WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'update-flags-in-boot-partition' into stm32l5

pull/50/head
Daniele Lacamera 2020-09-28 16:35:38 +02:00
parent 9f04c6242e b0fbafe014
commit cbe002fad7
11 changed files with 433 additions and 208 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

193
Makefile
View File

@ -22,197 +22,17 @@ WOLFCRYPT_OBJS:=
PUBLIC_KEY_OBJS:=
UPDATE_OBJS:=
ifeq ($(SIGN),RSA4096)
SPMATH=0
endif
## Architecture/CPU configuration
include arch.mk
## DSA Settings
ifeq ($(SIGN),ECC256)
KEYGEN_OPTIONS+=--ecc256
SIGN_OPTIONS+=--ecc256
PRIVATE_KEY=ecc256.der
WOLFCRYPT_OBJS+= \
$(MATH_OBJS) \
./lib/wolfssl/wolfcrypt/src/ecc.o \
./lib/wolfssl/wolfcrypt/src/memory.o \
./lib/wolfssl/wolfcrypt/src/wc_port.o \
./lib/wolfssl/wolfcrypt/src/hash.o \
./src/xmalloc_ecc.o
CFLAGS+=-DWOLFBOOT_SIGN_ECC256 -DXMALLOC_USER
ifeq ($(WOLFTPM),0)
CFLAGS+=-Wstack-usage=1024
else
CFLAGS+=-Wstack-usage=6680
endif
PUBLIC_KEY_OBJS=./src/ecc256_pub_key.o
endif
ifeq ($(SIGN),ED25519)
KEYGEN_OPTIONS+=--ed25519
SIGN_OPTIONS+=--ed25519
PRIVATE_KEY=ed25519.der
WOLFCRYPT_OBJS+= ./lib/wolfssl/wolfcrypt/src/sha512.o \
./lib/wolfssl/wolfcrypt/src/ed25519.o \
./lib/wolfssl/wolfcrypt/src/ge_low_mem.o \
./lib/wolfssl/wolfcrypt/src/hash.o \
./lib/wolfssl/wolfcrypt/src/wolfmath.o \
./lib/wolfssl/wolfcrypt/src/wc_port.o \
./lib/wolfssl/wolfcrypt/src/fe_low_mem.o
PUBLIC_KEY_OBJS=./src/ed25519_pub_key.o
CFLAGS+=-DWOLFBOOT_SIGN_ED25519 -Wstack-usage=1024
endif
ifeq ($(SIGN),RSA2048)
KEYGEN_OPTIONS+=--rsa2048
SIGN_OPTIONS+=--rsa2048
PRIVATE_KEY=rsa2048.der
IMAGE_HEADER_SIZE=512
WOLFCRYPT_OBJS+= \
$(RSA_EXTRA_OBJS) \
$(MATH_OBJS) \
./lib/wolfssl/wolfcrypt/src/rsa.o \
./lib/wolfssl/wolfcrypt/src/asn.o \
./lib/wolfssl/wolfcrypt/src/hash.o \
./lib/wolfssl/wolfcrypt/src/wc_port.o \
./src/xmalloc_rsa.o
PUBLIC_KEY_OBJS=./src/rsa2048_pub_key.o
CFLAGS+=-DWOLFBOOT_SIGN_RSA2048 -DXMALLOC_USER $(RSA_EXTRA_CFLAGS) \
-DIMAGE_HEADER_SIZE=512
ifeq ($(WOLFTPM),0)
CFLAGS+=-Wstack-usage=12288
else
CFLAGS+=-Wstack-usage=8320
endif
endif
ifeq ($(SIGN),RSA4096)
KEYGEN_OPTIONS+=--rsa4096
SIGN_OPTIONS+=--rsa4096
PRIVATE_KEY=rsa4096.der
IMAGE_HEADER_SIZE=1024
WOLFCRYPT_OBJS+= \
$(RSA_EXTRA_OBJS) \
$(MATH_OBJS) \
./lib/wolfssl/wolfcrypt/src/rsa.o \
./lib/wolfssl/wolfcrypt/src/asn.o \
./lib/wolfssl/wolfcrypt/src/hash.o \
./lib/wolfssl/wolfcrypt/src/wolfmath.o \
./lib/wolfssl/wolfcrypt/src/wc_port.o \
./src/xmalloc_rsa.o
PUBLIC_KEY_OBJS=./src/rsa4096_pub_key.o
CFLAGS+=-DWOLFBOOT_SIGN_RSA4096 -DXMALLOC_USER $(RSA_EXTRA_CFLAGS) \
-DIMAGE_HEADER_SIZE=1024
ifeq ($(WOLFTPM),0)
CFLAGS+=-Wstack-usage=12288
else
CFLAGS+=-Wstack-usage=10680
endif
endif
# Parse config options
include options.mk
CFLAGS+=-Wall -Wextra -Wno-main -ffreestanding -Wno-unused \
-I. -Iinclude/ -Ilib/wolfssl -nostartfiles \
-DWOLFSSL_USER_SETTINGS \
-DPLATFORM_$(TARGET)
ifeq ($(RAM_CODE),1)
