Meta upmerge #403
Open
Meta upmerge #403
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Karambite <01sudesh.e@gmail.com>
Add m5stack_cores3/esp32s3/procpu and m5stack_cores3/esp32s3/procpu/se board targets. Adds an overlay to disable devices that cause dependency conflicts. Signed-off-by: TOKITA Hiroshi <tokita.hiroshi@gmail.com>
Adds PureEdDSA signature support. The change includes implementation of SIG_PURE TLV that, when present, indicates the signature that is present is Pure type. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> Signed-off-by: Mateusz Michalek <mateusz.michalek@nordicsemi.no>
Upgrade using move decreases flash wear and is now the default mode used by Zephyr. The implementation is done by MCUboot itself, so it is just a matter of setting the correct define to enable it. Swap using move was successfully tested with ESP32C6. Signed-off-by: Martin Jäger <martin@libre.solar>
Signed-off-by: Jamie Smith <jsmith@crackofdawn.onmicrosoft.com>
This TLV is needed in order to know what the data length provided to the decompression system is to remove the padding that is a resultant of the encryption block size Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Add CONFIG_BOOTLOADER_FLASH_XMC_SUPPORT macro to esp32s3 sdkconfig.h Signed-off-by: Almir Okato <almir.okato@espressif.com>
Update SoC x RTOS status for ESP32-C2, ESP32-C6 and ESP32-H2 Also add missing cd command to the guide Signed-off-by: Almir Okato <almir.okato@espressif.com>
Verify if IDF-based HAL version is supported Signed-off-by: Almir Okato <almir.okato@espressif.com>
Signed-off-by: Michael Konieczny <mk@m5k8.net>
adds TLV which stores compressed image size in case encryption is on. This is to avoid wrong streaam size due to encryption padding. Signed-off-by: Mateusz Michalek <mateusz.michalek@nordicsemi.no>
Fixes some issues whereby some variables were not initialised, and undefined values were wrongly used instead Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds a note about a fix for unitialised variables Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Add additional regions in loader to include RTC, LP, IROM and DROM information. Signed-off-by: Sylvio Alves <sylvio.alves@espressif.com>
The mapping does not seem to be needed as scratch is opened directly, and there is only one for all images anyway. Simulator seems to error out when asked to identify scratch with this function. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Need to define MBEDTLS_ASN1_PARSE_C to be able to see ASN1 functions declarations from mbedTLS. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This commit fixes issue where even if Zephyr provided mbedTLS module was used, ASN1 decoding procedures have been taken from MCUboot own version of mbedTLS extracted sources for these functions. To be able to do that this commit changes config file used with mbedTLS with the one provided from Zephyr (the generic one), which allows to select required mbedTLS features via Kconfig options exposed by Zephyr. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Adds imgtool and cbor to be automatically installed when using the west packages command, instead of residing in zephyr itself Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The commit enables SHA512 support, for image hashing, with TinyCrypt. Although on 32bit machines the SHA256 will be faster than SHA512, benefit of enabling the SHA512 is that you have only one algorithm compiled in which reduces size of code. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit add support for passing storage device address space to hash calculation functions, which allows to use hardware accelerated hash calculation on storage. This feature only works when image encryption is not enabled and all slots are defined within internal storage of device. The feature is enabled with MCUboot configuration option MCUBOOT_HASH_STORAGE_DIRECTLY. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds support for PureEdDSA, which validates signature of image rather than hash. This is most secure, available, ED25519 usage in MCUboot, but due to requirement of PureEdDSA to be able to calculate signature at whole message at once, here image, it only works on setups where entire image can be mapped to device address space, so that PSA functions calculating the signature can see the whole image at once. The feature is enabled with MCUBOOT_SIGN_PURE MCUboot configuration option. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Select BOOT_IMG_HASH_ALG_SHA512_ALLOW via BOOT_ED25519_TINYCRYPT. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Adds CONFIG_BOOT_IMG_HASH_DIRECTLY_ON_STORAGE, which enables MCUBOOT_HASH_STORAGE_DIRECTLY for Zephyr. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Commit adds CONFIG_BOOT_SIGNATURE_TYPE_PURE Kconfig option, which enables MCUBOOT_SIGN_PURE in MCUboot configuration. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Refactors some functions so that the state variable is present in it Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds a new variation of the swap using move mode, named swap using offset, whereby instead of moving all the sectors in the primary image, the sectors in the secondary image are offset instead. This fastens image swapping time both for updates and reverts as each sector in both slots is erased only once, which also reduces flash wear, and uses less swap status bits to represent Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds support for using this mode to zephyr Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds support for getting the sector size of less sectors than are in an image, which mirrors support in zephyr and allows getting just the size of the first sector in an image Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Enables testing this new mode Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes not using a pointer as a pointer Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds support for LZMA-compressed firmware updates Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 474a922)
