WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,153 Commits
29 Branches
28 Tags
20 MiB
Commit Graph

698 Commits (master)

Author SHA1 Message Date
David Garske 8a9fbe5674 Improve network core firmware update. 2024-10-11 10:29:59 +02:00
David Garske 6db7de6a75 Support for the Nordic nRF5340 (application and network cores): 
* Added nRF5340 driver support for Clock, Internal Flash (NVMC), GPIO, SPU, OTP, UART, SPI, QSPI and IPC.
* Added support for updating the network core (Sign using "--id 2")
* Cleanup the nRF52 port
* Improved external QSPI and internal Flash tests and logging.
* Improved internal printf support for formatter length.
 2024-10-11 10:29:59 +02:00
Daniele Lacamera 4cbfdf8cf1 [SAMA5D3] Port for 32bit Cortex-A 2024-09-30 14:05:50 +02:00
Hideki Miyazaki 44d3201cc9 fix ccrx use case for rx72n 2024-09-20 20:20:55 +02:00
David Garske 080dae0125 Fixes to properly support TPM policy with more than one PCR. 2024-09-10 20:53:10 +02:00
Daniele Lacamera a1a7601314 Unit tests: cleanup warnings 2024-09-06 11:36:16 +02:00
Daniele Lacamera 6737d7e7ad Refactoring of PKCS11 store module + unit tests 2024-09-05 18:53:03 +02:00
David Garske 9e17315d49 Fixes for building wolfBoot with XMSS/LMS. 2024-08-14 18:06:12 +02:00
David Garske be169145e2 Fixes for Zynqmp QSPI sizes on ZCU102. Fix for XMSS/LMS on Windows mingw with fopen binary mode. 2024-08-14 18:06:12 +02:00
David Garske 8a7f5e5baa Refactor to eliminate PLATFORM_ -> TARGET_. Fix CI errors. 2024-08-14 18:06:12 +02:00
David Garske cf936dffa2 Fixes for Xilinx zynqmp. 2024-08-14 18:06:12 +02:00
David Garske 3687851f75 Xilinx zynqmp documentation cleanups. Fixes for building with Eclipse wildcard .c include pains. 2024-08-14 18:06:12 +02:00
Daniele Lacamera d2811b2538
Unit test for update_ram.c (#488) 
* Initial draft with two test cases

* Added more unit tests. Found OOB access.

* Fix potential OOB access with too-large update img

* NO_FORK disabled by default

* Cover more corner cases

* Added unit tests for update_ram.c

Fixed fallback in partition election
 2024-08-13 09:36:33 -07:00
Daniele Lacamera 3ff7059dc5
Unit tests for update_flash.c (#487) 
* Initial draft with two test cases

* Added more unit tests. Found OOB access.

* Fix potential OOB access with too-large update img

* NO_FORK disabled by default

* Cover more corner cases
 2024-08-13 06:25:49 -07:00
Daniele Lacamera 30a1f67e43
Added 32bit simulator via TARGET=sim FORCE_32BIT=1 (#485) 
* Added 32bit simulator via TARGET=sim FORCE_32BIT=1

Tests can now run on 32bit simulator (e.g. to match XMALLOC fixed
sizes with sp_math and WOLFBOOT_SMALL_STACK).

* Added draft for new workflow: test simulator with different memory config

* Fix 64bit, SMALL_STACK xmalloc sizes

* Test defaults to SPMATH

* Fixed test: defaults to spmath. Added RSA tests (failing)

* Fixed RSA allocation sizes for 64bit build

* Added 64bit fastmath test (failing)

* Fixed ecc_point size for 64bit builds (FASTMATH)