CFLAGS+= -DRAM_CODE
endif
ifeq ($(DUALBANK_SWAP),1)
CFLAGS+= -DDUALBANK_SWAP
endif
ifeq ($(SPI_FLASH),1)
EXT_FLASH=1
CFLAGS+= -DSPI_FLASH=1
OBJS+= src/spi_flash.o
WOLFCRYPT_OBJS+=hal/spi/spi_drv_$(SPI_TARGET).o
endif
ifeq ($(UART_FLASH),1)
EXT_FLASH=1
endif
ifeq ($(ENCRYPT),1)
CFLAGS+=-DEXT_ENCRYPTED=1
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/chacha.o
endif
ifeq ($(EXT_FLASH),1)
CFLAGS+= -DEXT_FLASH=1 -DPART_UPDATE_EXT=1 -DPART_SWAP_EXT=1
ifeq ($(NO_XIP),1)
CFLAGS+=-DPART_BOOT_EXT=1
endif
ifeq ($(UART_FLASH),1)
CFLAGS+=-DUART_FLASH=1
OBJS+=src/uart_flash.o
WOLFCRYPT_OBJS+=hal/uart/uart_drv_$(UART_TARGET).o
endif
endif
ifeq ($(ALLOW_DOWNGRADE),1)
CFLAGS+= -DALLOW_DOWNGRADE
endif
ifeq ($(NVM_FLASH_WRITEONCE),1)
CFLAGS+= -DNVM_FLASH_WRITEONCE
endif
ifeq ($(DEBUG),1)
CFLAGS+=-O0 -g -ggdb3 -DDEBUG=1
else
CFLAGS+=-Os
endif
ifeq ($(V),0)
Q=@
endif
ifeq ($(NO_MPU),1)
CFLAGS+=-DWOLFBOOT_NO_MPU
endif
ifeq ($(VTOR),0)
CFLAGS+=-DNO_VTOR
endif
ifeq ($(PKA),1)
OBJS += $(PKA_EXTRA_OBJS)
CFLAGS+=$(PKA_EXTRA_CFLAGS)
endif
OBJS+=$(PUBLIC_KEY_OBJS)
OBJS+=$(UPDATE_OBJS)
ifeq ($(WOLFTPM),1)
OBJS += lib/wolfTPM/src/tpm2.o \
lib/wolfTPM/src/tpm2_packet.o \
lib/wolfTPM/src/tpm2_tis.o \
lib/wolfTPM/src/tpm2_wrap.o
CFLAGS+=-DWOLFBOOT_TPM -DSIZEOF_LONG=4 -Ilib/wolfTPM \
-DMAX_COMMAND_SIZE=1024 -DMAX_RESPONSE_SIZE=1024 -DWOLFTPM2_MAX_BUFFER=1500 \
-DMAX_SESSION_NUM=1 -DMAX_DIGEST_BUFFER=973 \
-DWOLFTPM_SMALL_STACK
# Chip Type: WOLFTPM_SLB9670, WOLFTPM_ST33, WOLFTPM_MCHP
CFLAGS+=-DWOLFTPM_SLB9670
# Use TPM for hashing (slow)
#CFLAGS+=-DWOLFBOOT_HASH_TPM
ifneq ($(SPI_FLASH),1)
WOLFCRYPT_OBJS+=hal/spi/spi_drv_$(SPI_TARGET).o
endif
endif
OBJS+=$(WOLFCRYPT_OBJS)
MAIN_TARGET=factory.bin
ifeq ($(TARGET),stm32l5)
@ -220,7 +40,6 @@ ifeq ($(TARGET),stm32l5)
MAIN_TARGET:=wolfboot.bin test-app/image_v1_signed.bin
endif
ASFLAGS:=$(CFLAGS)
all: $(MAIN_TARGET)
@ -288,7 +107,8 @@ wolfboot.elf: include/target.h $(OBJS) $(LSCRIPT) FORCE
$(LSCRIPT): hal/$(TARGET).ld .bootloader-partition-size FORCE
@cat hal/$(TARGET).ld | \
sed -e "s/##WOLFBOOT_PARTITION_BOOT_ADDRESS##/`cat .bootloader-partition-size`/g" \
sed -e "s/##WOLFBOOT_PARTITION_BOOT_ADDRESS##/`cat .bootloader-partition-size`/g" | \
sed -e "s/##WOLFBOOT_ORIGIN##/$(WOLFBOOT_ORIGIN)/g" \
> $@
hex: wolfboot.hex
@ -311,6 +131,7 @@ clean:
@find . -type f -name "*.o" | xargs rm -f
@rm -f *.bin *.elf wolfboot.map *.bin *.hex config/target.ld .bootloader-partition-size
@make -C test-app clean
@make -C tools/check_config clean
distclean: clean
@rm -f *.pem *.der tags ./src/ed25519_pub_key.c ./src/ecc256_pub_key.c ./src/rsa2048_pub_key.c include/target.h
@ -332,6 +153,10 @@ include/target.h: include/target.h.in FORCE
config: FORCE
make -C config
check_config:
make -C tools/check_config
../src/libwolfboot.o: ../src/libwolfboot.c FORCE
@echo "\t[CC-$(ARCH)] $@"
$(Q)$(CC) $(CFLAGS) -c -o $@ ../src/libwolfboot.c

