_ESP_IMAGE0_SECONDARY_START_ADDRESS=0x110000
 CONFIG_ESP_MCUBOOT_WDT_ENABLE=y
 CONFIG_ESP_SCRATCH_OFFSET=0x210000
 CONFIG_ESP_SCRATCH_SIZE=0x40000
 
+# Enables multi image, if it is not defined, it is assumed
+# only one updatable image
+# CONFIG_ESP_IMAGE_NUMBER=2
+
+# Enables multi image boot on independent processors
+# (main host OS is not responsible for booting the second image)
+# Use only with CONFIG_ESP_IMAGE_NUMBER=2
+# CONFIG_ESP_MULTI_PROCESSOR_BOOT=y
+
+# Example of values to be used when multi image is enabled
+# Notice that the OS layer and update agent must be aware
+# of these regions
+# CONFIG_ESP_APPLICATION_SIZE=0x50000
+# CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS=0x10000
+# CONFIG_ESP_IMAGE0_SECONDARY_START_ADDRESS=0x60000
+# CONFIG_ESP_IMAGE1_PRIMARY_START_ADDRESS=0xB0000
+# CONFIG_ESP_IMAGE1_SECONDARY_START_ADDRESS=0x100000
+# CONFIG_ESP_SCRATCH_OFFSET=0x150000
+# CONFIG_ESP_SCRATCH_SIZE=0x40000
+
 # CONFIG_ESP_SIGN_EC256=y
 # CONFIG_ESP_SIGN_ED25519=n
 # CONFIG_ESP_SIGN_RSA=n

boot/espressif/hal/CMakeLists.txt

@@ -56,6 +56,7 @@ set(hal_srcs
     ${src_dir}/flash_encrypt.c
     ${src_dir}/${MCUBOOT_TARGET}/bootloader_init.c
     ${esp_idf_dir}/components/hal/mpu_hal.c
+    ${esp_idf_dir}/components/hal/soc_hal.c
     ${esp_idf_dir}/components/bootloader_support/src/bootloader_common_loader.c
     ${esp_idf_dir}/components/bootloader_support/src/bootloader_console_loader.c
     ${esp_idf_dir}/components/bootloader_support/src/bootloader_flash.c

boot/espressif/hal/include/app_cpu_start.h

@@ -0,0 +1,11 @@
+/*
+ * Copyright (c) 2022 Espressif Systems (Shanghai) Co., Ltd.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#pragma once
+
+#include <stdint.h>
+
+void appcpu_start(uint32_t entry_addr);

boot/espressif/hal/include/esp32/esp32.cmake

@@ -10,6 +10,12 @@ list(APPEND hal_srcs
     ${esp_idf_dir}/components/efuse/src/esp_efuse_api_key_esp32.c
     )
 
+if (DEFINED CONFIG_ESP_MULTI_PROCESSOR_BOOT)
+    list(APPEND hal_srcs
+        ${src_dir}/${MCUBOOT_TARGET}/app_cpu_start.c
+        )
+endif()
+
 list(APPEND LINKER_SCRIPTS
     -T${esp_idf_dir}/components/esp_rom/${MCUBOOT_TARGET}/ld/${MCUBOOT_TARGET}.rom.newlib-funcs.ld
     -T${esp_idf_dir}/components/esp_rom/${MCUBOOT_TARGET}/ld/${MCUBOOT_TARGET}.rom.eco3.ld

boot/espressif/hal/include/mcuboot_config/mcuboot_config.h

@@ -98,7 +98,11 @@
 
 /* Default number of separately updateable images; change in case of
  * multiple images. */
+#if defined(CONFIG_ESP_IMAGE_NUMBER)
+#define MCUBOOT_IMAGE_NUMBER CONFIG_ESP_IMAGE_NUMBER
+#else
 #define MCUBOOT_IMAGE_NUMBER 1
+#endif
 