* simulator config: use SPMATH by default

* Attempt to fix i386 libc dep in workflow

* Added HUGE_STACK to silence warning in FASTMATH+RSA4096 tests
 2024-08-09 06:46:15 -07:00
Brett Nicholas 2d6308ec2c - Infineon TC3xx support 
- fix (existing) unused variable compiler warnings
- documentation updates
- add multi-sector erase option
 2024-07-31 09:22:31 +02:00
David Garske d747afb780 Move interrupt disable to do_boot. 2024-07-23 18:37:06 +02:00
David Garske f7fed89f27 Fix to make sure wolfBoot leaves IRQ's disabled. The TSIP driver will leave IRQ's on which could cause customer issues. Added new `spi_flash_chip_erase` API for the SPI flash driver. 2024-07-23 18:37:06 +02:00
Daniele Lacamera 64f3a395fb
Merge branch 'master' into swap_tail_type 2024-07-19 12:37:47 +02:00
David Garske b3f3b5356c Fix for image_open wolfBoot_get_blob_version print. Added NULL protection on `wolfBoot_get_blob_version`. 2024-07-19 09:08:48 +02:00
David Garske a49f4405a5 Add logging for wolfBoot_update() and partition version information. Enabled with `DEBUG_UART` or other PRINTF_ENABLED logging. 
Example Log:
```
wolfBoot HAL Init
SPI Probe: Manuf 0xC2, Product 0x20
Boot at 0xFFE00000 (size 115856, version 0x2)
Update at 0x200000 (size 115856, version 0x0)
Staring Update (fallback allowed 0)
Update at 0x200000 (size 115856, version 0x0)
Boot at 0xFFE00000 (size 115856, version 0x2)
Versions: Current 0x2, Update 0x3
Copy sector 0 (part 1->2)
Copy sector 0 (part 0->1)
Copy sector 0 (part 2->0)
Boot at 0xFFE00000 (size 115856, version 0x3)
Update at 0x200000 (size 115856, version 0x0)
Copy sector 1 (part 1->2)
Copy sector 1 (part 0->1)
Copy sector 1 (part 2->0)
Copy sector 2 (part 1->2)
Copy sector 2 (part 0->1)
Copy sector 2 (part 2->0)
Copy sector 3 (part 1->2)
Copy sector 3 (part 0->1)
Copy sector 3 (part 2->0)
Boot at 0xFFE00000 (size 115856, version 0x3)
Update at 0x200000 (size 115856, version 0x0)
Copy sector 58 (part 0->2)
Boot at 0xFFE00000 (size 115856, version 0x3)
Booting version: 0x3
```
 2024-07-19 09:08:48 +02:00
David Garske 82094c92e1 Cleanup "tail" to "trailer" 2024-07-18 14:18:51 -07:00
David Garske 8b954d4a6c Fix for update_flash.c `error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]`. Cleanup the swap logic for `EXT_ENCRYPTED`. Switch to using a `uint32_t` directly for checking tail magic. 2024-07-18 13:55:04 -07:00
Daniele Lacamera d390873096 Fix padding in test 2024-07-18 10:15:50 +02:00
Daniele Lacamera 55396ed969 Restore erase in update_trigger. 
Caveat: in case of powerfail during wolfBoot_update_trigger, the key
previously set may be lost. This is OK assuming that the update process
can resume from the previous step in the application (setting the key
before triggering the update).
 2024-07-18 09:33:58 +02:00
Daniele Lacamera d31380675e Fix key persistence with FLAGS_HOME + EXT_ENCTYPT 2024-07-18 08:42:39 +02:00
Daniele Lacamera d3795c81cd Implicitly add trailer when setting enc key 2024-07-17 18:33:37 +02:00
Daniele Lacamera 8b73250324 Set trailer on BOOT partition when storing the enc key 2024-07-17 17:00:11 +02:00
Daniele Lacamera e586087422 Added unit test NVM + ENCRYPTION, fix offset 2024-07-17 13:42:28 +02:00