16
arch.mk
View File

@ -18,17 +18,6 @@ SPI_TARGET=$(TARGET)
# Default UART driver name
UART_TARGET=$(TARGET)
## Hash settings
ifeq ($(HASH),SHA256)
CFLAGS+=-DWOLFBOOT_HASH_SHA256
endif
ifeq ($(HASH),SHA3)
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/sha3.o
CFLAGS+=-DWOLFBOOT_HASH_SHA3_384
SIGN_OPTIONS+=--sha3
endif
# Include SHA256 module because it's implicitly needed by RSA
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/sha256.o
@ -78,6 +67,11 @@ ifeq ($(ARCH),ARM)
CORTEX_M33=1
CFLAGS+=-Ihal -DCORTEX_M33
ARCH_FLASH_OFFSET=0x08000000
ifeq ($(TZEN),1)
WOLFBOOT_ORIGIN=0x0C000000
else
WOLFBOOT_ORIGIN=0x08000000
endif
endif
## Cortex-M CPU

50
docs/compile.md
View File

@ -120,6 +120,15 @@ stage, or on these platform that do not support interrupt vector relocation.
To disable interrupt vector table relocation, compile with `VTOR=0`. By default, wolfBoot will relocate the
interrupt vector by setting the offset in the vector relocation offset register (VTOR).
### Disable Backup of current running firmware
Optionally, it is possible to disable the backup copy of the current running firmware upon the installation of the
update. This implies that no fall-back mechanism is protecting the target from a faulty firmware installation, but may be useful
in some cases where it is not possible to write on the update partition from the bootloader.
The associated compile-time option is
`DISABLE_BACKUP=1`
### Enable workaround for 'write once' flash memories
On some microcontrollers, the internal flash memory does not allow subsequent writes (adding zeroes) to a
@ -158,6 +167,33 @@ copied in RAM to boot after verification.
When external memory is used, the HAL API must be extended to define methods to access the custom memory.
Refer to the [HAL](HAL.md) page for the description of the `ext_flash_*` API.
#### SPI devices
In combination with the `EXT_FLASH=1` configuration parameter, it is possible to use a platform-specific SPI drivers,
e.g. to access an external SPI flash memory. By compiling wolfBoot with the makefile option `SPI_FLASH=1`, the external
memory is directly mapped to the additional SPI layer, so the user does not have to define the `ext_flash_*` functions.
SPI functions, instead, must be defined. Example SPI drivers are available for multiple platforms in the [hal/spi](../hal/spi) directory.
#### UART bridge towards neighbor systems
Another alternative available to map external devices consists in enabling a UART bridge towards a neighbor system.
The neighbor system must expose a service through the UART interface that is compatible with the wolfBoot protocol.
In the same way as for SPI devices, the `ext_flash_*` API is automatically defined by wolfBoot when the option `UART_FLASH=1` is used.
For more details, see the manual page [Remote External flash memory support via UART](remote_flash.md)
#### Encryption support for external partitions
When update and swap partitions are mapped to an external device using `EXT_FLASH=1`, either in combination with `SPI_FLASH`,
`UART_FLASH`, or any custom external mapping, it is possible to enable ChaCha20 encryption when accessing those partition from the
bootloader. The update images must be pre-encrypted at the source using the key tools, and wolfBoot should be instructed to use a temporary
ChaCha20 symmetric key to access the content of the updates.
For more details about this optional feature, please refer to the [Encrypted external partitions](encrypted_partitions.md) manual page.
### Executing flash access code from RAM
On some platform, flash access code requires to be executed from RAM, to avoid conflict e.g. when writing
@ -171,6 +207,20 @@ To move all the code accessing the internal flash for writing, into a section in
When supported by the target platform, hardware-assisted dual-bank swapping can be used to perform updates.
To enable this functionality, use `DUALBANK_SWAP=1`. Currently, only STM32F76x and F77x support this feature.
### Store UPDATE partition flags in a sector in the BOOT partition
By default, wolfBoot keeps track of the status of the update procedure to the single sectors in a specific area at the end of each partition, dedicated
to store and retrieve a set of flags associated to the partition itself.
In some cases it might be helpful to store the status flags related to the UPDATE partition and its sectors in the internal flash, alongside with
the same set of flags used for the BOOT partition. By compiling wolfBoot with the `FLAGS_HOME=1` makefile option, the flags
associated to the UPDATE partition are stored in the BOOT partition itself.
While on one hand this option slightly reduces the space available in the BOOT partition to store the firmware image, it keeps all the flags in
the BOOT partition.
### Using Mac OS/X
If you see 0xC3 0xBF (C3BF) repeated in your factory.bin then your OS is using Unicode characters.

