From 60ad6ca2db5cce1259cf6204998aef0503389b87 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Thu, 21 Nov 2024 15:06:40 +0100 Subject: [PATCH 01/17] feat(zephyr): track zephyr 4.0 in west update revision in west Signed-off-by: Cyril Fougeray --- west.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/west.yml b/west.yml index a75d6b3d..42503bd0 100644 --- a/west.yml +++ b/west.yml @@ -8,7 +8,7 @@ manifest: remote: worldcoin projects: - name: zephyr - revision: b69d1cedf617848332718a2f72384d9b2b077d5e + revision: 8469084dfae85f854555f0607f2c838dad097235 # 4.0.0 import: name-allowlist: - cmsis From 7cb728af52d014b8bca99518ed7ae2f4764fbd0b Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Thu, 21 Nov 2024 16:22:37 +0100 Subject: [PATCH 02/17] feat(zephyr): hardware model v2 make CMake successfully load Signed-off-by: Cyril Fougeray --- boards/arm/diamond_main/Kconfig.board | 3 - boards/arm/diamond_main/Kconfig.defconfig | 22 ------- boards/arm/pearl_main/Kconfig.board | 3 - boards/arm/pearl_main/Kconfig.defconfig | 7 --- boards/tfh/diamond_main/Kconfig.diamond_main | 2 + boards/{arm => tfh}/diamond_main/board.cmake | 0 boards/tfh/diamond_main/board.yml | 5 ++ .../diamond_main/diamond_main.dts | 58 ++++++++++-------- .../diamond_main/diamond_main.yaml | 1 + .../diamond_main/diamond_main_defconfig | 4 -- .../diamond_main/support/openocd.cfg | 0 boards/tfh/pearl_main/Kconfig.pearl_main | 2 + boards/{arm => tfh}/pearl_main/board.cmake | 0 boards/tfh/pearl_main/board.yml | 5 ++ boards/{arm => tfh}/pearl_main/pearl_main.dts | 61 ++++++++++--------- .../{arm => tfh}/pearl_main/pearl_main.yaml | 1 + .../pearl_main/pearl_main_defconfig | 4 -- .../pearl_main/support/openocd.cfg | 0 boards/{arm => tfh}/stm32g474-hrtim.dtsi | 0 drivers/i2c_spi_bridge/Kconfig | 4 +- .../tfh,board-version.yaml} | 2 +- .../tfh,liquid-lens.yaml} | 2 +- dts/bindings/tfh/tfh,stm32-pwm.yaml | 14 +++++ .../tfh,voltage-measurement.yaml} | 2 +- dts/bindings/vendor-prefixes.txt | 1 - .../worldcoin/worldcoin,stm32-pwm.yaml | 11 ---- lib/can_messaging/canbus_tx.c | 2 +- main_board/boards/diamond_main.conf | 12 +--- main_board/prj.conf | 8 +-- main_board/src/power/boot/boot.c | 2 +- utils/env/environment.yml | 1 - 31 files changed, 107 insertions(+), 132 deletions(-) delete mode 100644 boards/arm/diamond_main/Kconfig.board delete mode 100644 boards/arm/diamond_main/Kconfig.defconfig delete mode 100644 boards/arm/pearl_main/Kconfig.board delete mode 100644 boards/arm/pearl_main/Kconfig.defconfig create mode 100644 boards/tfh/diamond_main/Kconfig.diamond_main rename boards/{arm => tfh}/diamond_main/board.cmake (100%) create mode 100644 boards/tfh/diamond_main/board.yml rename boards/{arm => tfh}/diamond_main/diamond_main.dts (96%) rename boards/{arm => tfh}/diamond_main/diamond_main.yaml (95%) rename boards/{arm => tfh}/diamond_main/diamond_main_defconfig (85%) rename boards/{arm => tfh}/diamond_main/support/openocd.cfg (100%) create mode 100644 boards/tfh/pearl_main/Kconfig.pearl_main rename boards/{arm => tfh}/pearl_main/board.cmake (100%) create mode 100644 boards/tfh/pearl_main/board.yml rename boards/{arm => tfh}/pearl_main/pearl_main.dts (95%) rename boards/{arm => tfh}/pearl_main/pearl_main.yaml (95%) rename boards/{arm => tfh}/pearl_main/pearl_main_defconfig (67%) rename boards/{arm => tfh}/pearl_main/support/openocd.cfg (100%) rename boards/{arm => tfh}/stm32g474-hrtim.dtsi (100%) rename dts/bindings/{worldcoin/worldcoin,board-version.yaml => tfh/tfh,board-version.yaml} (89%) rename dts/bindings/{worldcoin/worldcoin,liquid-lens.yaml => tfh/tfh,liquid-lens.yaml} (95%) create mode 100644 dts/bindings/tfh/tfh,stm32-pwm.yaml rename dts/bindings/{worldcoin/worldcoin,voltage-measurement.yaml => tfh/tfh,voltage-measurement.yaml} (94%) delete mode 100644 dts/bindings/worldcoin/worldcoin,stm32-pwm.yaml diff --git a/boards/arm/diamond_main/Kconfig.board b/boards/arm/diamond_main/Kconfig.board deleted file mode 100644 index 2a537c00..00000000 --- a/boards/arm/diamond_main/Kconfig.board +++ /dev/null @@ -1,3 +0,0 @@ -config BOARD_DIAMOND_MAIN - bool "Main board on Diamond Orb" - depends on SOC_STM32G474XX diff --git a/boards/arm/diamond_main/Kconfig.defconfig b/boards/arm/diamond_main/Kconfig.defconfig deleted file mode 100644 index 22a754d8..00000000 --- a/boards/arm/diamond_main/Kconfig.defconfig +++ /dev/null @@ -1,22 +0,0 @@ -# STM32G474RE main MCU board configuration for Diamond Orb - -config BOARD - default "diamond_main" - -config USE_STM32_LL_ADC - default y - -config I2C_INIT_PRIO_INST_1 - int "I2C init priority instance 1 (i2c3) - always-on I2C" - default I2C_INIT_PRIORITY - depends on I2C - -config I2C_INIT_PRIO_INST_2 - int "I2C init priority instance 2 (i2c4) - battery I2C (SMBus)" - default I2C_INIT_PRIORITY - depends on I2C - -config PCA95XX_INIT_PRIO_INST_0 - int "PCA95xx init priority instance 0 (on i2c1)" - default GPIO_PCA95XX_INIT_PRIORITY - depends on GPIO_PCA95XX diff --git a/boards/arm/pearl_main/Kconfig.board b/boards/arm/pearl_main/Kconfig.board deleted file mode 100644 index 851fcb77..00000000 --- a/boards/arm/pearl_main/Kconfig.board +++ /dev/null @@ -1,3 +0,0 @@ -config BOARD_PEARL_MAIN - bool "Main board on Pearl Orb" - depends on SOC_STM32G474XX diff --git a/boards/arm/pearl_main/Kconfig.defconfig b/boards/arm/pearl_main/Kconfig.defconfig deleted file mode 100644 index 15fc30dd..00000000 --- a/boards/arm/pearl_main/Kconfig.defconfig +++ /dev/null @@ -1,7 +0,0 @@ -# STM32G474RE main MCU board configuration on Pearl board - -config BOARD - default "pearl_main" - -config USE_STM32_LL_ADC - default y diff --git a/boards/tfh/diamond_main/Kconfig.diamond_main b/boards/tfh/diamond_main/Kconfig.diamond_main new file mode 100644 index 00000000..9b0e469a --- /dev/null +++ b/boards/tfh/diamond_main/Kconfig.diamond_main @@ -0,0 +1,2 @@ +config BOARD_DIAMOND_MAIN + select SOC_STM32G474XX diff --git a/boards/arm/diamond_main/board.cmake b/boards/tfh/diamond_main/board.cmake similarity index 100% rename from boards/arm/diamond_main/board.cmake rename to boards/tfh/diamond_main/board.cmake diff --git a/boards/tfh/diamond_main/board.yml b/boards/tfh/diamond_main/board.yml new file mode 100644 index 00000000..327c3a6c --- /dev/null +++ b/boards/tfh/diamond_main/board.yml @@ -0,0 +1,5 @@ +board: + name: diamond_main + vendor: tfh + socs: + - name: stm32g474xx diff --git a/boards/arm/diamond_main/diamond_main.dts b/boards/tfh/diamond_main/diamond_main.dts similarity index 96% rename from boards/arm/diamond_main/diamond_main.dts rename to boards/tfh/diamond_main/diamond_main.dts index 3173a54e..4ae89416 100644 --- a/boards/arm/diamond_main/diamond_main.dts +++ b/boards/tfh/diamond_main/diamond_main.dts @@ -4,6 +4,7 @@ #include "../stm32g474-hrtim.dtsi" #include #include +#include /// see @file modules/hal/stm32/stm32cube/stm32g4xx/drivers/include/stm32g4xx_ll_dmamux.h #define LL_DMAMUX_REQ_ADC1 0x00000005U /*!< DMAMUX ADC1 request */ @@ -28,8 +29,8 @@ #define DMA_DIR_PERIPH_TO_MEM 2 / { - model = "Worldcoin Orb Main MCU"; - compatible = "worldcoin,diamond_main"; + model = "Main board of the Diamond Orb"; + compatible = "tfh,diamond_main"; chosen { zephyr,flash = &flash0; @@ -37,11 +38,11 @@ // app in slot0_partition by default // the bootloader uses an overlay to redefine this zephyr,code-partition = &slot0_partition; - zephyr,canbus = &can1; + zephyr,canbus = &fdcan1; }; aliases { - battery-can-bus = &can2; + battery-can-bus = &fdcan2; watchdog0 = &iwdg; secondary-slot = &slot1_partition; spi-flash0 = &w25q32jv; @@ -166,7 +167,7 @@ }; liquid_lens { - compatible = "worldcoin,liquid-lens"; + compatible = "tfh,liquid-lens"; io-channels = <&adc3 10>, <&adc3 11>, <&adc3 18>; io-channel-names = "ina240_ref", "ina240_sig", "vrefint"; @@ -178,7 +179,7 @@ }; voltage_measurement { - compatible = "worldcoin,voltage-measurement"; + compatible = "tfh,voltage-measurement"; // enable opamps to allow for voltage measurements of the power supplies supply-voltages-meas-enable-gpios = <&gpio_exp1 8 GPIO_ACTIVE_LOW>; @@ -478,8 +479,10 @@ // not actually used by the SPI driver duplex = ; - // get num-leds from the Wuerth Elektronik LED strip above - // num-leds = <136>; + chain-length = <136>; + color-mapping = ; }; }; @@ -505,6 +508,10 @@ }; }; +&vbat { + status = "okay"; +}; + &adc1 { // dmamux1: 8 = dma2,channel 1 dmas = < &dmamux1 LL_DMAMUX_CHANNEL_8 LL_DMAMUX_REQ_ADC1 (STM32_DMA_PERIPH_TO_MEMORY | @@ -514,8 +521,9 @@ status = "okay"; pinctrl-0 = <&adc1_in1_pa0 &adc1_in2_pa1 &adc1_in3_pa2 &adc1_in7_pc1 &adc1_in8_pc2 &adc1_in9_pc3 &adc1_in11_pb12 &adc1_in14_pb11>; pinctrl-names = "default"; + st,adc-clock-source = ; + st,adc-prescaler = <4>; vref-mv = <2048>; - vbat-channel = <0x11>; #address-cells = <1>; #size-cells = <0>; @@ -613,8 +621,9 @@ status = "okay"; pinctrl-0 = <&adc3_in10_pd13 &adc3_in11_pd14>; pinctrl-names = "default"; + st,adc-clock-source = ; + st,adc-prescaler = <4>; vref-mv = <2048>; - vref-channel = < 0x12 >; #address-cells = <1>; #size-cells = <0>; @@ -656,6 +665,8 @@ status = "okay"; pinctrl-0 = <&adc4_in1_pe14 &adc4_in2_pe15>; pinctrl-names = "default"; + st,adc-clock-source = ; + st,adc-prescaler = <4>; vref-mv = <2048>; #address-cells = <1>; @@ -686,8 +697,9 @@ status = "okay"; pinctrl-0 = <&adc5_in7_pd10 &adc5_in8_pd11 &adc5_in9_pd12 &adc5_in12_pd8 &adc5_in13_pd9 &adc5_in14_pe10 &adc5_in15_pe11>; pinctrl-names = "default"; + st,adc-clock-source = ; + st,adc-prescaler = <4>; vref-mv = <2048>; - vref-channel = < 0x12 >; #address-cells = <1>; #size-cells = <0>; @@ -770,7 +782,7 @@ status = "okay"; liquid_lens: liquid_lens { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&hrtim1_cha1_pa8 &hrtim1_cha2_pa9 &hrtim1_chb1_pa10 &hrtim1_chb2_pa11>; pinctrl-names = "default"; }; @@ -780,7 +792,7 @@ status = "okay"; fan_main_tach: fan_main_tach { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim2_ch3_pd7>; pinctrl-names = "default"; channels = <3>; @@ -791,7 +803,7 @@ status = "okay"; led_940nm: led_940nm { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim3_ch1_pe2 &tim3_ch4_pe5 &tim3_ch3_pb0>; pinctrl-names = "default"; channels = <1 4 3>; @@ -802,7 +814,7 @@ status = "okay"; ir_camera_system_master_timer: ir_camera_system_master_timer { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-names = "default"; pinctrl-0 = <>; channels = <1>; @@ -833,7 +845,7 @@ status = "okay"; led_850nm: led_850nm { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim15_ch1_pf9 &tim15_ch2_pf10>; pinctrl-names = "default"; channels = <1 2>; @@ -845,7 +857,7 @@ // AKA CAM0_IREYE ir_eye_camera_trigger: ir_eye_camera_trigger { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim20_ch3_pf2>; pinctrl-names = "default"; channels = <3>; @@ -853,7 +865,7 @@ // AKA CAM2_IRFACE ir_face_camera_trigger: ir_face_camera_trigger { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim20_ch4_pe1>; pinctrl-names = "default"; channels = <4>; @@ -861,7 +873,7 @@ // AKA CAM3_TOF tof_2d_camera_trigger: tof_2d_camera_trigger { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim20_ch2_pe3>; pinctrl-names = "default"; channels = <1>; @@ -1000,7 +1012,7 @@ // apply cone.overlay to add cone components }; -&can1 { +&fdcan1 { pinctrl-0 = <&fdcan1_rx_pd0 &fdcan1_tx_pd1>; pinctrl-names = "default"; @@ -1015,11 +1027,9 @@ * configuration homogeneous (same Tq on all nodes) * 6. Enable TDC for data bit-rates higher than 1 Mbit/s */ - bus-speed = <1000000>; - sjw = <4>; + bitrate = <1000000>; sample-point = <853>; - bus-speed-data = <1000000>; - sjw-data = <4>; + bitrate-data = <1000000>; sample-point-data = <853>; // closest value status = "okay"; }; diff --git a/boards/arm/diamond_main/diamond_main.yaml b/boards/tfh/diamond_main/diamond_main.yaml similarity index 95% rename from boards/arm/diamond_main/diamond_main.yaml rename to boards/tfh/diamond_main/diamond_main.yaml index fcdac13a..75fcfaa8 100644 --- a/boards/arm/diamond_main/diamond_main.yaml +++ b/boards/tfh/diamond_main/diamond_main.yaml @@ -1,5 +1,6 @@ identifier: diamond_main name: Worldcoin Diamond Orb, Main MCU +vendor: tfh type: mcu arch: arm toolchain: diff --git a/boards/arm/diamond_main/diamond_main_defconfig b/boards/tfh/diamond_main/diamond_main_defconfig similarity index 85% rename from boards/arm/diamond_main/diamond_main_defconfig rename to boards/tfh/diamond_main/diamond_main_defconfig index decf1ea2..e1b0a87b 100644 --- a/boards/arm/diamond_main/diamond_main_defconfig +++ b/boards/tfh/diamond_main/diamond_main_defconfig @@ -1,8 +1,4 @@ # SPDX-License-Identifier: Apache-2.0 -CONFIG_BOARD_DIAMOND_MAIN=y - -CONFIG_SOC_SERIES_STM32G4X=y -CONFIG_SOC_STM32G474XX=y # Enable Clocks CONFIG_CLOCK_CONTROL=y diff --git a/boards/arm/diamond_main/support/openocd.cfg b/boards/tfh/diamond_main/support/openocd.cfg similarity index 100% rename from boards/arm/diamond_main/support/openocd.cfg rename to boards/tfh/diamond_main/support/openocd.cfg diff --git a/boards/tfh/pearl_main/Kconfig.pearl_main b/boards/tfh/pearl_main/Kconfig.pearl_main new file mode 100644 index 00000000..0de3ca47 --- /dev/null +++ b/boards/tfh/pearl_main/Kconfig.pearl_main @@ -0,0 +1,2 @@ +config BOARD_PEARL_MAIN + select SOC_STM32G474XX diff --git a/boards/arm/pearl_main/board.cmake b/boards/tfh/pearl_main/board.cmake similarity index 100% rename from boards/arm/pearl_main/board.cmake rename to boards/tfh/pearl_main/board.cmake diff --git a/boards/tfh/pearl_main/board.yml b/boards/tfh/pearl_main/board.yml new file mode 100644 index 00000000..a614e799 --- /dev/null +++ b/boards/tfh/pearl_main/board.yml @@ -0,0 +1,5 @@ +board: + name: pearl_main + vendor: tfh + socs: + - name: stm32g474xx diff --git a/boards/arm/pearl_main/pearl_main.dts b/boards/tfh/pearl_main/pearl_main.dts similarity index 95% rename from boards/arm/pearl_main/pearl_main.dts rename to boards/tfh/pearl_main/pearl_main.dts index b67cc771..69d500f9 100644 --- a/boards/arm/pearl_main/pearl_main.dts +++ b/boards/tfh/pearl_main/pearl_main.dts @@ -19,8 +19,8 @@ / { - model = "Main board of Worldcoin Pearl Orb"; - compatible = "worldcoin,pearl_main"; + model = "Main board of the Pearl Orb"; + compatible = "tfh,pearl_main"; chosen { // app in slot0_partition by default @@ -29,11 +29,11 @@ zephyr,sram = &sram0; zephyr,flash = &flash0; - zephyr,canbus = &can1; + zephyr,canbus = &fdcan1; }; aliases { - battery-can-bus = &can2; + battery-can-bus = &fdcan2; watchdog0 = &iwdg; secondary-slot = &slot1_partition; }; @@ -154,12 +154,12 @@ }; board_version { - compatible = "worldcoin,board-version"; + compatible = "tfh,board-version"; io-channels = <&adc1 11>; }; liquid_lens { - compatible = "worldcoin,liquid-lens"; + compatible = "tfh,liquid-lens"; io-channels = <&adc3 10>, <&adc3 11>, <&adc3 18>; io-channel-names = "ina240_ref", "ina240_sig", "vrefint"; @@ -172,7 +172,7 @@ }; voltage_measurement { - compatible = "worldcoin,voltage-measurement"; + compatible = "tfh,voltage-measurement"; // enable opamps to allow for voltage measurements of the power supplies supply-voltages-meas-enable-gpios = <&gpioe 1 GPIO_ACTIVE_LOW>; @@ -205,7 +205,7 @@ }; voltage_measurement_ev5 { - compatible = "worldcoin,voltage-measurement"; + compatible = "tfh,voltage-measurement"; // enable opamps to allow for voltage measurements of the power supplies supply-voltages-meas-enable-gpios = <&gpioe 1 GPIO_ACTIVE_LOW>; @@ -244,6 +244,10 @@ status = "okay"; }; +&vbat { + status = "okay"; +}; + // used to measure battery voltage, hardware revision // & die temperature (channel 16) &adc1 { @@ -255,8 +259,9 @@ status = "okay"; pinctrl-0 = <&adc1_in1_pa0 &adc1_in7_pc1 &adc1_in8_pc2 &adc1_in9_pc3 &adc1_in11_pb12>; pinctrl-names = "default"; + st,adc-clock-source = ; + st,adc-prescaler = <4>; vref-mv = <3300>; - vbat-channel = < 0x11 >; #address-cells = <1>; #size-cells = <0>; @@ -330,8 +335,9 @@ status = "okay"; pinctrl-0 = <&adc3_in10_pd13 &adc3_in11_pd14>; pinctrl-names = "default"; + st,adc-clock-source = ; + st,adc-prescaler = <4>; vref-mv = <3300>; - vref-channel = < 0x12 >; #address-cells = <1>; #size-cells = <0>; @@ -372,8 +378,9 @@ status = "okay"; pinctrl-0 = <&adc5_in7_pd10 &adc5_in8_pd11 &adc5_in9_pd12 &adc5_in13_pd9>; pinctrl-names = "default"; + st,adc-clock-source = ; + st,adc-prescaler = <4>; vref-mv = <3300>; - vref-channel = < 0x12 >; #address-cells = <1>; #size-cells = <0>; @@ -426,7 +433,7 @@ status = "okay"; liquid_lens: liquid_lens { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&hrtim1_cha1_pa8 &hrtim1_cha2_pa9 &hrtim1_chb1_pa10 &hrtim1_chb2_pa11>; pinctrl-names = "default"; }; @@ -450,7 +457,7 @@ status = "okay"; fan_main_tach: fan_main_tach { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim2_ch3_pd7>; pinctrl-names = "default"; channels = <3>; @@ -461,7 +468,7 @@ status = "okay"; led_940nm: led_940nm { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim3_ch1_pe2 &tim3_ch4_pe5>; pinctrl-names = "default"; channels = <1 4>; @@ -472,7 +479,7 @@ status = "okay"; ir_camera_system_master_timer: ir_camera_system_master_timer { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-names = "default"; pinctrl-0 = <>; channels = <1>; @@ -494,7 +501,7 @@ // AKA CAM0 ir_eye_camera_trigger: ir_eye_camera_trigger { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim8_ch3_pc8>; pinctrl-names = "default"; channels = <3>; @@ -502,7 +509,7 @@ // AKA CAM2 ir_face_camera_trigger: ir_face_camera_trigger { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim8_ch4_pc9>; pinctrl-names = "default"; channels = <4>; @@ -510,7 +517,7 @@ // AKA CAM3 tof_2d_camera_trigger: tof_2d_camera_trigger { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim8_ch1_pc6>; pinctrl-names = "default"; channels = <1>; @@ -521,7 +528,7 @@ status = "okay"; led_850nm: led_850nm { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim15_ch1_pb14 &tim15_ch2_pb15>; pinctrl-names = "default"; channels = <1 2>; @@ -532,7 +539,7 @@ status = "okay"; fan_aux_tach: fan_aux_tach { - compatible = "worldcoin,stm32-pwm"; + compatible = "tfh,stm32-pwm"; pinctrl-0 = <&tim16_ch1_pa12>; pinctrl-names = "default"; channels = <1>; @@ -674,7 +681,7 @@ }; }; -&can1 { +&fdcan1 { pinctrl-0 = <&fdcan1_rx_pd0 &fdcan1_tx_pd1>; pinctrl-names = "default"; @@ -689,21 +696,19 @@ * configuration homogeneous (same Tq on all nodes) * 6. Enable TDC for data bit-rates higher than 1 Mbit/s */ - bus-speed = <125000>; - sjw = <4>; + bitrate = <125000>; sample-point = <852>; - bus-speed-data = <1000000>; - sjw-data = <4>; + bitrate-data = <1000000>; sample-point-data = <853>; // closest value status = "okay"; }; // For battery communications -&can2 { +&fdcan2 { pinctrl-0 = <&fdcan2_rx_pb5 &fdcan2_tx_pb6>; pinctrl-names = "default"; - bus-speed = <1000000>; - bus-speed-data = <1000000>; + bitrate = <1000000>; + bitrate-data = <1000000>; status = "okay"; }; diff --git a/boards/arm/pearl_main/pearl_main.yaml b/boards/tfh/pearl_main/pearl_main.yaml similarity index 95% rename from boards/arm/pearl_main/pearl_main.yaml rename to boards/tfh/pearl_main/pearl_main.yaml index 91eaa4cd..7f5c3a5d 100644 --- a/boards/arm/pearl_main/pearl_main.yaml +++ b/boards/tfh/pearl_main/pearl_main.yaml @@ -1,5 +1,6 @@ identifier: pearl_main name: Worldcoin Pearl Orb, Main MCU +vendor: tfh type: mcu arch: arm toolchain: diff --git a/boards/arm/pearl_main/pearl_main_defconfig b/boards/tfh/pearl_main/pearl_main_defconfig similarity index 67% rename from boards/arm/pearl_main/pearl_main_defconfig rename to boards/tfh/pearl_main/pearl_main_defconfig index 7d1216db..1a69b222 100644 --- a/boards/arm/pearl_main/pearl_main_defconfig +++ b/boards/tfh/pearl_main/pearl_main_defconfig @@ -1,8 +1,4 @@ # SPDX-License-Identifier: Apache-2.0 -CONFIG_BOARD_PEARL_MAIN=y - -CONFIG_SOC_SERIES_STM32G4X=y -CONFIG_SOC_STM32G474XX=y # Enable Clocks CONFIG_CLOCK_CONTROL=y diff --git a/boards/arm/pearl_main/support/openocd.cfg b/boards/tfh/pearl_main/support/openocd.cfg similarity index 100% rename from boards/arm/pearl_main/support/openocd.cfg rename to boards/tfh/pearl_main/support/openocd.cfg diff --git a/boards/arm/stm32g474-hrtim.dtsi b/boards/tfh/stm32g474-hrtim.dtsi similarity index 100% rename from boards/arm/stm32g474-hrtim.dtsi rename to boards/tfh/stm32g474-hrtim.dtsi diff --git a/drivers/i2c_spi_bridge/Kconfig b/drivers/i2c_spi_bridge/Kconfig index 834459e9..7e7db986 100644 --- a/drivers/i2c_spi_bridge/Kconfig +++ b/drivers/i2c_spi_bridge/Kconfig @@ -9,9 +9,9 @@ config SC18IS606 if SC18IS606 config SC18IS606_INIT_PRIO int "SC18IS606 init priority" - default 65 + default 49 config SC18IS606_CHANNEL_INIT_PRIO