Daniele Lacamera 9250abbb8e Fixed erase address in case of NVM + FLAGS_HOME 2024-07-17 12:09:13 +02:00
Daniele Lacamera 04111a67b4 Added unit tests for FLAGS_HOME + fix NVM election 
Taking into account the additional offset for PART_UPDATE_FLAGS at the
end of each flags sector when comparing two redundant flag sectors in
NVM_FLASH_WRITEONCE + FLAGS_HOME
 2024-07-17 11:28:40 +02:00
Daniele Lacamera 2ec2bcdf79 Fixed flag comparison selecting most recent flags 2024-07-17 08:55:14 +02:00
David Garske 3444c47fdb * Added support for RX65N and RX72N with native Makefile and RX ELF GCC compiler. 
* Added initialization of the clocks and UART driver.
   - wolfBoot uses on chip high speed oscillator (HOCO) at (120MHz RX65N and 240Mhz for RX72N).
* Added RX RSPI and QSPI driver support with external SPI flash
* Improve documentation and fix spelling errors.
* Added .srec (s-record) format support
* Added RX TSIP support for ECDSA (requires https://github.com/wolfSSL/wolfssl/pull/7685).
* Allow custom implementation of `get_trailer_at`, `set_trailer_at` and `set_partition_magic` using `CUSTOM_PARTITION_TRAILER`
 2024-07-17 06:08:31 +02:00
Daniele Lacamera a7668842c7 Remove silencer for -Warray-bounds 2024-07-16 17:18:41 +02:00
Daniele Lacamera 230174e2f7 nvm_select_fresh_sector: fix flag offset 
The offset for the sector flags position to compare the two
redundant blocks with NVM_FLASH_WRITEONCE mode was wrong, resulting
in a negative offset, which in turn caused an out-of-bound access
outside of the UPDATE partition space.
 2024-07-16 16:16:46 +02:00
John Bland 6c3940fafc refactor final step of powerfail safe update and add 
emergency fallback test
 2024-07-10 16:58:23 -04:00
Daniele Lacamera aff2072694 Demo app: added test, benchmark, other gadgets 2024-07-09 10:22:42 -07:00
Daniele Lacamera 32d6592e50 Fixed regression on powerfail resume 2024-07-04 18:19:02 +02:00
Daniele Lacamera 68f3bfad58 Take into account resumed delta updates due to powerfail events 2024-07-04 17:31:17 +02:00
Daniele Lacamera 929f9d3343 Fix base_version mismatch 2024-07-04 17:27:04 +02:00
David Garske a92c1b9ad9 STM32U5 cache support. Including cache invalidate on `nvm_select_fresh_sector`. ZD 18210 2024-06-25 18:12:47 +02:00
Marco Oliverio a413cc11ef mptable: abide GCC diagnostic false positive 2024-06-19 09:47:13 +02:00
Marco Oliverio dbdb08b3eb x86: misc fixes 
fix various issues found by clangd-static-analyzer
 2024-06-19 09:47:06 +02:00
Marco Oliverio 829f7b1705 fix: add image alignment costraints 2024-06-19 09:47:06 +02:00
Daniel Pouzzner 441200f469 fix: support DEBUG=0 build 
* build lib/wolfssl/wolfcrypt/src/logging.o unconditionally,
* gate debug printing in do_tpm_selftest() appropriately,
* initialize top_address in src/boot_x86_fsp.c:start() to fix -Wmaybe-uninitialized,
* and add __attribute__((used)) to static src/x86/exceptions.c:common_exception_handler() and _timer_handler() implementations to accommodate asm-only calling;
* fix parallel make: add dependency of stage1/loader_stage1.bin on wolfboot.elf.
* add -ffreestanding -static flags to avoid gcc compiler optimize strings functions