3
hal/stm32l5.c
View File

@ -180,9 +180,12 @@
#define FLASH_CR_BKER (1 << 11)
#define FLASH_CR_MER2 (1 << 15)
#define FLASH_CR_STRT (1 << 16)
#define FLASH_CR_OPTSTRT (1 << 17)
#define FLASH_CR_EOPIE (1 << 24)
#define FLASH_CR_ERRIE (1 << 25)
#define FLASH_CR_INV (1 << 29)
#define FLASH_CR_OBL_LAUNCH (1 << 27)
#define FLASH_CR_OPTLOCK (1 << 30)
#define FLASH_CR_LOCK (1 << 31)

4
hal/stm32l5.ld
View File

@ -1,7 +1,7 @@
MEMORY
{
FLASH (rx) : ORIGIN = 0x08000000, LENGTH = 0x003FFFF
RAM (rwx) : ORIGIN = 0x30000000, LENGTH = 0x00020000
FLASH (rx) : ORIGIN = ##WOLFBOOT_ORIGIN##, LENGTH = ##WOLFBOOT_PARTITION_BOOT_ADDRESS##
RAM (rwx) : ORIGIN = 0x30000000, LENGTH = 0x00017FFF
}
SECTIONS

200
options.mk 100644
View File

@ -0,0 +1,200 @@
ifeq ($(SIGN),RSA4096)
SPMATH=0
endif
## DSA Settings
ifeq ($(SIGN),ECC256)
KEYGEN_OPTIONS+=--ecc256
SIGN_OPTIONS+=--ecc256
PRIVATE_KEY=ecc256.der
WOLFCRYPT_OBJS+= \
$(MATH_OBJS) \
./lib/wolfssl/wolfcrypt/src/ecc.o \
./lib/wolfssl/wolfcrypt/src/memory.o \
./lib/wolfssl/wolfcrypt/src/wc_port.o \
./lib/wolfssl/wolfcrypt/src/hash.o \
./src/xmalloc_ecc.o
CFLAGS+=-DWOLFBOOT_SIGN_ECC256 -DXMALLOC_USER
ifeq ($(WOLFTPM),0)
CFLAGS+=-Wstack-usage=1024
else
CFLAGS+=-Wstack-usage=6680
endif
PUBLIC_KEY_OBJS=./src/ecc256_pub_key.o
endif
ifeq ($(SIGN),ED25519)
KEYGEN_OPTIONS+=--ed25519
SIGN_OPTIONS+=--ed25519
PRIVATE_KEY=ed25519.der
WOLFCRYPT_OBJS+= ./lib/wolfssl/wolfcrypt/src/sha512.o \
./lib/wolfssl/wolfcrypt/src/ed25519.o \
./lib/wolfssl/wolfcrypt/src/ge_low_mem.o \
./lib/wolfssl/wolfcrypt/src/hash.o \
./lib/wolfssl/wolfcrypt/src/wolfmath.o \
./lib/wolfssl/wolfcrypt/src/wc_port.o \
./lib/wolfssl/wolfcrypt/src/fe_low_mem.o
PUBLIC_KEY_OBJS=./src/ed25519_pub_key.o
CFLAGS+=-DWOLFBOOT_SIGN_ED25519 -Wstack-usage=1024
endif
ifeq ($(SIGN),RSA2048)
KEYGEN_OPTIONS+=--rsa2048
SIGN_OPTIONS+=--rsa2048
PRIVATE_KEY=rsa2048.der
IMAGE_HEADER_SIZE=512
WOLFCRYPT_OBJS+= \
$(RSA_EXTRA_OBJS) \
$(MATH_OBJS) \
./lib/wolfssl/wolfcrypt/src/rsa.o \
./lib/wolfssl/wolfcrypt/src/asn.o \
./lib/wolfssl/wolfcrypt/src/hash.o \
./lib/wolfssl/wolfcrypt/src/wc_port.o \
./src/xmalloc_rsa.o
PUBLIC_KEY_OBJS=./src/rsa2048_pub_key.o
CFLAGS+=-DWOLFBOOT_SIGN_RSA2048 -DXMALLOC_USER $(RSA_EXTRA_CFLAGS) \
-DIMAGE_HEADER_SIZE=512
ifeq ($(WOLFTPM),0)
CFLAGS+=-Wstack-usage=12288
else
CFLAGS+=-Wstack-usage=8320
endif
endif
ifeq ($(SIGN),RSA4096)
KEYGEN_OPTIONS+=--rsa4096
SIGN_OPTIONS+=--rsa4096
PRIVATE_KEY=rsa4096.der
IMAGE_HEADER_SIZE=1024
WOLFCRYPT_OBJS+= \
$(RSA_EXTRA_OBJS) \
