* Fixed PPC spin table based on ePAPR 1.1.
* Added flattened device tree (FDT) support. Setting required FDT fields per ePAPR 1.1.
* Added Frame Manager microcode upload.
* Fixed CPLD and setting QE clock.
* Added support for setting logical device numbers and updated device tree.
* Fixed QUICC Engine base address (was incorrect, should be 0x140000).
* Fixed "cpu-release-addr" to use 64-bit value.
* Added secondary cached boot page.
* Added L2 cache support to multi-core.
* Added flattened device tree parser tool for testing (`make fdt-parser` and `tools/fdt-parser/fdt-parser`).
* Added checks for FDT header.
* Added automated test case for NXP T1024 FDT.
leave the encryption key for wolfBoot_success to erase.
FINAL_SWAP was also stopping the case where the partition was put into testing before the update sector status flags could be erased. now, don't erase the update sector flags. instead put the update partition in IMG_STATE_FINAL_FLAGS state before putting the boot partition in IMG_STATE_TESTING. Then only erase the update sector flags on wolfBoot_update_trigger. under this scheme, the sector flags are intact if the power failed before we could set IMG_STATE_TESTING but are wiped if we do need to swap over after after wolfBoot_success fails to be called
repeatable steps so that power failure wont erase the encryption key and wont cause skipping the testing phase of boot. this is done by marking the update partition as final swap when erasing the final sector and backing up the key in boot sector 0 after swaping the real boot sector 0 to swap. then when a power failure occurs the encryption key will be available in either boot sector 0 or the normal location. the intermediate phase also prevents skipping the testing phase since the last sector, which holds the boot state, is erased and then set repeatably, since the final swap state is set on the update partition
simplify the erase address logic within nvm_select_fresh_sector
add several checks to nvm_select_fresh_sector:
when FLAGS_HOME is enabled, add a check for both the boot and update partition flags
when EXT_ENCRYPTED is enabled, add a check for the encryption key, always perform this check when FLAGS_HOME is enabled
update aes_init and chacha_init to properly account for NVM_FLASH_WRITEONCE
is called for NVM_FLASH_WRITEONCE and WOLFBOOT_FLAGS_INVERT since NVM_FLASH_WRITEONCE relies on finding non-erased flags to determine which sector is fresh and since WOLFBOOT_FLAGS_INVERT may use a different fill byte than what bin-assemble was compiled with
* Added simulator support for Mac.
* Fix for simulator to properly assemble wolfboot.bin + signedtestapp + update + swap.
* Fixes for handling 64-bit assigned mmap virtual addresses. Added hal_flash_write and hal_flash_erase support for 64-bit address using uintptr_t. Enabled if platform is 64-bit and `FORCE_32BIT` is not defined
* Fix simulator conflict with src/libwolfboot.o object in test-app.
* Cleanup test-app linker flags.
* Added ELF32 and ELF64 loader support (config `ELF=1` or build option `WOLFBOOT_ELF`).
* Add ELF support to `update_ram.c` loader.
* Add support for loading entire flash image to RAM when `EXT_FLASH=1` and `NO_XIP=1` (or `WOLFBOOT_USE_RAMBOOT`).
* Added QUICC Engine support to load microcode and enable.
* Add multiple core support for NXP P1021.
* Fixes to resolve first stage boot ROM relocation.
- Implemented temporary workaround to resolve stack traps.
* Added PPC GOT relocation support.
* Fix for the PPC `isr_empty` handler address.
* Fix to allow stack to use DDR by having assembly setup DDR TLB. After relocating wolfBoot use stack on DDR.
* Cleanup wolfBoot output.
- Only remove extra .bin/.elf created unless `make distclean` is used.
- Don't output the key grep test (only check result).
- Adjust build order (first stage, wolfboot, test app, key, sign test app and factory).
- Fix to make sure linker script is rebuilt before objects.
Sample NXP P1021 Output:
```
Relocating BOOT ROM to DDR
Loading wolfBoot to DDR
Jumping to full wolfBoot
wolfBoot HAL Init
Flash Init: Ret 0, ID 0x76207620
QE: Length 63732, Count 1
QE: uploading 'Microcode for P1021 r1.0' version 0.0.1
QE: Traps 0
MP: Starting core 2 (spin table 0xFFFFF240)
Versions: Boot 1, Update 0
Trying Boot partition at 0x200000
Loading header 512 bytes to 0x1DFFFE00
Loading image 3170724 bytes to 0x1E000000
Image size 3170724
Firmware Valid
Loading elf at 0x1E000000
Found valid elf32 (big endian)
Booting at 0x6000
```
When using NVM_FLASH_WRITEONCE, before writing to the active trailer sector,
we check that the sector has been previously erased. This check was
erasing the wrong partition trailer, leaving the system without a
trailer for a few lines of code, but potentially vulnerable to
powerfailure events.
David Garske
Daniele Lacamera
John Bland
Tesfa Mael
Marco Oliverio
Dimitri Papadopoulos
Hideki Miyazaki
billphipps
Daniele Lacamera