Co-authored-by: Daniel Pouzzner <douzzer@wolfssl.com>
 2024-06-19 09:47:06 +02:00
Daniele Lacamera 9575bbc725 Set VTOR_NS instead of VTOR upon staging [TZEN] 2024-06-04 17:35:53 +02:00
Daniele Lacamera d573efa8c6 Initialize wolfPKCS11 also in "_hwswap" mode 2024-05-24 13:23:22 +02:00
Daniele Lacamera 9dd8b7cf97 Renamed FLASH_OTP_ROT to FLASH_OTP_KEYSTORE 2024-05-15 10:55:47 +02:00
Daniele Lacamera 02bfe8a6a1 Added OTP support for STM32H5 2024-05-15 10:55:47 +02:00
Daniele Lacamera 572e1157bc Added "otp-keystore-primer" tool 2024-05-15 10:55:46 +02:00
Daniele Lacamera 32578808f4 Added guard to OTP module for NO_SIGN 2024-05-15 10:55:46 +02:00
Daniele Lacamera d1eabc2e31 Keystore module for OTP in FLASH 2024-05-15 10:55:46 +02:00
David Garske 0ddde6f074
Merge pull request #444 from miyazakh/renesas_rz_rsip 
Add  RSIP use to Renesas RZ support
 2024-05-10 11:52:12 -07:00
David Garske 027c6847e5
Merge pull request #443 from wolfSSL/x86_fsp_backport 
x86 fsp backport
 2024-05-09 07:46:56 -07:00
Daniele Lacamera 3ec982109c STM32H5: added support for TrustZone 
- Unified TZ support for STM32L5, STM32H5, STM32U5
- Fixed/added example configuration files
- Expanded documentation
- Added new configurations to automated tests
 2024-05-09 16:33:40 +02:00
Marco Oliverio 5dd9fa94d7 minor fixes 2024-05-09 16:33:30 +02:00
jordan bd0e25af16 Add wc_lms support. 2024-05-07 19:25:18 +02:00
jordan 13d746ab9a Add wc_xmss support. 2024-05-07 19:25:18 +02:00
Marco Oliverio 843c86b91d ahci: lock the disk if security disabled 2024-05-02 15:58:39 +02:00
Marco Oliverio ee4747e79c pci: move pcie_retraining_link in boot_x86_fsp 
the function relies a non-general delay() function, so move the function in a
more target-specific file.
 2024-04-29 10:27:42 +02:00
Marco Oliverio 09a2c216e8 fsp: tgl: staggering GPIOs configuration 2024-04-29 09:53:49 +02:00
Marco Oliverio af90fd7daa fsp: tgl: disable T2 and T3 GPIOs configuration 
To mirror SBL configuration
 2024-04-29 09:53:49 +02:00
Marco Oliverio e6cf0b0b5f fsp: tgl: remove duplicate GPIO 2024-04-29 09:53:49 +02:00
Marco Oliverio a3cba9e9fd fsp: tgl: add DEBUG_GPIO capabilities 2024-04-29 09:53:49 +02:00
Marco Oliverio 1959f194a7 fsp: add pre_mem and pre_silicon cbs() 2024-04-29 09:53:49 +02:00
Marco Oliverio fc08eac35d tpm: fix scan-build not null argument 2024-04-29 09:53:49 +02:00
Marco Oliverio 30ed1fae80 x86: fsp: tgl: enable usb 2024-04-29 09:53:49 +02:00
Marco Oliverio 41efa2920c pci: fix: add \r to new line in pci_dump 2024-04-29 09:53:49 +02:00
Marco Oliverio 9a37b85d67 pci: fsp: update doxygen comments 2024-04-29 09:53:49 +02:00
Marco Oliverio 71a43064f6 pci: stage2: uniform parameter-less function prototype 2024-04-29 09:53:49 +02:00
Marco Oliverio a0e61f3a58 x86: fsp: fix: remove unused variable 2024-04-29 09:53:49 +02:00
Marco Oliverio b82b435a8d x86: paging: fix typo 2024-04-29 09:53:49 +02:00
Marco Oliverio 91bc67cd6c fsp: add comment on stage2_parameters storage cycle 2024-04-29 09:53:49 +02:00
Marco Oliverio 0aa886783f fsp: support stage2_get_parameters() helper 2024-04-29 09:53:49 +02:00
Marco Oliverio e96babef24 refactor: rename stage1.{h,c} in stage2_params.{h,c} 2024-04-29 09:53:49 +02:00
Marco Oliverio 7ce14a242a pci: dump pci bus, lspci format 2024-04-29 09:53:49 +02:00
Marco Oliverio 0e334386a6 fsp: minor FSP UPD settings adjustments 2024-04-29 09:53:49 +02:00
Marco Oliverio a96b738e28 ahci: allow ATA_SEC0 on qemu target 2024-04-29 09:53:49 +02:00
Marco Oliverio 0aac8e2423 pci: add device present check in pcie_retraining_link() 2024-04-29 09:53:49 +02:00
Marco Oliverio 587c7450ac x86: fsp: add TPM self test 2024-04-29 09:53:49 +02:00
Marco Oliverio 37fb0aaa2a tpm: include self test wrapper 2024-04-29 09:53:49 +02:00
Marco Oliverio e784c75aef ahci: move MASTER_PASSWORD in options.mk as ATA_MASTER_PASSWORD 2024-04-29 09:53:49 +02:00
Marco Oliverio 8dc8c8ca22 fsp: tgl: retraing 0.6.0 link after SiliconInit 2024-04-29 09:53:49 +02:00
Marco Oliverio ceb7e65fd9 fsp: update SiliconInit parameters 2024-04-29 09:53:49 +02:00
Marco Oliverio 42d367ab97 fsp: update MemoryInit parameters 2024-04-29 09:53:49 +02:00
Marco Oliverio c33c85ae78 fsp: support printing of FSP Image Revision 2024-04-29 09:53:49 +02:00
Marco Oliverio 7a72bc719b ata: support master password in ata_security_erase_unit() 2024-04-29 09:53:49 +02:00
Marco Oliverio 37e8d7d03a ahci: support WOLFBOOT_ATA_DISABLE_USER_PASSWORD compile define 
if defined, wolfBoot disables the user password by using the master key and
panic.
 2024-04-29 09:53:49 +02:00
Marco Oliverio d7f509bdc4 ata: fix: forward master parameter 2024-04-29 09:53:49 +02:00
Marco Oliverio d0e6a7e990 x86_fsp: enable linker sections garbage collection 
-ffunction-sections -fdata-sections compiles every function/data in its own
section, --gc-sections will remove the one that are unused.