$(MATH_OBJS) \
./lib/wolfssl/wolfcrypt/src/rsa.o \
./lib/wolfssl/wolfcrypt/src/asn.o \
./lib/wolfssl/wolfcrypt/src/hash.o \
./lib/wolfssl/wolfcrypt/src/wolfmath.o \
./lib/wolfssl/wolfcrypt/src/wc_port.o \
./src/xmalloc_rsa.o
PUBLIC_KEY_OBJS=./src/rsa4096_pub_key.o
CFLAGS+=-DWOLFBOOT_SIGN_RSA4096 -DXMALLOC_USER $(RSA_EXTRA_CFLAGS) \
-DIMAGE_HEADER_SIZE=1024
ifeq ($(WOLFTPM),0)
CFLAGS+=-Wstack-usage=12288
else
CFLAGS+=-Wstack-usage=10680
endif
endif
ifeq ($(RAM_CODE),1)
CFLAGS+= -DRAM_CODE
endif
ifeq ($(FLAGS_HOME),1)
CFLAGS+=-DFLAGS_HOME=1
endif
ifeq ($(DUALBANK_SWAP),1)
CFLAGS+=-DDUALBANK_SWAP=1
endif
ifeq ($(SPI_FLASH),1)
EXT_FLASH=1
CFLAGS+=-DSPI_FLASH=1
OBJS+= src/spi_flash.o
WOLFCRYPT_OBJS+=hal/spi/spi_drv_$(SPI_TARGET).o
endif
ifeq ($(UART_FLASH),1)
EXT_FLASH=1
endif
ifeq ($(ENCRYPT),1)
CFLAGS+=-DEXT_ENCRYPTED=1
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/chacha.o
endif
ifeq ($(EXT_FLASH),1)
CFLAGS+= -DEXT_FLASH=1 -DPART_UPDATE_EXT=1 -DPART_SWAP_EXT=1
ifeq ($(NO_XIP),1)
CFLAGS+=-DPART_BOOT_EXT=1
endif
ifeq ($(UART_FLASH),1)
CFLAGS+=-DUART_FLASH=1
OBJS+=src/uart_flash.o
WOLFCRYPT_OBJS+=hal/uart/uart_drv_$(UART_TARGET).o
endif
endif
ifeq ($(ALLOW_DOWNGRADE),1)
CFLAGS+= -DALLOW_DOWNGRADE
endif
ifeq ($(NVM_FLASH_WRITEONCE),1)
CFLAGS+= -DNVM_FLASH_WRITEONCE
endif
ifeq ($(DISABLE_BACKUP),1)
CFLAGS+= -DDISABLE_BACKUP
endif
ifeq ($(DEBUG),1)
CFLAGS+=-O0 -g -ggdb3 -DDEBUG=1
else
CFLAGS+=-Os
endif
ifeq ($(V),0)
Q=@
endif
ifeq ($(NO_MPU),1)
CFLAGS+=-DWOLFBOOT_NO_MPU
endif
ifeq ($(VTOR),0)
CFLAGS+=-DNO_VTOR
endif
ifeq ($(PKA),1)
OBJS += $(PKA_EXTRA_OBJS)
CFLAGS+=$(PKA_EXTRA_CFLAGS)
endif
OBJS+=$(PUBLIC_KEY_OBJS)
OBJS+=$(UPDATE_OBJS)
ifeq ($(WOLFTPM),1)
OBJS += lib/wolfTPM/src/tpm2.o \
lib/wolfTPM/src/tpm2_packet.o \
lib/wolfTPM/src/tpm2_tis.o \
lib/wolfTPM/src/tpm2_wrap.o
CFLAGS+=-DWOLFBOOT_TPM -DSIZEOF_LONG=4 -Ilib/wolfTPM \
-DMAX_COMMAND_SIZE=1024 -DMAX_RESPONSE_SIZE=1024 -DWOLFTPM2_MAX_BUFFER=1500 \
-DMAX_SESSION_NUM=1 -DMAX_DIGEST_BUFFER=973 \
-DWOLFTPM_SMALL_STACK
# Chip Type: WOLFTPM_SLB9670, WOLFTPM_ST33, WOLFTPM_MCHP
CFLAGS+=-DWOLFTPM_SLB9670
# Use TPM for hashing (slow)
#CFLAGS+=-DWOLFBOOT_HASH_TPM
ifneq ($(SPI_FLASH),1)
WOLFCRYPT_OBJS+=hal/spi/spi_drv_$(SPI_TARGET).o
endif
endif
OBJS+=$(WOLFCRYPT_OBJS)
## Hash settings
ifeq ($(HASH),SHA256)
CFLAGS+=-DWOLFBOOT_HASH_SHA256
endif
ifeq ($(HASH),SHA3)
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/sha3.o
CFLAGS+=-DWOLFBOOT_HASH_SHA3_384
SIGN_OPTIONS+=--sha3
endif