* Add functions for ecdsa_verify_secp256r1 and sha256 to use the shared crypto API * Add Kconfig and CMake variables for selecting shared crypto when using ecdsa * Add custom section to project for placing the API section in the correct location in flash * Add kconfig fragment for using external crypto Signed-off-by: Sigvart Hovland <sigvart.m@gmail.com> Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no> Signed-off-by: Emil Obalski <emil.obalski@nordicsemi.no> Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no> Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no> Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no> Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no> Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no> Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no> Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no> Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 049e896)
The commit provides implementation of image verification with ed25519 and encryption/decryption support where random key is encrypted using x25519. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 2c3c181)
nordicjm
force-pushed
the
meta-upmerge
branch
2 times, most recently
from
3380fca to
618b62e
Compare
Adds support for ARM thumb filter usage for compressed firmware updates. Also adds support to the compressed image update for allowing encrypted images and removes the limit of having 1 updateable image Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> (cherry picked from commit 390c468)
Previously PCD memory was locked as read-only, non-secure in MCUboot. Given that TF-M also needs write to PCD to communicate with b0n, the memory is left unlocked and locked to read-only, non-secure in TF-M. Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no> (cherry picked from commit ad56ff5)
Adds support for image IDs that are assigned by sysbuild, which allows for dynamically supporting different configurations without needing dummy images to support different modes. Also fixes multiple deficiencies with the previous code where things were not properly accounted for e.g. using the swap algorithm including all swap status parts when updating s0/s1 MCUboot image which could overwrite and corrupt the image data in the other slot Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> (cherry picked from commit 43d4739) (cherry picked from commit c09c22a) (cherry picked from commit 3a25855)
Adds a check that will also check the s0/s1 package version of the currently running MCUboot against a MCUboot update image to ensure that an older version of MCUboot isn't loaded to the opposite slot Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> (cherry picked from commit 63e53ed)
Update the configuration files for the Thingy:91 X targets to the ones used in production. Signed-off-by: Maximilian Deubel <maximilian.deubel@nordicsemi.no> (cherry picked from commit 78211ab)
Enable backporting of PRs. Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no> (cherry picked from commit 7058149)
Moved configs from nrf54l15pdk. Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no> (cherry picked from commit bd64752)
Set of changes to Kconfig, CMakeLists.txt and some of headers that are required for the PSA support to compile. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 00f35bb)
Use SHA512 directly calculated over image with the ED25519 signature. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 5a6676c)
The commit adds support for PureEdDSA, which validates signature of image rather than hash. This is most secure, available, ED25519 usage in MCUboot, but due to requirement of PureEdDSA to be able to calculate signature at whole message at once, here image, it only works on setups where entire image can be mapped to device address space, so that PSA functions calculating the signature can see the whole image at once. This option is enabled with Kconfig option: CONFIG_BOOT_SIGNATURE_TYPE_PURE when the ED25519 signature type is already selected. Note that the option will enable SHA512 for calculating public key hash. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 1a2f5f6)
…CTORS_AUTO Automatic calculation are based on DTS data which are no the right source on partition layout in case Partition manager does the partitioning. Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no> Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit d09c5a0)
The commit adds verification of image using keys stored in KMU. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit 6e0c2b8)
Adds selecting the experimental Kconfig when compession is in use Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no> (cherry picked from commit ff3c31f)
Adds a new Kconfig CONFIG_BOOT_SIGNATURE_KMU_SLOTS which allows specifying how many KMU key IDs are supported, the default is set to 1 instead of 3 which was set before NCSDK-30743 Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> (cherry picked from commit 12e5ee1)
…sion fixup! [nrf noup] bootutil: Add support for KMU stored ED25519 signature key This adds the additional code required so that the compression feature can be used with keys that reside in the KMU Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> (cherry picked from commit 0343424)
Adds additional conditions that lets the direct upload option to be selected on nRF5340 to allow for uploading network core updates directly to the network core with the flash simulator Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> (cherry picked from commit b82206c)
Configured CONFIG_NRF_RRAM_WRITE_BUFFER_SIZE=32 Which ensure the fastest bulk RRAM write operations. Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no> (cherry picked from commit 0a910b6)
Removes stray child/parent references Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no> (cherry picked from commit 99d4ae9)
MCUboot uses SOC_FLASH_0_ID and SPI_FLASH_0_ID to distinguish between internal and external boot device. These IDs are provided by sysflash.h, but the pm_sysflash.h overrides entire file, and was lacking that definitions. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Disabled NCS BOOT BANNER to save some flash, as Thingy:53 stopped to fit in the mcuboot partition. The boot banner is not used anyway, as logs are disabled. Signed-off-by: Kamil Kasperczyk <kamil.kasperczyk@nordicsemi.no>
Adds check to region of mcuboot_secondary_1 to put it in external flash only if CONFIG_PM_EXTERNAL_FLASH_MCUBOOT_SECONDARY is set. This should allow for DFU from internal flash on the nRF5340 with dynamic partitioning. Also fixing a typo. Signed-off-by: Sigurd Hellesvik <sigurd.hellesvik@nordicsemi.no>
Fixes selections for NCS additions Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Test fix, DO NOT MERGE Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.