Before:
$ ./tools/x86_fsp/print_flash_map.py
Name:                    Address:                    Size:
.stage2              0xffa00000           0x52cac
.policy              0xffa52cac           0x204
.config              0xffa52eb0           0x220
.ucode_update0       0xffd90000           0x1b000
.fit_table           0xffe00000           0x63000
.km                  0xffe80000           0x1000
.bpm                 0xffe90000           0x1000
.fsp_s               0xffea0000           0x5a200
.bootloader          0xfff00000           0x4f600
.iplt                0xfff4f600           0x0
.fsp_t               0xfff59000           0x7000
.fsp_m               0xfff60000           0x9f000
.jmpto32             0xfffffe00           0x158
.fit_table_tr        0xffffffc0           0x8
.reset_vector        0xffffffec           0x14
total sum: 0x222a44 (2186 KB)

After:
$ ./tools/x86_fsp/print_flash_map.py
Name:                    Address:                    Size:
.stage2              0xffa00000           0x2b24c
.policy              0xffa2b24c           0x204
.config              0xffa2b450           0x220
.ucode_update0       0xffd90000           0x1b000
.fit_table           0xffe00000           0x63000
.km                  0xffe80000           0x1000
.bpm                 0xffe90000           0x1000
.fsp_s               0xffea0000           0x5a200
.bootloader          0xfff00000           0x20900
.iplt                0xfff20900           0x0
.fsp_t               0xfff59000           0x7000
.fsp_m               0xfff60000           0x9f000
.jmpto32             0xfffffe00           0x158
.fit_table_tr        0xffffffc0           0x8
.reset_vector        0xffffffec           0x14
total sum: 0x1cc2e4 (1840 KB)
 2024-04-29 09:53:49 +02:00
Marco Oliverio 160e402fad x86_fsp: fix: printf wrong parameter 2024-04-29 09:53:49 +02:00
Marco Oliverio 311ed5fa22 sata_get_random_base64: fix: don't "overflow" the '\0' terminator 
Also don't encode the base64 string with an ending newline.