35
src/libwolfboot.c
View File

@ -59,14 +59,29 @@ static uint32_t ext_cache;
#endif
static const uint32_t wolfboot_magic_trail = WOLFBOOT_MAGIC_TRAIL;
/* Top addresses for FLAGS field
* - PART_BOOT_ENDFLAGS = top of flags for BOOT partition
* - PART_UPDATE_ENDFLAGS = top of flags for UPDATE_PARTITION
*/
#ifndef TRAILER_SKIP
# define TRAILER_SKIP 0
#endif
#define PART_BOOT_ENDFLAGS (WOLFBOOT_PARTITION_BOOT_ADDRESS + ENCRYPT_TMP_SECRET_OFFSET)
#define TRAILER_OVERHEAD (4 + 1 + (WOLFBOOT_PARTITION_SIZE / (8 * WOLFBOOT_SECTOR_SIZE))) /* MAGIC + PART_FLAG (1B) + (N_SECTORS / 8) */
#define START_FLAGS_OFFSET (ENCRYPT_TMP_SECRET_OFFSET - TRAILER_OVERHEAD)
#define FLAGS_BOOT_EXT() PARTN_IS_EXT(PART_BOOT)
#ifdef FLAGS_HOME
/* All FLAGS live at the end of the boot partition: */
#define PART_UPDATE_ENDFLAGS (((PART_BOOT_ENDFLAGS - TRAILER_OVERHEAD) / WOLFBOOT_SECTOR_SIZE) * WOLFBOOT_SECTOR_SIZE)
#define FLAGS_UPDATE_EXT() PARTN_IS_EXT(PART_BOOT)
#else
/* FLAGS are at the end of each partition */
#define PART_UPDATE_ENDFLAGS (WOLFBOOT_PARTITION_UPDATE_ADDRESS + ENCRYPT_TMP_SECRET_OFFSET)
#define START_FLAGS_OFFSET (ENCRYPT_TMP_SECRET_OFFSET - (1 + (WOLFBOOT_PARTITION_SIZE / (8 * WOLFBOOT_SECTOR_SIZE))))
#define FLAGS_UPDATE_EXT() PARTN_IS_EXT(PART_UPDATE)
#endif
#ifdef NVM_FLASH_WRITEONCE
#include <stddef.h>
@ -111,7 +126,7 @@ int RAMFUNCTION hal_set_partition_magic(uint32_t addr)
static uint8_t* RAMFUNCTION get_trailer_at(uint8_t part, uint32_t at)
{
if (part == PART_BOOT) {
if (PARTN_IS_EXT(PART_BOOT)) {
if (FLAGS_BOOT_EXT()){
ext_flash_check_read(PART_BOOT_ENDFLAGS - (sizeof(uint32_t) + at), (void *)&ext_cache, sizeof(uint32_t));
return (uint8_t *)&ext_cache;
} else {
@ -119,7 +134,7 @@ static uint8_t* RAMFUNCTION get_trailer_at(uint8_t part, uint32_t at)
}
}
else if (part == PART_UPDATE) {
if (PARTN_IS_EXT(PART_UPDATE)) {
if (FLAGS_UPDATE_EXT()) {
ext_flash_check_read(PART_UPDATE_ENDFLAGS - (sizeof(uint32_t) + at), (void *)&ext_cache, sizeof(uint32_t));
return (uint8_t *)&ext_cache;
} else {
@ -132,14 +147,14 @@ static uint8_t* RAMFUNCTION get_trailer_at(uint8_t part, uint32_t at)
static void RAMFUNCTION set_trailer_at(uint8_t part, uint32_t at, uint8_t val)
{
if (part == PART_BOOT) {
if (PARTN_IS_EXT(PART_BOOT)) {
if (FLAGS_BOOT_EXT()) {
ext_flash_check_write(PART_BOOT_ENDFLAGS - (sizeof(uint32_t) + at), (void *)&val, 1);
} else {
hal_trailer_write(PART_BOOT_ENDFLAGS - (sizeof(uint32_t) + at), val);
}
}
else if (part == PART_UPDATE) {
if (PARTN_IS_EXT(PART_UPDATE)) {
if (FLAGS_UPDATE_EXT()) {
ext_flash_check_write(PART_UPDATE_ENDFLAGS - (sizeof(uint32_t) + at), (void *)&val, 1);
} else {
hal_trailer_write(PART_UPDATE_ENDFLAGS - (sizeof(uint32_t) + at), val);
@ -150,14 +165,14 @@ static void RAMFUNCTION set_trailer_at(uint8_t part, uint32_t at, uint8_t val)
static void RAMFUNCTION set_partition_magic(uint8_t part)
{
if (part == PART_BOOT) {
if (PARTN_IS_EXT(PART_BOOT)) {
if (FLAGS_BOOT_EXT()) {
ext_flash_check_write(PART_BOOT_ENDFLAGS - sizeof(uint32_t), (void *)&wolfboot_magic_trail, sizeof(uint32_t));
} else {
hal_set_partition_magic(PART_BOOT_ENDFLAGS - sizeof(uint32_t));
}
}
else if (part == PART_UPDATE) {
if (PARTN_IS_EXT(PART_UPDATE)) {
if (FLAGS_UPDATE_EXT()) {
ext_flash_check_write(PART_UPDATE_ENDFLAGS - sizeof(uint32_t), (void *)&wolfboot_magic_trail, sizeof(uint32_t));
} else {
hal_set_partition_magic(PART_UPDATE_ENDFLAGS - sizeof(uint32_t));
@ -318,7 +333,7 @@ void RAMFUNCTION wolfBoot_erase_partition(uint8_t part)
void RAMFUNCTION wolfBoot_update_trigger(void)
{
uint8_t st = IMG_STATE_UPDATING;
if (PARTN_IS_EXT(PART_UPDATE))
if (FLAGS_UPDATE_EXT())
{
ext_flash_unlock();
wolfBoot_set_partition_state(PART_UPDATE, st);
@ -333,7 +348,7 @@ void RAMFUNCTION wolfBoot_update_trigger(void)
void RAMFUNCTION wolfBoot_success(void)
{
uint8_t st = IMG_STATE_SUCCESS;
if (PARTN_IS_EXT(PART_BOOT))
if (FLAGS_BOOT_EXT())
{
ext_flash_unlock();
wolfBoot_set_partition_state(PART_BOOT, st);