int "SC18IS606 init priority" - default 66 + default 50 endif diff --git a/dts/bindings/worldcoin/worldcoin,board-version.yaml b/dts/bindings/tfh/tfh,board-version.yaml similarity index 89% rename from dts/bindings/worldcoin/worldcoin,board-version.yaml rename to dts/bindings/tfh/tfh,board-version.yaml index 88b7664a..f751c1a3 100644 --- a/dts/bindings/worldcoin/worldcoin,board-version.yaml +++ b/dts/bindings/tfh/tfh,board-version.yaml @@ -4,7 +4,7 @@ description: | Description for a voltage divider that allows to get the hardware version of the board. -compatible: "worldcoin,board-version" +compatible: "tfh,board-version" properties: io-channels: diff --git a/dts/bindings/worldcoin/worldcoin,liquid-lens.yaml b/dts/bindings/tfh/tfh,liquid-lens.yaml similarity index 95% rename from dts/bindings/worldcoin/worldcoin,liquid-lens.yaml rename to dts/bindings/tfh/tfh,liquid-lens.yaml index 4403787f..82346011 100644 --- a/dts/bindings/worldcoin/worldcoin,liquid-lens.yaml +++ b/dts/bindings/tfh/tfh,liquid-lens.yaml @@ -4,7 +4,7 @@ description: | Description for the liquid lens -compatible: "worldcoin,liquid-lens" +compatible: "tfh,liquid-lens" properties: io-channels: diff --git a/dts/bindings/tfh/tfh,stm32-pwm.yaml b/dts/bindings/tfh/tfh,stm32-pwm.yaml new file mode 100644 index 00000000..a0b59c44 --- /dev/null +++ b/dts/bindings/tfh/tfh,stm32-pwm.yaml @@ -0,0 +1,14 @@ +description: STM32 PWM, but tfh vendor, as to not invoke the stm32 driver + +compatible: "tfh,stm32-pwm" + +properties: + pinctrl-0: + type: phandles + required: true + pinctrl-names: + type: string + required: false + channels: + type: array + required: false diff --git a/dts/bindings/worldcoin/worldcoin,voltage-measurement.yaml b/dts/bindings/tfh/tfh,voltage-measurement.yaml similarity index 94% rename from dts/bindings/worldcoin/worldcoin,voltage-measurement.yaml rename to dts/bindings/tfh/tfh,voltage-measurement.yaml index ece9012e..d13b04f8 100644 --- a/dts/bindings/worldcoin/worldcoin,voltage-measurement.yaml +++ b/dts/bindings/tfh/tfh,voltage-measurement.yaml @@ -4,7 +4,7 @@ description: | Description for voltage measurement circuits. -compatible: "worldcoin,voltage-measurement" +compatible: "tfh,voltage-measurement" properties: io-channels: diff --git a/dts/bindings/vendor-prefixes.txt b/dts/bindings/vendor-prefixes.txt index 31685416..523f1ac8 100644 --- a/dts/bindings/vendor-prefixes.txt +++ b/dts/bindings/vendor-prefixes.txt @@ -1,3 +1,2 @@ -worldcoin Worldcoin tmc Trinamic tfh Tools For Humanity diff --git a/dts/bindings/worldcoin/worldcoin,stm32-pwm.yaml b/dts/bindings/worldcoin/worldcoin,stm32-pwm.yaml deleted file mode 100644 index df9f08cd..00000000 --- a/dts/bindings/worldcoin/worldcoin,stm32-pwm.yaml +++ /dev/null @@ -1,11 +0,0 @@ -description: STM32 PWM, but worldcoin as to not invoke the stm32 driver - -compatible: "worldcoin,stm32-pwm" - -properties: - pinctrl-0: - type: phandles - required: true - channels: - type: array - required: false diff --git a/lib/can_messaging/canbus_tx.c b/lib/can_messaging/canbus_tx.c index 7c64dcc3..fdf0c16b 100644 --- a/lib/can_messaging/canbus_tx.c +++ b/lib/can_messaging/canbus_tx.c @@ -90,7 +90,7 @@ process_tx_messages_thread() // and wait for next tx message in the next loop ret = k_sem_take(&tx_sem, K_MSEC(5000)); if (ret != 0) { - LOG_ERR("tx isotp semaphore error: %i", ret); + LOG_ERR("tx semaphore error: %i", ret); k_sem_give(&tx_sem); continue; } diff --git a/main_board/boards/diamond_main.conf b/main_board/boards/diamond_main.conf index 19119f31..acc08aee 100644 --- a/main_board/boards/diamond_main.conf +++ b/main_board/boards/diamond_main.conf @@ -6,22 +6,12 @@ CONFIG_I2C_MUX_GPIO=y CONFIG_I2C_MUX_GLOBAL_LOCK=y CONFIG_SPI_MUX_GPIO=y -# make sure I2C3 device is initialized before GPIO expanders -CONFIG_I2C_INIT_PRIO_INST_1=48 -# make sure I2C4 device is initialized before the I2C to SPI bridge -CONFIG_I2C_INIT_PRIO_INST_2=48 CONFIG_GPIO_PCA95XX_INIT_PRIORITY=49 -# PCA95xx@0x23 -CONFIG_PCA95XX_INIT_PRIO_INST_0=61 # SPI & muxes initialized before LED strip CONFIG_SPI_INIT_PRIORITY=49 CONFIG_SPI_MUX_GPIO_INIT_PRIO=50 CONFIG_SPI_MUX_GPIO_CHANNEL_INIT_PRIO=51 -# make sure the I2C to SPI bridge is initialized before the LED strip -CONFIG_SC18IS606_INIT_PRIO=49 -CONFIG_SC18IS606_CHANNEL_INIT_PRIO=50 - CONFIG_LED_STRIP_INIT_PRIORITY=52 CONFIG_I2C_INIT_PRIORITY=60 @@ -32,4 +22,4 @@ CONFIG_SPI_STM32_DMA=y CONFIG_SPI_RGB_LED_DIMMING=y CONFIG_APA102_STRIP=y -CONFIG_VL53L1X_PROXIMITY_RANGE_MINIMUM=35 +#CONFIG_VL53L1X_PROXIMITY_RANGE_MINIMUM=35 diff --git a/main_board/prj.conf b/main_board/prj.conf index bb070fd5..0bb117fe 100644 --- a/main_board/prj.conf +++ b/main_board/prj.conf @@ -32,8 +32,8 @@ CONFIG_FPU_SHARING=y # CAN bus CONFIG_CAN=y CONFIG_CAN_FD_MODE=y -# automatic recovery doesn't work so recover manually -CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=n +# automatic recovery doesn't work so recover manually FIXME +CONFIG_CAN_MANUAL_RECOVERY_MODE=y CONFIG_CAN_ADDRESS_MCU=0x01 # Jetson address CONFIG_CAN_ADDRESS_DEFAULT_REMOTE=0x80 @@ -119,10 +119,6 @@ CONFIG_BOOT_BANNER=n # Flash management, needed for DFU CONFIG_FLASH=y CONFIG_FLASH_MAP=y -# FIXME? unfortunately, we can't use deep power down mode because then it -# takes too long to compute CRC over the image and writing to flash -# when doing DFU fails regularly -CONFIG_SPI_NOR_IDLE_IN_DPD=n CONFIG_REBOOT=y diff --git a/main_board/src/power/boot/boot.c b/main_board/src/power/boot/boot.c index 3d26a5b1..1c0e70d5 100644 --- a/main_board/src/power/boot/boot.c +++ b/main_board/src/power/boot/boot.c @@ -512,7 +512,7 @@ power_until_button_press(void) const orb_mcu_main_RgbColor white = RGB_WHITE_BUTTON_PRESS; uint32_t operator_led_mask = 0; operator_leds_set_blocking(&white, operator_led_mask); - LOG_INF("Waiting for button press of " TOSTR(BUTTON_PRESS_TIME_MS) "ms"); + LOG_INF("Waiting for button press of %u ms", BUTTON_PRESS_TIME_MS); for (size_t i = 0; i <= OPERATOR_LEDS_COUNT; ++i) { // check if pvcc is discharged to perform optics self test // the button must not be pressed to initiate the self test diff --git a/utils/env/environment.yml b/utils/env/environment.yml index 3777e376..9700e71b 100644 --- a/utils/env/environment.yml +++ b/utils/env/environment.yml @@ -20,7 +20,6 @@ dependencies: - crc16 - puncover - identify>=2.5.32 - - mflt-compact-log - -r ../test/requirements.txt - -r ../../../../bootloader/mcuboot/scripts/requirements.txt - -r ../../../../zephyr/scripts/requirements.txt From fa430ff63543701b398599a35712028d4ec7f997 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Thu, 21 Nov 2024 17:20:45 +0100 Subject: [PATCH 03/17] feat(zephyr-4): build app app is building signature changed, now passing pointer, instead of pointer of pointer. still many changes to be made Signed-off-by: Cyril Fougeray --- drivers/sensor/bu27030/bu27030.c | 4 ++-- lib/can_messaging/canbus_rx.c | 8 ++++---- lib/can_messaging/canbus_rx_isotp.c | 7 +++---- lib/can_messaging/canbus_tx.c | 4 ++-- lib/can_messaging/canbus_tx_isotp.c | 6 ++---- lib/dfu/flash_map_extended.c | 4 ++-- lib/errors/errors_tests.c | 2 +- lib/errors/orb_fatal.c | 3 +-- lib/include/compilers.h | 20 ------------------- main_board/prj.conf | 2 ++ main_board/src/power/battery/battery_ruby.c | 2 +- main_board/src/runner/runner.c | 8 +++++--- main_board/src/temperature/fan/fan.c | 2 +- main_board/src/temperature/fan/fan_tach.c | 8 +++++--- .../src/temperature/sensors/temperature.c | 2 +- .../ui/rgb_leds/operator_leds/operator_leds.c | 2 +- main_board/src/ui/ui.c | 2 +- 17 files changed, 34 insertions(+), 52 deletions(-) diff --git a/drivers/sensor/bu27030/bu27030.c b/drivers/sensor/bu27030/bu27030.c index cf7a703c..93136d90 100644 --- a/drivers/sensor/bu27030/bu27030.c +++ b/drivers/sensor/bu27030/bu27030.c @@ -162,13 +162,13 @@ bu27030_channel_get(const struct device *dev, enum sensor_channel chan, float lx = tmp1 * tmp2; - if (lx < 0.0) { + if (lx < 0.0f) { return -ERANGE; } // integer part and fractional part (in millionth) val->val1 = (int32_t)lx; - val->val2 = (int32_t)(lx * 1000000.0) % 1000000; + val->val2 = (int32_t)((double)lx * 1000000.0) % 1000000; return 0; } diff --git a/lib/can_messaging/canbus_rx.c b/lib/can_messaging/canbus_rx.c index 5ba757d6..14ee3c10 100644 --- a/lib/can_messaging/canbus_rx.c +++ b/lib/can_messaging/canbus_rx.c @@ -15,10 +15,10 @@ static struct k_thread rx_thread_data = {0}; static const struct device *can_dev = DEVICE_DT_GET_OR_NULL(DT_CHOSEN(zephyr_canbus)); static struct can_frame rx_frame; -static const struct can_filter recv_queue_filter = { - .id = CONFIG_CAN_ADDRESS_MCU, - .mask = CAN_EXT_ID_MASK, - .flags = CAN_FILTER_IDE | CAN_FILTER_FDF | CAN_FILTER_DATA}; +static const struct can_filter recv_queue_filter = {.id = + CONFIG_CAN_ADDRESS_MCU, + .mask = CAN_EXT_ID_MASK, + .flags = CAN_FILTER_IDE}; CAN_MSGQ_DEFINE(can_recv_queue, 5); static ret_code_t (*incoming_message_handler)(can_message_t *message); diff --git a/lib/can_messaging/canbus_rx_isotp.c b/lib/can_messaging/canbus_rx_isotp.c index 54d6f37a..054c43cd 100644 --- a/lib/can_messaging/canbus_rx_isotp.c +++ b/lib/can_messaging/canbus_rx_isotp.c @@ -5,6 +5,7 @@ #include #include #include +#include #include "orb_logs.h" #include @@ -52,14 +53,12 @@ bind_to_remotes(void) .std_id = CAN_ISOTP_STDID_DESTINATION( (CONFIG_CAN_ISOTP_REMOTE_ID + app_id), CONFIG_CAN_ISOTP_LOCAL_ID), - .ide = 0, - .use_ext_addr = 0}; + .flags = 0}; struct isotp_msg_id app_to_mcu_src_addr = { .std_id = CAN_ISOTP_STDID_SOURCE((CONFIG_CAN_ISOTP_REMOTE_ID + app_id), CONFIG_CAN_ISOTP_LOCAL_ID), - .ide = 0, - .use_ext_addr = 0}; + .flags = 0}; ret = isotp_bind(&rx_ctx[app_id], can_dev, &app_to_mcu_dst_addr, &app_to_mcu_src_addr, &flow_control_opts, K_FOREVER); diff --git a/lib/can_messaging/canbus_tx.c b/lib/can_messaging/canbus_tx.c index fdf0c16b..986711b3 100644 --- a/lib/can_messaging/canbus_tx.c +++ b/lib/can_messaging/canbus_tx.c @@ -106,7 +106,7 @@ process_tx_messages_thread() int err_code = send(new.bytes, new.size, tx_complete_cb, new.destination); - k_mem_slab_free(&can_tx_memory_slab, (void **)&new.bytes); + k_mem_slab_free(&can_tx_memory_slab, (void *)new.bytes); if (err_code != RET_SUCCESS) { #ifndef CONFIG_ORB_LIB_LOG_BACKEND_CAN // prevent recursive call @@ -155,7 +155,7 @@ can_messaging_async_tx(const can_message_t *message) int ret = k_msgq_put(&can_tx_msg_queue, &to_send, K_MSEC(200)); if (ret) { - k_mem_slab_free(&can_tx_memory_slab, (void **)&to_send.bytes); + k_mem_slab_free(&can_tx_memory_slab, (void *)to_send.bytes); #ifndef CONFIG_ORB_LIB_LOG_BACKEND_CAN // prevent recursive call LOG_ERR("Too many tx messages"); diff --git a/lib/can_messaging/canbus_tx_isotp.c b/lib/can_messaging/canbus_tx_isotp.c index 595d6952..2578652d 100644 --- a/lib/can_messaging/canbus_tx_isotp.c +++ b/lib/can_messaging/canbus_tx_isotp.c @@ -60,10 +60,8 @@ process_tx_messages_thread() struct isotp_send_ctx send_ctx = {0}; // CAN ISO-TP addressing - struct isotp_msg_id mcu_to_jetson_dst_addr = { - .std_id = 0, .ide = 0, .use_ext_addr = 0}; - struct isotp_msg_id mcu_to_jetson_src_addr = { - .std_id = 0, .ide = 0, .use_ext_addr = 0}; + struct isotp_msg_id mcu_to_jetson_dst_addr = {.std_id = 0, .flags = 0}; + struct isotp_msg_id mcu_to_jetson_src_addr = {.std_id = 0, .flags = 0}; int ret; while (1) { diff --git a/lib/dfu/flash_map_extended.c b/lib/dfu/flash_map_extended.c index 394ac6ad..80a0b7c5 100644 --- a/lib/dfu/flash_map_extended.c +++ b/lib/dfu/flash_map_extended.c @@ -79,11 +79,11 @@ flash_area_id_from_image_slot(int slot) int flash_area_id_to_multi_image_slot(int image_index, int area_id) { - if (area_id == FLASH_AREA_IMAGE_PRIMARY(image_index)) { + if ((uint32_t)area_id == FLASH_AREA_IMAGE_PRIMARY(image_index)) { return 0; } #if !defined(CONFIG_SINGLE_APPLICATION_SLOT) - if (area_id == FLASH_AREA_IMAGE_SECONDARY(image_index)) { + if ((uint32_t)area_id == FLASH_AREA_IMAGE_SECONDARY(image_index)) { return 1; } #endif diff --git a/lib/errors/errors_tests.c b/lib/errors/errors_tests.c index 59236174..20f68a6d 100644 --- a/lib/errors/errors_tests.c +++ b/lib/errors/errors_tests.c @@ -5,7 +5,7 @@ #include "orb_logs.h" #include #include -#include +#include /* * Do not optimize to prevent GCC from generating invalid diff --git a/lib/errors/orb_fatal.c b/lib/errors/orb_fatal.c index 78f1c042..e020d716 100644 --- a/lib/errors/orb_fatal.c +++ b/lib/errors/orb_fatal.c @@ -1,7 +1,6 @@ // include kernel.h first // clang-format off #include -#include // clang-format on #include "orb_logs.h" #include @@ -25,7 +24,7 @@ static uint32_t reset_reason_reg = 0; * @param esf */ void -k_sys_fatal_error_handler(unsigned int reason, const z_arch_esf_t *esf) +k_sys_fatal_error_handler(unsigned int reason, const struct arch_esf *esf) { ARG_UNUSED(esf); diff --git a/lib/include/compilers.h b/lib/include/compilers.h index 9ee12802..ef437c6f 100644 --- a/lib/include/compilers.h +++ b/lib/include/compilers.h @@ -26,11 +26,6 @@ #define __PACKED __packed #endif -#ifndef __must_be_array -#define __must_be_array(...) -#warning Checks not performed on arrays with this compiler -#endif - #define GET_SP() __current_sp() #ifndef ASSERT_CONST_ARRAY_VALUE @@ -93,21 +88,6 @@ assert_pointer_value_check(char *details); assert_pointer_value_check(""); \ } -#ifndef __must_be_array -/* - * Based on Linux kernel's include/linux/build_bug.h - * https://github.com/torvalds/linux/blob/master/include/linux/build_bug.h: - * Force a compilation error if condition is true, but also produce a result (of - * value 0 and type int), so the expression can be used e.g. in a structure - * initializer (or where-ever else comma expressions aren't permitted). - */ -#define BUILD_BUG_ON_ZERO(e) (sizeof(struct { int : -!!(e); })) -#define __same_type(a, b) __builtin_types_compatible_p(typeof(a), typeof(b)) -// Based on -// https://github.com/torvalds/linux/blob/master/tools/include/linux/compiler-gcc.h -#define __must_be_array(a) BUILD_BUG_ON_ZERO(__same_type((a), &(a)[0])) -#endif - #endif #define UNUSED_VARIABLE(X) ((void)(X)) diff --git a/main_board/prj.conf b/main_board/prj.conf index 0bb117fe..372fa31f 100644 --- a/main_board/prj.conf +++ b/main_board/prj.conf @@ -126,4 +126,6 @@ CONFIG_REBOOT=y # also needed when testing errors CONFIG_ENTROPY_GENERATOR=y +CONFIG_CRC=y + CONFIG_LED_STRIP=y diff --git a/main_board/src/power/battery/battery_ruby.c b/main_board/src/power/battery/battery_ruby.c index 85c14001..85783cd0 100644 --- a/main_board/src/power/battery/battery_ruby.c +++ b/main_board/src/power/battery/battery_ruby.c @@ -54,7 +54,7 @@ volatile enum can_state current_can_controller_state = CAN_STATE_STOPPED; volatile bool current_can_controller_state_changed = false; static struct can_filter battery_can_filter = { - .id = 0, .mask = CAN_STD_ID_MASK, .flags = CAN_FILTER_DATA}; + .id = 0, .mask = CAN_STD_ID_MASK, .flags = 0}; static volatile bool can_transmission_completed = true; diff --git a/main_board/src/runner/runner.c b/main_board/src/runner/runner.c index 4633caa3..61bbd33b 100644 --- a/main_board/src/runner/runner.c +++ b/main_board/src/runner/runner.c @@ -1158,7 +1158,8 @@ handle_ir_eye_camera_focus_sweep_values_polynomial(job_t *job) orb_mcu_main_IREyeCameraFocusSweepValuesPolynomial p = msg->payload.ir_eye_camera_focus_sweep_values_polynomial; LOG_DBG("a: %f, b: %f, c: %f, d: %f, e: %f, f: %f, num frames: %u", - p.coef_a, p.coef_b, p.coef_c, p.coef_d, p.coef_e, p.coef_f, + (double)p.coef_a, (double)p.coef_b, (double)p.coef_c, + (double)p.coef_d, (double)p.coef_e, (double)p.coef_f, p.number_of_frames); ret_code_t err = ir_camera_system_set_polynomial_coefficients_for_focus_sweep( @@ -1208,8 +1209,9 @@ handle_ir_eye_camera_mirror_sweep_values_polynomial(job_t *job) msg->payload.ir_eye_camera_mirror_sweep_values_polynomial; LOG_DBG( "r_a: %f, r_b: %f, r_c: %f, a_a: %f, a_b: %f, a_c: %f, num frames: %u", - p.radius_coef_a, p.radius_coef_b, p.radius_coef_c, p.angle_coef_a, - p.angle_coef_b, p.angle_coef_c, p.number_of_frames); + (double)p.radius_coef_a, (double)p.radius_coef_b, + (double)p.radius_coef_c, (double)p.angle_coef_a, (double)p.angle_coef_b, + (double)p.angle_coef_c, p.number_of_frames); ret_code_t err = ir_camera_system_set_polynomial_coefficients_for_mirror_sweep( msg->payload.ir_eye_camera_mirror_sweep_values_polynomial); diff --git a/main_board/src/temperature/fan/fan.c b/main_board/src/temperature/fan/fan.c index a7c89009..5639204a 100644 --- a/main_board/src/temperature/fan/fan.c +++ b/main_board/src/temperature/fan/fan.c @@ -124,7 +124,7 @@ void fan_set_speed_by_value(uint16_t value) { LOG_INF("Switching fan to approximately %.2f%% speed", - ((float)value / UINT16_MAX) * 100); + ((double)value / UINT16_MAX) * 100.0); if (value != 0) { uint32_t pulse_width_ns = compute_pulse_width_ns(value); diff --git a/main_board/src/temperature/fan/fan_tach.c b/main_board/src/temperature/fan/fan_tach.c index 72c4b181..d64032bb 100644 --- a/main_board/src/temperature/fan/fan_tach.c +++ b/main_board/src/temperature/fan/fan_tach.c @@ -120,7 +120,8 @@ static void (*const enable_timer_cc_int[TIMER_MAX_CH])(TIM_TypeDef *) = { }; /** Channel to is_active CC int function mapping. */ -static uint32_t (*const is_active_timer_cc_int[TIMER_MAX_CH])(TIM_TypeDef *) = { +static uint32_t (*const is_active_timer_cc_int[TIMER_MAX_CH])( + const TIM_TypeDef *) = { LL_TIM_IsActiveFlag_CC1, LL_TIM_IsActiveFlag_CC2, LL_TIM_IsActiveFlag_CC3, @@ -128,7 +129,8 @@ static uint32_t (*const is_active_timer_cc_int[TIMER_MAX_CH])(TIM_TypeDef *) = { }; /** Channel to get CC value function mapping. */ -static uint32_t (*const get_timer_cc_value[TIMER_MAX_CH])(TIM_TypeDef *) = { +static uint32_t (*const get_timer_cc_value[TIMER_MAX_CH])( + const TIM_TypeDef *) = { LL_TIM_IC_GetCaptureCH1, LL_TIM_IC_GetCaptureCH2, LL_TIM_IC_GetCaptureCH3, @@ -146,7 +148,7 @@ static void (*const clear_overrun_timer_cc_value[TIMER_MAX_CH])( /** Channel to is_active overrun CC function mapping. */ static uint32_t (*const is_active_timer_cc_overrun[TIMER_MAX_CH])( - TIM_TypeDef *) = { + const TIM_TypeDef *) = { LL_TIM_IsActiveFlag_CC1OVR, LL_TIM_IsActiveFlag_CC2OVR, LL_TIM_IsActiveFlag_CC3OVR, diff --git a/main_board/src/temperature/sensors/temperature.c b/main_board/src/temperature/sensors/temperature.c index 3ca61f35..e2b69f0e 100644 --- a/main_board/src/temperature/sensors/temperature.c +++ b/main_board/src/temperature/sensors/temperature.c @@ -836,7 +836,7 @@ check_overtemp_conditions(void) // Warning so that it's logged over CAN LOG_WRN( "Over-temperature conditions have abated, restoring fan to %.2f%%", - ((float)fan_speed_before_overtemperature / UINT16_MAX) * 100); + ((double)fan_speed_before_overtemperature / UINT16_MAX) * 100); fan_set_speed_by_value(fan_speed_before_overtemperature); } else if (old_num_sensors_in_overtemp_conditions == 0 && diff --git a/main_board/src/ui/rgb_leds/operator_leds/operator_leds.c b/main_board/src/ui/rgb_leds/operator_leds/operator_leds.c index 1b2389a2..b72bb90c 100644 --- a/main_board/src/ui/rgb_leds/operator_leds/operator_leds.c +++ b/main_board/src/ui/rgb_leds/operator_leds/operator_leds.c @@ -46,7 +46,7 @@ apply_pattern(uint32_t mask, struct led_rgb *color) { // go through mask starting with most significant bit // so that mask is applied from left LED to right for the operator - for (size_t i = 0; i < ARRAY_SIZE_ASSERT(leds); ++i) { + for (size_t i = 0; i < ARRAY_SIZE(leds); ++i) { #if defined(CONFIG_BOARD_PEARL_MAIN) uint32_t bit = BIT((OPERATOR_LEDS_COUNT - 1) - i); #elif defined(CONFIG_BOARD_DIAMOND_MAIN) diff --git a/main_board/src/ui/ui.c b/main_board/src/ui/ui.c index 4001f6d6..7346aae1 100644 --- a/main_board/src/ui/ui.c +++ b/main_board/src/ui/ui.c @@ -7,7 +7,7 @@ #if defined(CONFIG_BOARD_DIAMOND_MAIN) #include "ui/rgb_leds/cone_leds/cone_leds.h" #include "ui/white_leds/white_leds.h" -#include +#include #endif static bool cone_present = false; From 517a49ece1f4904b7f208be08e115124de67ac33 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Thu, 21 Nov 2024 18:39:12 +0100 Subject: [PATCH 04/17] feat(zephyr): re-order initializations with deferred initialization, we can now initialize devices at runtime. I2C1 is one that should be postponed until after the power supplies are initialized and turned on. Signed-off-by: Cyril Fougeray --- boards/tfh/diamond_main/diamond_main.dts | 3 ++ main_board/boards/diamond_main.conf | 7 ++-- main_board/include/app_config.h | 1 + main_board/src/power/boot/boot.c | 50 ++++++++++++++++-------- 4 files changed, 41 insertions(+), 20 deletions(-) diff --git a/boards/tfh/diamond_main/diamond_main.dts b/boards/tfh/diamond_main/diamond_main.dts index 4ae89416..4f006e9f 100644 --- a/boards/tfh/diamond_main/diamond_main.dts +++ b/boards/tfh/diamond_main/diamond_main.dts @@ -950,6 +950,7 @@ pinctrl-0 = <&i2c1_scl_pa15 &i2c1_sda_pb9>; pinctrl-names = "default"; status = "okay"; + zephyr,deferred-init; tof_sensor: vl53l1x@29 { compatible = "st,vl53l1x"; @@ -959,6 +960,8 @@ // io-expander on the front unit 0x23 gpio_exp_front_unit: pca95xx@23 { compatible = "nxp,pca95xx"; + zephyr,deferred-init; + reg = <0x23>; gpio-controller; #gpio-cells = <2>; diff --git a/main_board/boards/diamond_main.conf b/main_board/boards/diamond_main.conf index acc08aee..bba13a95 100644 --- a/main_board/boards/diamond_main.conf +++ b/main_board/boards/diamond_main.conf @@ -6,14 +6,15 @@ CONFIG_I2C_MUX_GPIO=y CONFIG_I2C_MUX_GLOBAL_LOCK=y CONFIG_SPI_MUX_GPIO=y +CONFIG_I2C_INIT_PRIORITY=48 + # pca95xx after I2C CONFIG_GPIO_PCA95XX_INIT_PRIORITY=49 -# SPI & muxes initialized before LED strip CONFIG_SPI_INIT_PRIORITY=49 +# spi mux after pca95xx CONFIG_SPI_MUX_GPIO_INIT_PRIO=50 CONFIG_SPI_MUX_GPIO_CHANNEL_INIT_PRIO=51 - +# LED strip after spi mux CONFIG_LED_STRIP_INIT_PRIORITY=52 -CONFIG_I2C_INIT_PRIORITY=60 CONFIG_SPI_RGB_LED=y # SPI with DMA for LED strip diff --git a/main_board/include/app_config.h b/main_board/include/app_config.h index 569e8356..ba4610f9 100644 --- a/main_board/include/app_config.h +++ b/main_board/include/app_config.h @@ -107,6 +107,7 @@ // logging thread priority 14 #define SYS_INIT_UI_LEDS_PRIORITY 62 +#define SYS_INIT_I2C1_INIT_PRIORITY 55 #define SYS_INIT_POWER_SUPPLY_INIT_PRIORITY 54 #define SYS_INIT_WAIT_FOR_BUTTON_PRESS_PRIORITY 53 #define SYS_INIT_GPIO_CONFIG_PRIORITY 52 diff --git a/main_board/src/power/boot/boot.c b/main_board/src/power/boot/boot.c index 1c0e70d5..e9dd6a8b 100644 --- a/main_board/src/power/boot/boot.c +++ b/main_board/src/power/boot/boot.c @@ -25,6 +25,7 @@ #include #endif +#include #include LOG_MODULE_REGISTER(power_sequence, CONFIG_POWER_SEQUENCE_LOG_LEVEL); @@ -382,8 +383,8 @@ power_vbat_5v_3v3_supplies_off(void) LOG_INF("3.3V power supply disabled"); } -int -power_turn_on_power_supplies(void) +static int +turn_on_power_supplies(void) { orb_mcu_Hardware_OrbVersion version = version_get_hardware_rev(); @@ -449,10 +450,37 @@ power_turn_on_power_supplies(void) return 0; } -BUILD_ASSERT(CONFIG_I2C_INIT_PRIORITY > SYS_INIT_POWER_SUPPLY_INIT_PRIORITY, - "I2C must be initialized _after_ the power supplies so that the " +#if defined(CONFIG_BOARD_DIAMOND_MAIN) +static int +init_i2c1_front_pca95xx(void) +{ + int ret; + const struct device *i2c1 = DEVICE_DT_GET(DT_NODELABEL(i2c1)); + ret = device_init(i2c1); + if (ret) { + LOG_ERR("Failed to initialize I2C1 bus: %d", ret); + return ret; + } + + const struct device *pca95xx_dev = + DEVICE_DT_GET(DT_NODELABEL(gpio_exp_front_unit)); + ret = device_init(pca95xx_dev); + if (ret) { + LOG_ERR("Failed to initialize PCA95xx device: %d", ret); + return ret; + } + + return ret; +} + +BUILD_ASSERT(SYS_INIT_I2C1_INIT_PRIORITY > SYS_INIT_POWER_SUPPLY_INIT_PRIORITY, + "I2C1 must be initialized _after_ the power supplies so that the " "safety circuit doesn't get tripped"); +SYS_INIT(init_i2c1_front_pca95xx, POST_KERNEL, + SYS_INIT_POWER_SUPPLY_INIT_PRIORITY); +#endif + #ifdef CONFIG_GPIO_PCA95XX_INIT_PRIORITY BUILD_ASSERT( CONFIG_GPIO_PCA95XX_INIT_PRIORITY < SYS_INIT_POWER_SUPPLY_INIT_PRIORITY, @@ -461,21 +489,9 @@ BUILD_ASSERT( CONFIG_GPIO_PCA95XX_INIT_PRIORITY < SYS_INIT_WAIT_FOR_BUTTON_PRESS_PRIORITY, "GPIO expanders need to be initialized for the button state to be polled."); -#ifdef CONFIG_I2C_INIT_PRIO_INST_1 -BUILD_ASSERT( - CONFIG_GPIO_PCA95XX_INIT_PRIORITY > CONFIG_I2C_INIT_PRIO_INST_1, - "GPIO expanders need to be initialized after I2C3 because they are " - "connected to the I2C bus."); - -BUILD_ASSERT(DEVICE_DT_GET(DT_INST(1, st_stm32_i2c_v2)) == - DEVICE_DT_GET(DT_PARENT(DT_NODELABEL(gpio_exp_pwr_brd))), - "GPIO expander to power board must be the one connected to I2C " - "instance 1 (i2c3)\nif not, make sure to correctly define " - "CONFIG_I2C_INIT_PRIO_INST_x"); -#endif #endif -SYS_INIT(power_turn_on_power_supplies, POST_KERNEL, +SYS_INIT(turn_on_power_supplies, POST_KERNEL, SYS_INIT_POWER_SUPPLY_INIT_PRIORITY); #define BUTTON_PRESS_TIME_MS 600 From ce11f9f4f53e3e355191a9a9bd777b8873ac4b52 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 22 Nov 2024 11:14:29 +0100 Subject: [PATCH 05/17] feat(can): pearl: enable CAN RTR messages for main battery Signed-off-by: Cyril Fougeray --- main_board/boards/pearl_main.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/main_board/boards/pearl_main.conf b/main_board/boards/pearl_main.conf index 2d56737c..16353e83 100644 --- a/main_board/boards/pearl_main.conf +++ b/main_board/boards/pearl_main.conf @@ -1,3 +1,6 @@ +# Comm with main battery +CONFIG_CAN_ACCEPT_RTR=y + # LED Strips CONFIG_LED_STRIP=y CONFIG_WS2812_PWM_STM32=y From f45841d84954ac93223345e3fa06c4c7f9138604 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 22 Nov 2024 13:48:17 +0100 Subject: [PATCH 06/17] feat(zephyr): C23 + GNU extensions with KConfig global CSTD property is deprecated with zephyr 3.7.0. Signed-off-by: Cyril Fougeray --- main_board/CMakeLists.txt | 2 -- main_board/prj.conf | 3 +++ 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/main_board/CMakeLists.txt b/main_board/CMakeLists.txt index e6f025e1..1c102394 100644 --- a/main_board/CMakeLists.txt +++ b/main_board/CMakeLists.txt @@ -38,8 +38,6 @@ set_property( PROPERTY CMAKE_CONFIGURE_DEPENDS ${PROJECT_DIR}/VERSION ) -set_property(GLOBAL PROPERTY CSTD gnu11) - # optional Orb variable allows to select the board if ("$ENV{ORB}" STREQUAL "pearl") unset(BOARD CACHE) diff --git a/main_board/prj.conf b/main_board/prj.conf index 372fa31f..71b27370 100644 --- a/main_board/prj.conf +++ b/main_board/prj.conf @@ -129,3 +129,6 @@ CONFIG_ENTROPY_GENERATOR=y CONFIG_CRC=y CONFIG_LED_STRIP=y + +CONFIG_GNU_C_EXTENSIONS=y +CONFIG_STD_C23=y From 7c6d06b5f6585a50a04d3684792199366a83445b Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 22 Nov 2024 16:29:14 +0100 Subject: [PATCH 07/17] fix(hil): fix hil tests ZTEST_NEW_API not a config anymore fix test compilation and warnings config MCUBOOT_BOOTLOADER_MODE_SINGLE_APP (one-slot) config MCUBOOT_GENERATE_UNSIGNED_IMAGE because no signing keys are used when generating the test binary add more delay between dfu messages (erasure takes time) Signed-off-by: Cyril Fougeray --- .github/workflows/twister_native.yml | 12 +----------- lib/dfu/flash_map_extended.c | 4 ++++ main_board/src/main.c | 6 +++--- .../unit_tests/ir_camera_system/mock_include/utils.h | 2 +- .../unit_tests/ir_camera_system/prj.conf | 1 - .../ir_camera_timer_settings/mock_include/utils.h | 2 +- .../unit_tests/ir_camera_timer_settings/prj.conf | 1 - main_board/src/system/dfu/dfu_tests.c | 2 +- main_board/tests.conf | 3 ++- 9 files changed, 13 insertions(+), 20 deletions(-) diff --git a/.github/workflows/twister_native.yml b/.github/workflows/twister_native.yml index fcb5bea3..312364f2 100644 --- a/.github/workflows/twister_native.yml +++ b/.github/workflows/twister_native.yml @@ -19,15 +19,6 @@ jobs: git config --global --add url."https://wc-cicd:${{ secrets.GIT_HUB_TOKEN }}@github.com/worldcoin/".insteadOf "git@github.com:worldcoin/" cd orb && west init -l --mf public/west.yml . || echo "Ignoring west init error $?" # might be already initialized west update --narrow --fetch-opt=--depth=1 - - name: Twister native POSIX 64 - run: | - cd ${{ github.job }} - if ! ./zephyr/scripts/twister -T orb/public/main_board -vv -c -p native_posix_64; then - find twister-out/ \( -name 'build.log' -o -name 'handler.log' -o -name 'device.log' \) -exec cat {} \; - false - fi - # keep a copy to be merged with next test - cp twister-out/twister_report.xml twister_report_local.xml - name: Twister unit tests run: | cd ${{ github.job }} @@ -35,12 +26,11 @@ jobs: find twister-out/ \( -name 'build.log' -o -name 'handler.log' -o -name 'device.log' \) -exec cat {} \; false fi - junitparser merge twister-out/twister_report.xml twister_report_local.xml junit.xml - name: Publish Test Results uses: EnricoMi/publish-unit-test-result-action@ca89ad036b5fcd524c1017287fb01b5139908408 # pin@v2 if: always() with: - junit_files: "${{ github.job }}/junit.xml" + junit_files: "${{ github.job }}/twister-out/twister_report.xml" comment_mode: off - name: Clean if: always() diff --git a/lib/dfu/flash_map_extended.c b/lib/dfu/flash_map_extended.c index 80a0b7c5..25cd9a4b 100644 --- a/lib/dfu/flash_map_extended.c +++ b/lib/dfu/flash_map_extended.c @@ -54,6 +54,8 @@ flash_device_base(uint8_t fd_id, uintptr_t *ret) int flash_area_id_from_multi_image_slot(int image_index, int slot) { + ARG_UNUSED(image_index); + switch (slot) { case 0: return FLASH_AREA_IMAGE_PRIMARY(image_index); @@ -79,6 +81,8 @@ flash_area_id_from_image_slot(int slot) int flash_area_id_to_multi_image_slot(int image_index, int area_id) { + ARG_UNUSED(image_index); + if ((uint32_t)area_id == FLASH_AREA_IMAGE_PRIMARY(image_index)) { return 0; } diff --git a/main_board/src/main.c b/main_board/src/main.c index fa022a08..1c7330d5 100644 --- a/main_board/src/main.c +++ b/main_board/src/main.c @@ -42,7 +42,7 @@ static bool jetson_up_and_running = false; static K_MUTEX_DEFINE(analog_and_i2c_mutex); -#ifdef CONFIG_ZTEST_NEW_API +#ifdef CONFIG_ZTEST #include ZTEST_SUITE(hil, NULL, NULL, NULL, NULL, NULL); @@ -73,12 +73,12 @@ ZTEST_SUITE(ir_camera, NULL, NULL, ir_camera_test_reset, ir_camera_test_reset, static void run_tests() { -#if defined(CONFIG_ZTEST_NEW_API) +#if defined(CONFIG_ZTEST) // Per default publishing of voltages is disabled // -> enable it for testing if voltage messages are published voltage_measurement_set_publish_period(1000); - ztest_run_all(NULL); + ztest_run_all(NULL, false, 1, 1); ztest_verify_all_test_suites_ran(); #endif diff --git a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/mock_include/utils.h b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/mock_include/utils.h index c40b79f9..4e324180 100644 --- a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/mock_include/utils.h +++ b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/mock_include/utils.h @@ -1,4 +1,4 @@ -#include +#include #define STATIC_OR_EXTERN diff --git a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/prj.conf b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/prj.conf index d1895935..43dd9dbd 100644 --- a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/prj.conf +++ b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/prj.conf @@ -1,4 +1,3 @@ # Zephyr CONFIG_ZTEST=y -CONFIG_ZTEST_NEW_API=y CONFIG_TEST_LOGGING_DEFAULTS=n diff --git a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/mock_include/utils.h b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/mock_include/utils.h index 9d1384d4..9c82ac31 100644 --- a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/mock_include/utils.h +++ b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/mock_include/utils.h @@ -1,4 +1,4 @@ -#include +#include #define CRITICAL_SECTION_ENTER(k) \ { \ diff --git a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/prj.conf b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/prj.conf index ca8801e7..2ca5287a 100644 --- a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/prj.conf +++ b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/prj.conf @@ -1,5 +1,4 @@ CONFIG_ZTEST=y -CONFIG_ZTEST_NEW_API=y CONFIG_TEST_LOGGING_DEFAULTS=n #CONFIG_FFF_TEST=y #CONFIG_FFF_TEST_C=y diff --git a/main_board/src/system/dfu/dfu_tests.c b/main_board/src/system/dfu/dfu_tests.c index 599d075c..aa964812 100644 --- a/main_board/src/system/dfu/dfu_tests.c +++ b/main_board/src/system/dfu/dfu_tests.c @@ -79,7 +79,7 @@ ZTEST(hil, test_dfu_upload_tests) dfu_block.message.j_message.payload.dfu_block.block_number + 1, DFU_BLOCK_SIZE_MAX); - k_msleep(100); + k_msleep(200); } LOG_INF("Reading back flash"); diff --git a/main_board/tests.conf b/main_board/tests.conf index 54bb4f98..ef755d40 100644 --- a/main_board/tests.conf +++ b/main_board/tests.conf @@ -34,7 +34,6 @@ CONFIG_ALS_LOG_LEVEL_WRN=y # CONFIG_THREAD_NAME=y CONFIG_ZTEST=y -CONFIG_ZTEST_NEW_API=y CONFIG_ZTEST_STACK_SIZE=3000 # enable all runtime tests @@ -45,3 +44,5 @@ CONFIG_ORB_LIB_STORAGE_TESTS=y # don't generate an OTA image as it won't fit anyway CONFIG_MCUBOOT_SIGNATURE_KEY_FILE="" CONFIG_MCUBOOT_ENCRYPTION_KEY_FILE="" +CONFIG_MCUBOOT_GENERATE_UNSIGNED_IMAGE=y +CONFIG_MCUBOOT_BOOTLOADER_MODE_SINGLE_APP=y From cd9d27b2d9972160dec0a7eef1c6f1268e21b4fa Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 22 Nov 2024 16:30:08 +0100 Subject: [PATCH 08/17] feat(bootloader): update the bootloader for zephyr 4.0 taken from mcuboot example debug boot: read flash data, instead of relying on hardcoded values Signed-off-by: Cyril Fougeray --- bootloader/Kconfig | 582 ++++++++++++------ bootloader/Kconfig.firmware_loader | 47 ++ bootloader/Kconfig.serial_recovery | 214 +++++++ bootloader/boards/diamond_main.conf | 1 + bootloader/include/config-asn1.h | 2 - bootloader/include/config-ec.h | 2 - bootloader/include/config-ed25519.h | 2 - bootloader/include/config-kw.h | 2 - bootloader/include/config-rsa-kw.h | 2 - bootloader/include/config-rsa.h | 2 - bootloader/include/mcuboot-mbedtls-cfg.h | 1 - .../include/mcuboot_config/mcuboot_config.h | 90 ++- bootloader/include/single_loader.h | 21 - bootloader/include/sysflash/sysflash.h | 72 ++- bootloader/include/target.h | 2 +- bootloader/prj.conf | 3 - bootloader/src/arm_cleanup.c | 2 +- bootloader/src/flash_map_extended.c | 14 +- bootloader/src/keys.c | 132 +--- bootloader/src/main.c | 355 ++++------- 20 files changed, 913 insertions(+), 635 deletions(-) create mode 100644 bootloader/Kconfig.firmware_loader create mode 100644 bootloader/Kconfig.serial_recovery delete mode 100644 bootloader/include/single_loader.h diff --git a/bootloader/Kconfig b/bootloader/Kconfig index 2c585b92..197f4491 100644 --- a/bootloader/Kconfig +++ b/bootloader/Kconfig @@ -1,5 +1,6 @@ # Copyright (c) 2017-2020 Linaro Limited # Copyright (c) 2020 Arm Limited +# Copyright (c) 2023 Nordic Semiconductor ASA # # SPDX-License-Identifier: Apache-2.0 # @@ -23,6 +24,12 @@ config BOOT_USE_MBEDTLS help Use mbedTLS for crypto primitives. +config BOOT_USE_PSA_CRYPTO + bool + # Hidden option + help + Hidden option set if using PSA crypt for cryptography functionality + config BOOT_USE_TINYCRYPT bool # Hidden option @@ -30,6 +37,7 @@ config BOOT_USE_TINYCRYPT # When building for ECDSA, we use our own copy of mbedTLS, so the # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros # will collide. + select MBEDTLS_PROMPTLESS if ZEPHYR_MBEDTLS_MODULE help Use TinyCrypt for crypto primitives. @@ -65,6 +73,51 @@ config SINGLE_APPLICATION_SLOT uploading a new application overwrites the one that previously occupied the area. +config BOOT_IMG_HASH_ALG_SHA256_ALLOW + bool + help + Hidden option set by configurations that allow SHA256 + +config BOOT_IMG_HASH_ALG_SHA384_ALLOW + bool + help + Hidden option set by configurations that allow SHA384 + +config BOOT_IMG_HASH_ALG_SHA512_ALLOW + bool + help + Hidden option set by configurations that allow SHA512 + +choice BOOT_IMG_HASH_ALG + prompt "Selected image hash algorithm" + default BOOT_IMG_HASH_ALG_SHA256 if BOOT_IMG_HASH_ALG_SHA256_ALLOW + default BOOT_IMG_HASH_ALG_SHA384 if BOOT_IMG_HASH_ALG_SHA384_ALLOW + default BOOT_IMG_HASH_ALG_SHA512 if BOOT_IMG_HASH_ALG_SHA512_ALLOW + help + Hash algorithm used for image verification. Selection + here may be limited by other configurations, like for + example selected cryptographic signature. + +config BOOT_IMG_HASH_ALG_SHA256 + bool "SHA256" + depends on BOOT_IMG_HASH_ALG_SHA256_ALLOW + help + SHA256 algorithm + +config BOOT_IMG_HASH_ALG_SHA384 + bool "SHA384" + depends on BOOT_IMG_HASH_ALG_SHA384_ALLOW + help + SHA384 algorithm + +config BOOT_IMG_HASH_ALG_SHA512 + bool "SHA512" + depends on BOOT_IMG_HASH_ALG_SHA512_ALLOW + help + SHA512 algorithm + +endchoice # BOOT_IMG_HASH_ALG + choice BOOT_SIGNATURE_TYPE prompt "Signature type" default BOOT_SIGNATURE_TYPE_RSA @@ -72,11 +125,14 @@ choice BOOT_SIGNATURE_TYPE config BOOT_SIGNATURE_TYPE_NONE bool "No signature; use only hash check" select BOOT_USE_TINYCRYPT + select BOOT_IMG_HASH_ALG_SHA256_ALLOW config BOOT_SIGNATURE_TYPE_RSA bool "RSA signatures" select BOOT_USE_MBEDTLS select MBEDTLS + select BOOT_ENCRYPTION_SUPPORT + select BOOT_IMG_HASH_ALG_SHA256_ALLOW if BOOT_SIGNATURE_TYPE_RSA config BOOT_SIGNATURE_TYPE_RSA_LEN @@ -87,6 +143,8 @@ endif config BOOT_SIGNATURE_TYPE_ECDSA_P256 bool "Elliptic curve digital signatures with curve P-256" + select BOOT_ENCRYPTION_SUPPORT + select BOOT_IMG_HASH_ALG_SHA256_ALLOW if BOOT_SIGNATURE_TYPE_ECDSA_P256 choice BOOT_ECDSA_IMPLEMENTATION @@ -109,6 +167,8 @@ endif config BOOT_SIGNATURE_TYPE_ED25519 bool "Edwards curve digital signatures using ed25519" + select BOOT_ENCRYPTION_SUPPORT + select BOOT_IMG_HASH_ALG_SHA256_ALLOW if BOOT_SIGNATURE_TYPE_ED25519 choice BOOT_ED25519_IMPLEMENTATION @@ -146,20 +206,18 @@ config BOOT_SIGNATURE_KEY_FILE config MCUBOOT_CLEANUP_ARM_CORE bool "Perform core cleanup before chain-load the application" depends on CPU_CORTEX_M - default y if !ARCH_SUPPORTS_ARCH_HW_INIT + default y help This option instructs MCUboot to perform a clean-up of a set of - architecture core HW registers before junping to the application + architecture core HW registers before jumping to the application firmware. The clean-up sets these registers to their warm-reset values as specified by the architecture. - By default, this option is enabled only if the architecture does - not have the functionality to perform such a register clean-up - during application firmware boot. - - Zephyr applications on Cortex-M will perform this register clean-up - by default, if they are chain-loadable by MCUboot, so MCUboot does - not need to perform such a cleanup itself. + This option is enabled by default to prevent possible problems when + booting zephyr (or other) applications whereby e.g. a MPU stack guard + may be initialised in RAM which is then used by the application + start-up code which can cause a module fault and potentially make the + module irrecoverable. config MBEDTLS_CFG_FILE default "mcuboot-mbedtls-cfg.h" @@ -182,10 +240,33 @@ config BOOT_VALIDATE_SLOT0 every boot, but can mitigate against some changes that are able to modify the flash image itself. +config BOOT_VALIDATE_SLOT0_ONCE + bool "Validate image in the primary slot just once after after upgrade" + depends on !BOOT_VALIDATE_SLOT0 && SINGLE_APPLICATION_SLOT + default n + help + If y, the bootloader attempts to validate the signature of the + primary slot only once after an upgrade of the main slot. + It caches the result in the magic area, which makes it an unsecure + method. This option is usefull for lowering the boot up time for + low end devices with as a compromise lowering the security level. + If unsure, leave at the default value. + +config BOOT_PREFER_SWAP_MOVE + bool "Prefer the newer swap move algorithm" + default y if SOC_FAMILY_NORDIC_NRF + default y if !