 /*
  * Logging

boot/espressif/hal/src/esp32/app_cpu_start.c

@@ -0,0 +1,38 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include "app_cpu_start.h"
+
+#include "soc/dport_reg.h"
+#include "soc/gpio_periph.h"
+#include "soc/rtc_periph.h"
+#include "soc/rtc_cntl_reg.h"
+#include "esp32/rom/cache.h"
+#include "esp32/rom/uart.h"
+#include "esp_cpu.h"
+#include "esp_log.h"
+
+static const char *TAG = "app_cpu_start";
+
+void appcpu_start(uint32_t entry_addr)
+{
+    ESP_LOGI(TAG, "Starting APPCPU");
+
+    Cache_Flush(1);
+    Cache_Read_Enable(1);
+
+    esp_cpu_unstall(1);
+
+    DPORT_SET_PERI_REG_MASK(DPORT_APPCPU_CTRL_B_REG, DPORT_APPCPU_CLKGATE_EN);
+    DPORT_CLEAR_PERI_REG_MASK(DPORT_APPCPU_CTRL_C_REG, DPORT_APPCPU_RUNSTALL);
+    DPORT_SET_PERI_REG_MASK(DPORT_APPCPU_CTRL_A_REG, DPORT_APPCPU_RESETTING);
+    DPORT_CLEAR_PERI_REG_MASK(DPORT_APPCPU_CTRL_A_REG, DPORT_APPCPU_RESETTING);
+
+    ets_set_appcpu_boot_addr(entry_addr);
+    ets_delay_us(10000);
+    uart_tx_wait_idle(0);
+    ESP_LOGI(TAG, "APPCPU start sequence complete");
+}

boot/espressif/hal/src/flash_encrypt.c

@@ -15,6 +15,7 @@
 #include "esp_efuse_table.h"
 #include "esp_log.h"
 #include "hal/wdt_hal.h"
+#include "soc/soc_caps.h"
 
 #include "esp_mcuboot_image.h"
 
@@ -167,6 +168,26 @@ static esp_err_t initialise_flash_encryption(void)
         return err;
     }
 
+#if defined(SOC_SUPPORTS_SECURE_DL_MODE) && defined(CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE)
+    ESP_LOGI(TAG, "Enabling Secure Download mode...");
+    err = esp_efuse_enable_rom_secure_download_mode();
+    if (err != ESP_OK) {
+        ESP_LOGE(TAG, "Could not enable Secure Download mode...");
+        esp_efuse_batch_write_cancel();
+        return err;
+    }
+#elif CONFIG_SECURE_DISABLE_ROM_DL_MODE
+    ESP_LOGI(TAG, "Disable ROM Download mode...");
+    err = esp_efuse_disable_rom_download_mode();
+    if (err != ESP_OK) {
+        ESP_LOGE(TAG, "Could not disable ROM Download mode...");
+        esp_efuse_batch_write_cancel();
+        return err;
+    }
+#else
+    ESP_LOGW(TAG, "UART ROM Download mode kept enabled - SECURITY COMPROMISED");
+#endif
+
     err = esp_efuse_batch_write_commit();
     if (err != ESP_OK) {
         ESP_LOGE(TAG, "Error programming security eFuses (err=0x%x).", err);
@@ -213,7 +234,7 @@ static esp_err_t encrypt_flash_contents(uint32_t flash_crypt_cnt, bool flash_cry
      * This will need changes when implementing multi-slot support
      */
     ESP_LOGI(TAG, "Encrypting remaining flash...");
-    uint32_t region_addr = CONFIG_ESP_APPLICATION_SECONDARY_START_ADDRESS;
+    uint32_t region_addr = CONFIG_ESP_IMAGE0_SECONDARY_START_ADDRESS;
     size_t region_size = CONFIG_ESP_APPLICATION_SIZE;
     err = esp_flash_encrypt_region(region_addr, region_size);
     if (err != ESP_OK) {
@@ -226,6 +247,21 @@ static esp_err_t encrypt_flash_contents(uint32_t flash_crypt_cnt, bool flash_cry
         return err;
     }
 
+#if defined(CONFIG_ESP_IMAGE_NUMBER) && (CONFIG_ESP_IMAGE_NUMBER == 2)
+    region_addr = CONFIG_ESP_IMAGE1_PRIMARY_START_ADDRESS;
+    region_size = CONFIG_ESP_APPLICATION_SIZE;
+    err = esp_flash_encrypt_region(region_addr, region_size);
+    if (err != ESP_OK) {
+        return err;
+    }
+    region_addr = CONFIG_ESP_IMAGE1_SECONDARY_START_ADDRESS;
+    region_size = CONFIG_ESP_APPLICATION_SIZE;
+    err = esp_flash_encrypt_region(region_addr, region_size);
+    if (err != ESP_OK) {
+        return err;
+    }
+#endif
+
 #ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE
     // Go straight to max, permanently enabled
     ESP_LOGI(TAG, "Setting CRYPT_CNT for permanent encryption");
@@ -288,20 +324,20 @@ static esp_err_t encrypt_primary_slot(void)
     /* Check if the slot is plaintext or encrypted, 0x20 offset is for skipping
      * MCUboot header
      */
-    err = bootloader_flash_read(CONFIG_ESP_APPLICATION_PRIMARY_START_ADDRESS + 0x20,
+    err = bootloader_flash_read(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS + 0x20,
                                 &img_header, sizeof(esp_image_load_header_t), true);
     if (err != ESP_OK) {
         ESP_LOGE(TAG, "Failed to read slot img header");
         return err;
     } else {
-        err = verify_img_header(CONFIG_ESP_APPLICATION_PRIMARY_START_ADDRESS,
+        err = verify_img_header(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS,
                                 &img_header, true);
     }
 