25
src/loader.c
View File

@ -119,6 +119,8 @@ static int wolfBoot_update(int fallback_allowed)
ext_flash_unlock();
#endif
#ifndef DISABLE_BACKUP
/* Interruptible swap
* The status is saved in the sector flags of the update partition.
* If something goes wrong, the operation will be resumed upon reboot.
@ -158,6 +160,29 @@ static int wolfBoot_update(int fallback_allowed)
wb_flash_erase(&swap, 0, WOLFBOOT_SECTOR_SIZE);
st = IMG_STATE_TESTING;
wolfBoot_set_partition_state(PART_BOOT, st);
#else /* DISABLE_BACKUP */
#warning "Backup mechanism disabled! Update installation will not be interruptible"
/* Directly copy the content of the UPDATE partition into the BOOT partition.
* This mechanism is not fail-safe, and will brick your device if interrupted
* before the copy is finished.
*/
while ((sector * sector_size) < total_size) {
if ((wolfBoot_get_sector_flag(PART_UPDATE, sector, &flag) != 0) || (flag == SECT_FLAG_NEW)) {
flag = SECT_FLAG_SWAPPING;
wolfBoot_copy_sector(&update, &boot, sector);
if (((sector + 1) * sector_size) < WOLFBOOT_PARTITION_SIZE)
wolfBoot_set_sector_flag(PART_UPDATE, sector, flag);
}
}
while((sector * sector_size) < WOLFBOOT_PARTITION_SIZE) {
wb_flash_erase(&boot, sector * sector_size, sector_size);
sector++;
}
st = IMG_STATE_SUCCESS;
wolfBoot_set_partition_state(PART_BOOT, st);
#endif
#ifdef EXT_FLASH
ext_flash_lock();
#endif

15
tools/check_config/Makefile 100644
View File

@ -0,0 +1,15 @@
# Configuration values: see tools/config.mk
-include ../../.config
include ../config.mk
include ../../options.mk
CFLAGS+=-I. -I../../ -I../../include -m32
check_config: check_config.o
@gcc -o $@ $^ $(CFLAGS)
@./check_config
%.o:%.c
@gcc -c -o $@ $^ $(CFLAGS)
clean:
@rm -f check_config *.o