$(dt_nodelabel_enabled,scratch_partition) + help + If y, the BOOT_IMAGE_UPGRADE_MODE will default to using + "move" instead of "scratch". This is a separate bool config + option, because Kconfig doesn't allow defaults to be + overridden in choice options. Most devices should be using + swap move. + if !SINGLE_APPLICATION_SLOT choice BOOT_IMAGE_UPGRADE_MODE prompt "Image upgrade modes" - default BOOT_SWAP_USING_MOVE if SOC_FAMILY_NRF + default BOOT_SWAP_USING_MOVE if BOOT_PREFER_SWAP_MOVE default BOOT_SWAP_USING_SCRATCH config BOOT_SWAP_USING_SCRATCH @@ -222,8 +303,42 @@ config BOOT_DIRECT_XIP images must be linked to be executed from the given image slot. Using this mode results in a simpler code path and smaller code size. +config BOOT_RAM_LOAD + bool "RAM load" + help + If y, mcuboot selects the newest valid image based on the image version + numbers, thereafter the selected image is copied to RAM and executed from + there. For this reason, the image has to be linked to be executed from RAM. + The address that the image is copied to is specified using the load-addr + argument to the imgtool.py script which writes it to the image header. + +config BOOT_FIRMWARE_LOADER + bool "Firmware loader" + help + If y, mcuboot will have a single application slot, and the secondary + slot will be for a non-upgradeable firmware loaded image (e.g. for + loading firmware via Bluetooth). The main application will boot by + default unless there is an error with it or the boot mode has been + forced to the firmware loader. + + Note: The firmware loader image must be signed with the same signing + key as the primary image. + endchoice +# Workaround for not being able to have commas in macro arguments +DT_CHOSEN_Z_SRAM := zephyr,sram + +if BOOT_RAM_LOAD +config BOOT_IMAGE_EXECUTABLE_RAM_START + hex "Boot image executable ram start" + default $(dt_chosen_reg_addr_hex,$(DT_CHOSEN_Z_SRAM)) + +config BOOT_IMAGE_EXECUTABLE_RAM_SIZE + int "Boot image executable base size" + default $(dt_chosen_reg_size_int,$(DT_CHOSEN_Z_SRAM),0) +endif + config BOOT_DIRECT_XIP_REVERT bool "Enable the revert mechanism in direct-xip mode" depends on BOOT_DIRECT_XIP @@ -247,6 +362,7 @@ config BOOT_BOOTSTRAP config BOOT_SWAP_SAVE_ENCTLV bool "Save encrypted key TLVs instead of plaintext keys in swap metadata" default n + depends on BOOT_ENCRYPT_IMAGE help If y, instead of saving the encrypted image keys in plaintext in the swap resume metadata, save the encrypted image TLVs. This should be used @@ -257,61 +373,174 @@ config BOOT_SWAP_SAVE_ENCTLV JTAG/SWD or primary slot in external flash). If unsure, leave at the default value. -config BOOT_ENCRYPT_IMAGE +endif # !SINGLE_APPLICATION_SLOT + +config BOOT_ENCRYPTION_SUPPORT bool help - Hidden option used to check if any image encryption is enabled. + Hidden option used to check if image encryption is supported. -config BOOT_ENCRYPT_RSA - bool "Support for encrypted upgrade images using RSA" - select BOOT_ENCRYPT_IMAGE +config BOOT_ENCRYPT_IMAGE + bool "Support for encrypted image updates" + depends on BOOT_ENCRYPTION_SUPPORT + select BOOT_ENCRYPT_RSA if BOOT_SIGNATURE_TYPE_RSA + select BOOT_ENCRYPT_EC256 if BOOT_SIGNATURE_TYPE_ECDSA_P256 + select BOOT_ENCRYPT_X25519 if BOOT_SIGNATURE_TYPE_ED25519 + depends on !SINGLE_APPLICATION_SLOT || MCUBOOT_SERIAL help If y, images in the secondary slot can be encrypted and are decrypted on the fly when upgrading to the primary slot, as well as encrypted back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is RSA-OAEP (2048 bits). + encryption mechanism must match the same type as the signature type, + supported types include: + - RSA-OAEP (2048 bits). + - ECIES using primitives described under "ECIES-P256 encryption" in + docs/encrypted_images.md. + - ECIES using primitives described under "ECIES-X25519 encryption" + in docs/encrypted_images.md. + + Note that for single slot operation, this can still be used to allow + loading encrypted images via serial recovery which are then + decrypted on-the-fly without needing a second slot. + +config BOOT_ENCRYPT_RSA + bool + help + Hidden option selecting RSA encryption. config BOOT_ENCRYPT_EC256 - bool "Support for encrypted upgrade images using ECIES-P256" - select BOOT_ENCRYPT_IMAGE + bool help - If y, images in the secondary slot can be encrypted and are decrypted - on the fly when upgrading to the primary slot, as well as encrypted - back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is ECIES using primitives - described under "ECIES-P256 encryption" in docs/encrypted_images.md. + Hidden option selecting EC256 encryption. config BOOT_ENCRYPT_X25519 - bool "Support for encrypted upgrade images using ECIES-X25519" - select BOOT_ENCRYPT_IMAGE + bool help - If y, images in the secondary slot can be encrypted and are decrypted - on the fly when upgrading to the primary slot, as well as encrypted - back when swapping from the primary slot to the secondary slot. The - encryption mechanism used in this case is ECIES using primitives - described under "ECIES-X25519 encryption" in docs/encrypted_images.md. -endif # !SINGLE_APPLICATION_SLOT + Hidden option selecting x25519 encryption. + +config BOOT_ENCRYPTION_KEY_FILE + string "Encryption key file" + depends on BOOT_ENCRYPT_IMAGE + default "enc-rsa2048-priv.pem" if BOOT_ENCRYPT_RSA + default "enc-ec256-priv.pem" if BOOT_ENCRYPT_EC256 + default "enc-x25519-priv.pem" if BOOT_ENCRYPT_X25519 + default "" + help + You can use either absolute or relative path. + In case relative path is used, the build system assumes that it starts + from the directory where the MCUBoot KConfig configuration file is + located. If the key file is not there, the build system uses relative + path that starts from the MCUBoot repository root directory. + The key file will be parsed by imgtool's getpriv command and a .c source + with the public key information will be written in a format expected by + MCUboot. + +config BOOT_MAX_IMG_SECTORS_AUTO + bool "Calculate maximum sectors automatically" + default y + help + If this option is enabled then the maximum number of supported sectors per image will + be calculated automatically from the flash erase sizes and size of each partition for + the first image. + + If this information is not available, or multiple images are used, then this option + should be disabled and BOOT_MAX_IMG_SECTORS should be set instead config BOOT_MAX_IMG_SECTORS int "Maximum number of sectors per image slot" default 128 + depends on !BOOT_MAX_IMG_SECTORS_AUTO help This option controls the maximum number of sectors that each of the two image areas can contain. Smaller values reduce MCUboot's memory usage; larger values allow it to support larger images. If unsure, leave at the default value. -config MEASURED_BOOT - bool "Store the boot state/measurements in shared memory" +config BOOT_SHARE_BACKEND_AVAILABLE + bool + default n + help + Hidden open which indicates if there is a sharing backend available. + +# Workaround for not being able to have commas in macro arguments +DT_CHOSEN_BOOTLOADER_INFO := zephyr,bootloader-info + +config BOOT_SHARE_BACKEND_AVAILABLE + bool + default n + help + Hidden open which indicates if there is a sharing backend available. + +choice BOOT_SHARE_BACKEND + prompt "Shared data backend" + default BOOT_SHARE_BACKEND_DISABLED + +config BOOT_SHARE_BACKEND_DISABLED + bool "Disabled" + help + No data sharing support. + +config BOOT_SHARE_BACKEND_RETENTION + bool "Retention" + depends on RETENTION + depends on $(dt_chosen_enabled,$(DT_CHOSEN_BOOTLOADER_INFO)) + select BOOT_SHARE_BACKEND_AVAILABLE + help + Use retention to share data with application. Requires: + - Retained memory area + - Retention partition of retained memory area + - Chosen node "zephyr,bootloader-info" to be set to the retention + partition + +config BOOT_SHARE_BACKEND_EXTERNAL + bool "External (user-provided code)" + select BOOT_SHARE_BACKEND_AVAILABLE + help + Use a custom user-specified storage. + +endchoice + +menuconfig BOOT_SHARE_DATA + bool "Save application specific data" + default n + depends on BOOT_SHARE_BACKEND_AVAILABLE + help + This will allow data to be shared between MCUboot and an application, + it does not include any informatiom by default. + + Note: This requires a backend to function, see + BOOT_SHARE_BACKEND_RETENTION for details on using the retention + subsystem as a backend. + +config BOOT_SHARE_DATA_BOOTINFO + bool "Save boot information data" + default n + depends on BOOT_SHARE_DATA + help + This will place information about the MCUboot configuration and + running application into a shared memory area. + +menuconfig MEASURED_BOOT + bool "Store the boot state/measurements in shared memory area" default n + depends on BOOT_SHARE_BACKEND_AVAILABLE help If enabled, the bootloader will store certain boot measurements such as the hash of the firmware image in a shared memory area. This data can be used later by runtime services (e.g. by a device attestation service). -config BOOT_SHARE_DATA - bool "Save application specific data in shared memory area" - default n + Note: This requires a backend to function, see + BOOT_SHARE_BACKEND_RETENTION for details on using the retention + subsystem as a backend. + +config MEASURED_BOOT_MAX_CBOR_SIZE + int "Maximum CBOR size of boot state/measurements" + default 64 + range 0 256 + depends on MEASURED_BOOT + help + The maximum size of the CBOR message which stores boot + state/measurements. choice BOOT_FAULT_INJECTION_HARDENING_PROFILE prompt "Fault injection hardening profile" @@ -361,6 +590,8 @@ config BOOT_USB_DFU_WAIT select USB_DEVICE_STACK select USB_DFU_CLASS select IMG_MANAGER + select STREAM_FLASH + select MULTITHREADING help If y, MCUboot waits for a prescribed duration of time to allow for USB DFU to be invoked. Please note DFU always updates the @@ -371,6 +602,8 @@ config BOOT_USB_DFU_GPIO select USB_DEVICE_STACK select USB_DFU_CLASS select IMG_MANAGER + select STREAM_FLASH + select MULTITHREADING help If y, MCUboot uses GPIO to detect whether to invoke USB DFU. @@ -385,30 +618,6 @@ config BOOT_USB_DFU_WAIT_DELAY_MS if BOOT_USB_DFU_GPIO -config BOOT_USB_DFU_DETECT_PORT - string "GPIO device to trigger USB DFU mode" - default GPIO_0 if SOC_FAMILY_NRF - help - Zephyr GPIO device that contains the pin used to trigger - USB DFU. - -config BOOT_USB_DFU_DETECT_PIN - int "Pin to trigger USB DFU mode" - default 6 if BOARD_NRF9160DK_NRF9160 - default 11 if BOARD_NRF52840DK_NRF52840 - default 13 if BOARD_NRF52DK_NRF52832 - default 23 if BOARD_NRF5340_DK_NRF5340_CPUAPP || BOARD_NRF5340_DK_NRF5340_CPUAPP_NS - default 43 if BOARD_BL5340_DVK_CPUAPP || BOARD_BL5340_DVK_CPUAPP_NS - help - Pin on the DFU detect port that triggers DFU mode. - -config BOOT_USB_DFU_DETECT_PIN_VAL - int "USB DFU detect pin trigger value" - default 0 - range 0 1 - help - Logic value of the detect pin that triggers USB DFU mode. - config BOOT_USB_DFU_DETECT_DELAY int "Serial detect pin detection delay time [ms]" default 0 @@ -419,16 +628,11 @@ config BOOT_USB_DFU_DETECT_DELAY endif # BOOT_USB_DFU_GPIO -config ZEPHYR_TRY_MASS_ERASE - bool "Try to mass erase flash when flashing MCUboot image" - default y +config BOOT_USB_DFU_NO_APPLICATION + bool "Stay in bootloader if no application" help - If y, attempt to configure the Zephyr build system's "flash" - target to mass-erase the flash device before flashing the - MCUboot image. This ensures the scratch and other partitions - are in a consistent state. - - This is not available for all targets. + Allows for entering USB DFU recovery