     if (err == ESP_OK) {
         ESP_LOGI(TAG, "Encrypting primary slot...");
 
-        err = esp_flash_encrypt_region(CONFIG_ESP_APPLICATION_PRIMARY_START_ADDRESS,
+        err = esp_flash_encrypt_region(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS,
                                        CONFIG_ESP_APPLICATION_SIZE);
         if (err != ESP_OK) {
             ESP_LOGE(TAG, "Failed to encrypt slot in place: 0x%x", err);

boot/espressif/include/esp_loader.h

@@ -6,4 +6,4 @@
 
 #pragma once
 
-void esp_app_image_load(int slot, unsigned int hdr_offset);
+void esp_app_image_load(int image_index, int slot, unsigned int hdr_offset, unsigned int *entry_addr);

boot/espressif/include/sysflash/sysflash.h

@@ -4,6 +4,10 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
+#pragma once
+
+#include <mcuboot_config/mcuboot_config.h>
+
 //! A user-defined identifier for different storage mediums
 //! (i.e internal flash, external NOR flash, eMMC, etc)
 #define FLASH_DEVICE_INTERNAL_FLASH 0
@@ -12,14 +16,35 @@
 //! there is not slot
 #define FLASH_SLOT_DOES_NOT_EXIST 255
 
-//! NB: MCUboot expects this define to exist but it's only used
-//! if MCUBOOT_SWAP_USING_SCRATCH=1 is set
-#define FLASH_AREA_IMAGE_SCRATCH FLASH_SLOT_DOES_NOT_EXIST
-
 //! The slot we will use to track the bootloader allocation
 #define FLASH_AREA_BOOTLOADER 0
 
-//! A mapping to primary and secondary/upgrade slot
-//! given an image_index. We'll plan to use
-#define FLASH_AREA_IMAGE_PRIMARY(i) ((i == 0) ? 1 : 255)
-#define FLASH_AREA_IMAGE_SECONDARY(i) ((i == 0) ? 2 : 255)
+#define FLASH_AREA_IMAGE_0_PRIMARY 1
+#define FLASH_AREA_IMAGE_0_SECONDARY 2
+#define FLASH_AREA_IMAGE_SCRATCH 3
+#define FLASH_AREA_IMAGE_1_PRIMARY 4
+#define FLASH_AREA_IMAGE_1_SECONDARY 5
+
+#if (MCUBOOT_IMAGE_NUMBER == 1)
+#define FLASH_AREA_IMAGE_PRIMARY(x)    (((x) == 0) ?          \
+                                         FLASH_AREA_IMAGE_0_PRIMARY : \
+                                         FLASH_SLOT_DOES_NOT_EXIST)
+#define FLASH_AREA_IMAGE_SECONDARY(x)  (((x) == 0) ?          \
+                                         FLASH_AREA_IMAGE_0_SECONDARY : \
+                                         FLASH_SLOT_DOES_NOT_EXIST)
+
+#elif (MCUBOOT_IMAGE_NUMBER == 2)
+#define FLASH_AREA_IMAGE_PRIMARY(x)    (((x) == 0) ?          \
+                                         FLASH_AREA_IMAGE_0_PRIMARY : \
+                                        ((x) == 1) ?          \
+                                         FLASH_AREA_IMAGE_1_PRIMARY : \
+                                         FLASH_SLOT_DOES_NOT_EXIST)
+#define FLASH_AREA_IMAGE_SECONDARY(x)  (((x) == 0) ?          \
+                                         FLASH_AREA_IMAGE_0_SECONDARY : \
+                                        ((x) == 1) ?          \
+                                         FLASH_AREA_IMAGE_1_SECONDARY : \
+                                         FLASH_SLOT_DOES_NOT_EXIST)
+
+#else
+#warning "Image slot and flash area mapping is not defined"
+#endif