95
tools/check_config/check_config.c 100644
View File

@ -0,0 +1,95 @@
/* unit-parser.c
*
* Unit test for parser functions in libwolfboot.c
*
*
* Copyright (C) 2020 wolfSSL Inc.
*
* This file is part of wolfBoot.
*
* wolfBoot is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfBoot is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* Option to enable sign tool debugging */
/* Must also define DEBUG_WOLFSSL in user_settings.h */
#include <stdio.h>
#include "src/libwolfboot.c"
static int locked = 0;
/* Mocks */
void hal_init(void)
{
}
int hal_flash_write(uint32_t address, const uint8_t *data, int len)
{
return 0;
}
int hal_flash_erase(uint32_t address, int len)
{
return 0;
}
void hal_flash_unlock(void)
{
if (!locked)
printf("Double unlock detected\n");
locked--;
}
void hal_flash_lock(void)
{
if (locked)
printf("Double lock detected\n");
locked++;
}
void hal_prepare_boot(void)
{
}
void spi_flash_sector_erase(uint32_t address)
{
}
int spi_flash_read(uint32_t address, void *data, int len)
{
return 0;
}
int spi_flash_write(uint32_t address, const void *data, int len)
{
return 0;
}
/* End Mocks */
#define Min(A,B) ((A<B)?A:B)
int main(void)
{
printf("WOLFBOOT_PARTITION_SIZE : %lu\n", WOLFBOOT_PARTITION_SIZE);
printf("WOLFBOOT_SECTOR_SIZE : %lu\n", WOLFBOOT_SECTOR_SIZE);
printf("Sectors per partition : %lu\n", (WOLFBOOT_PARTITION_SIZE / WOLFBOOT_SECTOR_SIZE));
printf("ENCRYPT_TMP_SECRET_OFFSET : %lu\n", ENCRYPT_TMP_SECRET_OFFSET);
printf("TRAILER_SKIP : %lu\n", TRAILER_SKIP);
printf("TRAILER_OVERHEAD : %lu\n", TRAILER_OVERHEAD);
printf("WOLFBOOT_PARTITION_BOOT_ADDRESS : %08X\n", WOLFBOOT_PARTITION_BOOT_ADDRESS);
printf("WOLFBOOT_PARTITION_UPDATE_ADDRESS : %08X\n", WOLFBOOT_PARTITION_UPDATE_ADDRESS);
printf("PART_BOOT_ENDFLAGS : %08X\n", PART_BOOT_ENDFLAGS);
printf("PART_UPDATE_ENDFLAGS : %08X\n", PART_UPDATE_ENDFLAGS);
#if !defined(EXT_FLASH) || defined(FLAGS_HOME)
printf("Max firmware size : %lu\n", (Min(PART_BOOT_ENDFLAGS, PART_UPDATE_ENDFLAGS) - WOLFBOOT_PARTITION_BOOT_ADDRESS) - TRAILER_OVERHEAD);
#else
printf("Max firmware size : %lu\n", (PART_BOOT_ENDFLAGS - WOLFBOOT_PARTITION_BOOT_ADDRESS) - TRAILER_OVERHEAD);
#endif
return 0;
}

5
tools/config.mk
View File

@ -23,9 +23,12 @@ ifeq ($(ARCH),)
UART_FLASH?=0
ALLOW_DOWNGRADE?=0
NVM_FLASH_WRITEONCE?=0
DISABLE_BACKUP?=0
WOLFBOOT_VERSION?=0
V?=0
NO_MPU?=0
ENCRYPT?=0
FLAGS_HOME?=0
SPMATH?=1
RAM_CODE?=0
DUALBANK_SWAP?=0
@ -49,7 +52,7 @@ endif
CONFIG_VARS:= ARCH TARGET SIGN HASH MCUXPRESSO MCUXPRESSO_CPU MCUXPRESSO_DRIVERS \
MCUXPRESSO_CMSIS FREEDOM_E_SDK STM32CUBE CYPRESS_PDL CYPRESS_CORE_LIB CYPRESS_TARGET_LIB DEBUG VTOR \
CORTEX_M0 CORTEX_M33 NO_ASM EXT_FLASH SPI_FLASH NO_XIP UART_FLASH ALLOW_DOWNGRADE NVM_FLASH_WRITEONCE \
WOLFBOOT_VERSION V NO_MPU \
DISABLE_BACKUP WOLFBOOT_VERSION V NO_MPU ENCRYPT FLAGS_HOME \
SPMATH RAM_CODE DUALBANK_SWAP IMAGE_HEADER_SIZE PKA TZEN PSOC6_CRYPTO WOLFTPM \
WOLFBOOT_PARTITION_SIZE WOLFBOOT_SECTOR_SIZE \
WOLFBOOT_PARTITION_BOOT_ADDRESS WOLFBOOT_PARTITION_UPDATE_ADDRESS \