The '\0' was stored just after out_size bytes in the output buffer, so it wasn't
stored on the TPM NV memory and it cause issues with functions expecting
a null terminated string (ata_security_*).
 2024-04-29 09:53:49 +02:00
Marco Oliverio 4b957bd529 ahci: sata_disable_password() function 
The function is normally excluded from the compilation but it's handy when
debugging hard disk security functions
 2024-04-29 09:53:49 +02:00
Marco Oliverio 85d6437433 ata: enable to compare against master password 2024-04-29 09:53:49 +02:00
Marco Oliverio 992bb4c13d ata: support aync ATA command operation 
only one operation at the time at driver level is allowed.
 2024-04-29 09:53:49 +02:00
Marco Oliverio 604ec62129 ahci: minor fixes 2024-04-29 09:53:49 +02:00
Marco Oliverio 2d67742be9 x86: ahci: make freeze optional in sata_unlock_disk 2024-04-29 09:53:49 +02:00
Marco Oliverio b6217444bd x86: paging: increase Page Table Page to 512 2024-04-29 09:53:49 +02:00
Marco Oliverio 62c938f99d x86: tgl: remove binary FSP_S upd parameters 
The parameters are configured in fsp_set_silicon_cfg
 2024-04-29 09:53:49 +02:00
Marco Oliverio ffb8653f57 tgl: kontron_vx3060_S2 GPIOs configuration 2024-04-29 09:53:49 +02:00
Marco Oliverio 24067beca5 tgl: improved GPIO configuration 2024-04-29 09:53:49 +02:00
Marco Oliverio 4bbe43e222 x86: support cpu exceptions 2024-04-29 09:53:49 +02:00
Marco Oliverio 0833c4b1bf fsp: stage1: use temporary parameters struct in pre-mem stage 2024-04-29 09:53:49 +02:00
Hideki Miyazaki 7725cc1a8b initial support Renesas RZ with RSIP 2024-04-26 07:28:07 +09:00
Marco Oliverio d89b44e0f1 x86: use hlt instruction in panic() 2024-04-24 17:07:35 +02:00
Marco Oliverio e7a626223a gpt: support partition label 2024-04-24 17:07:35 +02:00
Marco Oliverio 97b3beeba8 ahci: allow to delete sealed secret on error 2024-04-24 17:07:33 +02:00
Marco Oliverio fd457e51a7 x86: fsp: move stage1 to stage2 related function in a separate file 2024-04-24 10:50:50 +02:00
Marco Oliverio bc1e40b0a6 x86: ata: add check on drive number 2024-04-24 10:50:50 +02:00
Marco Oliverio 7247d1184b x86: sata: separate sata_unlock_disk() as a separate operation 2024-04-24 10:50:50 +02:00
Marco Oliverio e434ddb77f x86: ahci: check get_key_sha256() return code 2024-04-24 10:50:50 +02:00
Marco Oliverio 9c0ca1fc6f elf: correct newlines 2024-04-23 10:55:36 +02:00
Marco Oliverio 7e7c5f3915 tgl: fsp: check CPU shutdown mode 
If CPU enter a triple fault, it goes in shutdown mode and the reset vector is
invoked again, without a proper PLTRST#. MemoryInit API fails in this
case. Check if CPU is in shutdown mode and reset the platform if so.
 2024-04-23 10:55:27 +02:00
Marco Oliverio c3bf1266e9 fsp: stage1: init TPM if TPM_VERIFY = 1 or MEASURED_BOOT = 1 2024-04-23 10:42:17 +02:00
Marco Oliverio b663ebe979 tpm seal: add define to choose the key id to seal with 2024-04-23 10:41:47 +02:00
David Garske a37a816693
Merge pull request #433 from danielinux/gpl3 
Update license GPL2 -> GPL3
 2024-04-16 10:36:10 -07:00
Daniele Lacamera 32b5b9e4ec Replaced uint32_t with uintptr_t 2024-04-16 19:10:26 +02:00
Daniele Lacamera d8c651c091 Added explicit cast to silence warning 
Explicit cast to silence warning about negative array index
 2024-04-16 18:50:39 +02:00
Daniele Lacamera fce6149cf8 Update license GPL2 -> GPL3 2024-04-16 16:46:15 +02:00
Daniele Lacamera c12d968583 Added extra memory buffer for wolfCrypt 5.7.0 RSA 
In wolfSSL 5.7.0 here is an extra buffer used for "ASN" checks on RSA
 2024-04-10 12:13:38 +02:00
David Garske e3669245d5
Merge pull request #411 from miyazakh/renesas_rz2 
Support wolfBoot on Renesas RZN2L
 2024-03-01 20:22:11 -08:00
Daniele Lacamera a314875c79 Added support for SIGN=ECC521 2024-03-01 15:32:33 +01:00
Hideki Miyazaki fd9670d52e address review comments 2024-02-28 17:22:01 +09:00
Hideki Miyazaki 6c0509ae78 Initial commit for wolfBoot Loader project on e2studio 
-- update based on readme
 2024-02-27 15:49:11 +09:00
Daniele Lacamera 37d92fdd3d DISABLE_BACKUP is now powerfail-safe. 
By not checking/updating sector flags during copies from UPDATE to
BOOT partitions, a copy operation getting interrupted by power failure
will be less likely to cause problems to the integrity of the BOOT
image. This is because in case of interruptions, the copy operation
will be restarted from the first sector.
