* Added new `WOLFBOOT_TPM_SEAL` and `WOLFBOOT_TPM_SEAL_NV_BASE` config options.
* Added new `tools/tpm/policy_create` tool for assisting with creation of a policy digest. The sign keytool `--policy=file` signs the policy.
* Added new `WOLFBOOT_TPM_VERIFY` option to enable offloading of the asymmetric verification to the TPM. By default wolfCrypt will be used.
* Added example seal/unseal to update_flash for ARCH_SIM.
* Renamed `WOLFBOOT_TPM_KEYSTORE_NV_INDEX` to `WOLFBOOT_TPM_KEYSTORE_NV_BASE` to support multiple public keys.
* Refactored most TPM code into tpm.c.
* Refactored the keystore ROT to use new `wolfBoot_check_rot` API.
* Refactored the sign keytool to have a sign_digest function to allow signing firmware and policy for sealing/unsealing.
* Fix for make distclean && make using the wrong key tools.
* Added TPM SPI wait state support and debug logging.
* Added platform auth ownership (change platform password to random value before boot). Can be disabled using `WOLFBOOT_TPM_NO_CHG_PLAT_AUTH`.
* Added parameter encryption support.
* Added TPM based root of trust based on https://github.com/wolfSSL/wolfTPM/pull/276
* Removed the TPM hashing feature (not practical).
* Fixed RSA with wolfTPM build.
* Fixed cleanup wolfTPM objects on make clean.
* Added simulator support for Mac.
* Fix for simulator to properly assemble wolfboot.bin + signedtestapp + update + swap.
* Fixes for handling 64-bit assigned mmap virtual addresses. Added hal_flash_write and hal_flash_erase support for 64-bit address using uintptr_t. Enabled if platform is 64-bit and `FORCE_32BIT` is not defined
* Fix simulator conflict with src/libwolfboot.o object in test-app.
* Cleanup test-app linker flags.
* Added ELF32 and ELF64 loader support (config `ELF=1` or build option `WOLFBOOT_ELF`).
* Add ELF support to `update_ram.c` loader.
* Add support for loading entire flash image to RAM when `EXT_FLASH=1` and `NO_XIP=1` (or `WOLFBOOT_USE_RAMBOOT`).
* Added QUICC Engine support to load microcode and enable.
* Add multiple core support for NXP P1021.
* Fixes to resolve first stage boot ROM relocation.
- Implemented temporary workaround to resolve stack traps.
* Added PPC GOT relocation support.
* Fix for the PPC `isr_empty` handler address.
* Fix to allow stack to use DDR by having assembly setup DDR TLB. After relocating wolfBoot use stack on DDR.
* Cleanup wolfBoot output.
- Only remove extra .bin/.elf created unless `make distclean` is used.
- Don't output the key grep test (only check result).
- Adjust build order (first stage, wolfboot, test app, key, sign test app and factory).
- Fix to make sure linker script is rebuilt before objects.
Sample NXP P1021 Output:
```
Relocating BOOT ROM to DDR
Loading wolfBoot to DDR
Jumping to full wolfBoot
wolfBoot HAL Init
Flash Init: Ret 0, ID 0x76207620
QE: Length 63732, Count 1
QE: uploading 'Microcode for P1021 r1.0' version 0.0.1
QE: Traps 0
MP: Starting core 2 (spin table 0xFFFFF240)
Versions: Boot 1, Update 0
Trying Boot partition at 0x200000
Loading header 512 bytes to 0x1DFFFE00
Loading image 3170724 bytes to 0x1E000000
Image size 3170724
Firmware Valid
Loading elf at 0x1E000000
Found valid elf32 (big endian)
Booting at 0x6000
```
- internal flash now mapped at 0xC0000000 (using `ARCH_FLASH_OFFSET`)
- wolfBoot binary included in internal flash (wolfboot partition is also
now writeable to test self-updates and encryption)
- sim test app supports encryption (sets the key for test)
- added new target to store the update in the external flash
- external flash mapped to 0xD0000000
* Fixes for e500 L1/L2 cache.
* Fixes for eLBC and DDR3 drivers on P1021.
* Fixes for LAW and TLB for P1021.
* Fix for the e500v2 core peripheral issues with data barrier / coherency safety.
* Support for SP math all (`SPMATHALL=1`).
* Support for stage 1 loader (`make stage1`).
* Expanded the NXP QorIQ T2080 documentation in `docs/Targets.md`.
* T2080 fixes for boot code placement and generation of .bin.
* T2080 UART driver cleanup.
* Improve bin-assemble fill speed and report items added.
* Make portability fixes to enable building in `mingw32-make`.
* Cleanup the `docs/Targets.md` sections and links.
* Cleanup execute bits on code files.
This commit introduces a simulated target where the internal and optionally the
external flash can be simulated and backed by files. Using this target will
produce an executable wolfBoot ELF image.
* add flash demo from RAM
* clean up linker script and flags
* Add hercules test-app: link script and minimal c file
`make CCS_ROOT=/c/ti/ccs1031/ccs/tools/compiler/ti-cgt-arm_20.2.4.LTS F021_DIR=/c/ti/Hercules/F021\ Flash\ API/02.01.01`
* Requires PR https://github.com/wolfSSL/wolfTPM/pull/101
* Cleanup of software vs. TPM code `wolfBoot_verify_signature` functions (ECC and RSA)
* Adjusted the stack size checks with TPM.
* Added STM32F4 programming/debugging instructions.
* In V=1 mode show the keygen command.
* Added Aarch64 boot/startup support
* Added configuration templates for Raspberry Pi 3 and Xilinx ZynqMP UltraScale+
* Added Xilinx Zynq QSPI bare-metal Driver
* Added `NO_XIP` option for full `ext_flash_*` API on all partitions
* Added Xilinx SDK Project Template
* Added support for DTS image partitions
* Added wolfBoot signing tool in Native C (`tools/keytools/sign.c`).
* Added libwolfboot functions `int wolfBoot_fallback_is_possible(void);` and `int wolfBoot_dualboot_candidate(void);`
* Performance improvement to only hash application firmware image once
Daniele Lacamera
Marco Oliverio
David Garske
Tesfa Mael
Daniele Lacamera
John Bland
Brett Nicholas
Lealem Amedie
Elms
Dimitar Tomov
Daniele Lacamera