 2024-02-22 09:36:21 +01:00
Daniele Lacamera c70c8a470d Added support for Microchip SAM E51 2024-02-15 17:30:11 +01:00
David Garske 85b59634a1 Peer review feedback. 2024-02-12 19:54:12 +01:00
David Garske 349231b982 Cleanups. 2024-02-12 19:54:12 +01:00
David Garske 7b1d180951 Improvements for CPLD. Patch for PCIe from TigerLake. 2024-02-12 19:54:12 +01:00
David Garske fea3b9ed1d Improve PCIe code. 2024-02-12 19:54:12 +01:00
David Garske 0b206d6758 Fixes for NXP T1024 with Integrity OS. Adds additional FDT fixups for FMAN, Ethernet, PCI. Add PCI init and enumeration. 2024-02-12 19:54:12 +01:00
David Garske 30620bf47a Upstreaming TigerLake TPM improvements. 2024-02-03 10:52:39 -08:00
David Garske 4408eeaa74 Fixes for sealing/unsealing: 
* Fix for sealing policy, which was not being set on creation.
* Fix to clear the userWithAuth bit requiring policy
* Updated wolfTPM submodule with changes in https://github.com/wolfSSL/wolfTPM/pull/327
 2024-02-03 10:09:03 -08:00
David Garske 83283c6cf7 Fixes for NXP T1024 and booting Integrity OS: 
* Fixed PPC spin table based on ePAPR 1.1.
* Added flattened device tree (FDT) support. Setting required FDT fields per ePAPR 1.1.
* Added Frame Manager microcode upload.
* Fixed CPLD and setting QE clock.
* Added support for setting logical device numbers and updated device tree.
* Fixed QUICC Engine base address (was incorrect, should be 0x140000).
* Fixed "cpu-release-addr" to use 64-bit value.
* Added secondary cached boot page.
* Added L2 cache support to multi-core.
* Added flattened device tree parser tool for testing (`make fdt-parser` and `tools/fdt-parser/fdt-parser`).
* Added checks for FDT header.
* Added automated test case for NXP T1024 FDT.
 2024-01-17 14:16:15 +01:00
Daniele Lacamera 10b2b290d3 wolfBoot_get_blob_type: fix return type 2023-11-16 09:21:56 +01:00
David Garske dd11fad566
Merge pull request #385 from danielinux/test-delta 
Improve delta tests + fix delta+encrypt bug
 2023-11-06 07:52:04 -08:00
jordan 79aadb5cc1 XMSS wolfBoot support. 2023-11-06 14:31:05 +01:00
Daniele Lacamera f4e0cc61b3 Delta update fixes 
- img_size: use 32-bit variable
- remove '+1' from pa_start calculation
- fix broken delta.c wb_diff check for distance between matching
  patterns (root cause for the delta+encrypt bug)
 2023-11-04 19:32:34 +01:00
Daniele Lacamera 90ecd9f5d5 Decryption with delta updates: align to encryption block 2023-11-04 18:53:08 +01:00
David Garske 96d55c84e9 Fix for unseal not properly using auth. 2023-10-25 13:24:27 +02:00
David Garske 0666ffe1e6 Fix to not use the seal auth on the NV, since it cannot be encrypted on the bus. Only use the password for the sealed keyhashed blob. 2023-10-25 13:24:27 +02:00
David Garske 758eda1ad4 Add support for sealing/unsealing a secret with auth. 2023-10-25 13:24:27 +02:00
David Garske 426e7d22ff
Merge pull request #380 from danielinux/cppcheck 
Added cppcheck static analisys
 2023-10-13 08:22:50 -07:00
Daniele Lacamera c3c6d21675 Added cppcheck --enable-portability, fixed UBs 
Fixed reported UBs involving (void *) ptr arithmetic
 2023-10-13 16:14:07 +02:00
Daniele Lacamera dcb82b6545 cppcheck: added "--enable=warning" 2023-10-13 16:08:22 +02:00
Daniele Lacamera b5c8bc8024 Fix cppcheck warnings 2023-10-13 15:49:12 +02:00
Daniele Lacamera da43c99993 Added more unit tests. Added 'make cov'. 
Fixed checks for invalid partition id
 2023-10-13 14:30:45 +02:00
John Bland 6c2a37bdea remove complicated key saving process and instead 
leave the encryption key for wolfBoot_success to erase.
FINAL_SWAP was also stopping the case where the partition was put into testing before the update sector status flags could be erased. now, don't erase the update sector flags. instead put the update partition in IMG_STATE_FINAL_FLAGS state before putting the boot partition in IMG_STATE_TESTING. Then only erase the update sector flags on wolfBoot_update_trigger. under this scheme, the sector flags are intact if the power failed before we could set IMG_STATE_TESTING but are wiped if we do need to swap over after after wolfBoot_success fails to be called
 2023-10-13 14:30:04 +02:00
John Bland 87761e84e4 make aes_init and chacha_init read the backup key 2023-10-13 14:30:04 +02:00
John Bland 5a7665a9e3 add missing FINAL_SWAP check 2023-10-13 14:30:04 +02:00