mode if there is no bootable + application that the bootloader can jump to. config BOOT_USE_BENCH bool "Enable benchmark code" @@ -455,133 +659,17 @@ config MCUBOOT_LOG_THREAD_STACK_SIZE help Set the internal stack size for MCUBoot log processing thread. -menuconfig MCUBOOT_SERIAL - bool "MCUboot serial recovery" - default n - select REBOOT - select GPIO - select SERIAL - select UART_INTERRUPT_DRIVEN - select BASE64 - help - If y, enables a serial-port based update mode. This allows - MCUboot itself to load update images into flash over a UART. - If unsure, leave at the default value. - -if MCUBOOT_SERIAL - -choice BOOT_SERIAL_DEVICE - prompt "Serial device" - default BOOT_SERIAL_UART if !BOARD_NRF52840DONGLE_NRF52840 - default BOOT_SERIAL_CDC_ACM if BOARD_NRF52840DONGLE_NRF52840 - -config BOOT_SERIAL_UART - bool "UART" - # SERIAL and UART_INTERRUPT_DRIVEN already selected - -config BOOT_SERIAL_CDC_ACM - bool "CDC ACM" - select USB_DEVICE_STACK - -endchoice - -config MCUBOOT_SERIAL_DIRECT_IMAGE_UPLOAD - bool "Allow to select image number for DFU" - help - With the option enabled, the mcuboot serial recovery will - respect the "image" field in mcumgr image update frame - header. - The mapping of image number to partition is as follows: - 0 -> default behaviour, same as 1; - 1 -> image-0 (primary slot of the first image); - 2 -> image-1 (secondary slot of the first image); - 3 -> image-2; - 4 -> image-3. - Note that 0 is default upload target when no explicit - selection is done. - config MCUBOOT_INDICATION_LED bool "Turns on LED indication when device is in DFU" - default n + select GPIO help Device device activates the LED while in bootloader mode. - bootloader-led0 alias must be set in the device's .dts + mcuboot-led0 alias must be set in the device's .dts definitions for this to work. -config BOOT_MAX_LINE_INPUT_LEN - int "Maximum command line length" - default 512 - help - Maximum length of commands transported over the serial port. - -config BOOT_SERIAL_DETECT_PORT - string "GPIO device to trigger serial recovery mode" - default GPIO_0 if SOC_FAMILY_NRF - help - Zephyr GPIO device that contains the pin used to trigger - serial recovery mode. - -config BOOT_SERIAL_DETECT_PIN - int "Pin to trigger serial recovery mode" - default 6 if BOARD_NRF9160DK_NRF9160 - default 11 if BOARD_NRF52840DK_NRF52840 - default 13 if BOARD_NRF52DK_NRF52832 || BOARD_NRF52833DK_NRF52833 - default 23 if BOARD_NRF5340PDK_NRF5340_CPUAPP || BOARD_NRF5340PDK_NRF5340_CPUAPP_NS || \ - BOARD_NRF5340DK_NRF5340_CPUAPP || BOARD_NRF5340DK_NRF5340_CPUAPP_NS - help - Pin on the serial detect port that triggers serial recovery mode. - -config BOOT_SERIAL_DETECT_PIN_VAL - int "Serial detect pin trigger value" - default 0 - range 0 1 - help - Logic value of the detect pin that triggers serial recovery - mode. - -config BOOT_SERIAL_DETECT_DELAY - int "Serial detect pin detection delay time [ms]" - default 0 - help - Used to prevent the bootloader from loading on button press. - Useful for powering on when using the same button as - the one used to place the device in bootloader mode. - -config BOOT_ERASE_PROGRESSIVELY - bool "Erase flash progressively when receiving new firmware" - default y if SOC_FAMILY_NRF - help - If enabled, flash is erased as necessary when receiving new firmware, - instead of erasing the whole image slot at once. This is necessary - on some hardware that has long erase times, to prevent long wait - times at the beginning of the DFU process. - -menuconfig ENABLE_MGMT_PERUSER - bool "Enable system specific mcumgr commands" - help - The option enables processing of system specific mcumgr commands; - system specific commands are within group MGMT_GROUP_ID_PERUSER (64) - and above, as defined within mcumgr library. - These are system specific command and system specific implementation - function is required to process these commands. +rsource "Kconfig.serial_recovery" -if ENABLE_MGMT_PERUSER -config BOOT_MGMT_CUSTOM_STORAGE_ERASE - bool "Enable storage erase command" - help - The option enables mcumgr command that allows to erase storage - partition. - Note that the storage partition needs to be defined, in DTS, otherwise - enabling the option will cause a compilation to fail. - -config BOOT_MGMT_CUSTOM_IMG_LIST - bool "Enable custom image list command" - help - The option enables command which returns versions and installation - statuses (custom property) for all images. - -endif # ENABLE_MGMT_PERUSER -endif # MCUBOOT_SERIAL +rsource "Kconfig.firmware_loader" config BOOT_INTR_VEC_RELOC bool "Relocate the interrupt vector to the application" @@ -599,13 +687,22 @@ config UPDATEABLE_IMAGE_NUMBER help Enables support of multi image update. +config BOOT_VERSION_CMP_USE_BUILD_NUMBER + bool "Use build number while comparing image version" + depends on (UPDATEABLE_IMAGE_NUMBER > 1) || BOOT_DIRECT_XIP || \ + BOOT_RAM_LOAD || MCUBOOT_DOWNGRADE_PREVENTION + help + By default, the image version comparison relies only on version major, + minor and revision. Enable this option to take into account the build + number as well. + choice BOOT_DOWNGRADE_PREVENTION_CHOICE prompt "Downgrade prevention" optional config MCUBOOT_DOWNGRADE_PREVENTION bool "SW based downgrade prevention" - depends on BOOT_UPGRADE_ONLY + depends on !BOOT_DIRECT_XIP help Prevent downgrades by enforcing incrementing version numbers. When this option is set, any upgrade must have greater major version @@ -613,6 +710,17 @@ config MCUBOOT_DOWNGRADE_PREVENTION only protects against some attacks against version downgrades (for example, a JTAG could be used to write an older version). +config MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER + bool "Use image security counter instead of version number" + depends on MCUBOOT_DOWNGRADE_PREVENTION + depends on (BOOT_SWAP_USING_MOVE || BOOT_SWAP_USING_SCRATCH) + help + Security counter is used for version eligibility check instead of pure + version. When this option is set, any upgrade must have greater or + equal security counter value. + Because of the acceptance of equal values it allows for software + downgrades to some extent. + config MCUBOOT_HW_DOWNGRADE_PREVENTION bool "HW based downgrade prevention" help @@ -625,31 +733,94 @@ endchoice config BOOT_WATCHDOG_FEED bool "Feed the watchdog while doing swap" - default y if SOC_FAMILY_NRF - imply NRFX_WDT - imply NRFX_WDT0 - imply NRFX_WDT1 + default y if WATCHDOG + default y if SOC_FAMILY_NORDIC_NRF + imply BOOT_WATCHDOG_FEED_NRFX_WDT if SOC_FAMILY_NORDIC_NRF help Enables implementation of MCUBOOT_WATCHDOG_FEED() macro which is used to feed watchdog while doing time consuming operations. +config BOOT_WATCHDOG_FEED_NRFX_WDT + bool "Feed the watchdog using NRFX WDT directly" + depends on SOC_FAMILY_NORDIC_NRF + # for nRF nrfx based implementation is available + imply NRFX_WDT + imply NRFX_WDT0 + imply NRFX_WDT1 + imply NRFX_WDT30 + imply NRFX_WDT31 + config BOOT_IMAGE_ACCESS_HOOKS bool "Enable hooks for overriding MCUboot's native routines" help Allow to provide procedures for override or extend native MCUboot's routines required for access the image data and the image - update. + update. It is up to the project customization to add required source + files to the build. + +config MCUBOOT_ACTION_HOOKS + bool "Enable hooks for responding to MCUboot status changes" + help + This will call a handler when the MCUboot status changes which allows + for some level of user feedback, for instance to change LED status to + indicate a failure, using the callback: + 'void mcuboot_status_change(mcuboot_status_type_t status)' where + 'mcuboot_status_type_t' is listed in + boot/bootutil/include/bootutil/mcuboot_status.h + +config BOOT_DISABLE_CACHES + bool "Disable I/D caches before chain-loading application" + depends on CPU_HAS_ICACHE || CPU_HAS_DCACHE + default y + help + Will flush and disable the instruction and data caches on the CPU prior to + booting an application, this is required on some ARM Cortex devices and + increases protection against data leakage from MCUboot to applications via + these caches. -config BOOT_IMAGE_ACCESS_HOOKS_FILE - string "Hooks implementation file path" - depends on BOOT_IMAGE_ACCESS_HOOKS +config MCUBOOT_BOOT_BANNER + bool "Use MCUboot boot banner" + depends on BOOT_BANNER + depends on "$(APP_VERSION_EXTENDED_STRING)" != "" + default y help - Path to the file which implements hooks. - You can use either absolute or relative path. - In case relative path is used, the build system assumes that it starts - from the directory where the MCUBoot KConfig configuration file is - located. If the key file is not there, the build system uses relative - path that starts from the zephyr port cmake directory (boot/zephyr/). + Uses a MCUboot boot banner instead of the default zephyr one, which will output the + MCUboot name and version, followed by the zephyr name and version. + + For example: + + *** Booting MCUboot v2.0.0-72-g8c0e36c88663 *** + *** Using Zephyr OS build v3.6.0-2607-gd0be2010c31f *** + +config BOOT_BANNER_STRING + default "Using Zephyr OS build" if MCUBOOT_BOOT_BANNER + +config BOOT_DECOMPRESSION_SUPPORT + bool + help + Hidden symbol which should be selected if a system provided decompression support. + +if BOOT_DECOMPRESSION_SUPPORT + +menuconfig BOOT_DECOMPRESSION + bool "Decompression" + help + If enabled, will include support for compressed images being loaded to the secondary slot + which then get decompressed into the primary slot. This mode allows the secondary slot to + be smaller than primary slot which otherwise would not be allowed. + +if BOOT_DECOMPRESSION + +config BOOT_DECOMPRESSION_BUFFER_SIZE + int "Write buffer size" + range 16 16384 + default 4096 + help + The size of a secondary buffer used for writing decompressed data to the storage device. + +endif # BOOT_DECOMPRESSION + +endif # BOOT_DECOMPRESSION_SUPPORT endmenu @@ -682,7 +853,8 @@ comment "Zephyr configuration options" config MULTITHREADING default y if BOOT_SERIAL_CDC_ACM #usb driver requires MULTITHREADING default y if BOOT_USB_DFU_GPIO || BOOT_USB_DFU_WAIT - default n if SOC_FAMILY_NRF + default n if SOC_FAMILY_NORDIC_NRF + default n if SOC_FAMILY_ESPRESSIF_ESP32 && MCUBOOT default y config LOG_PROCESS_THREAD diff --git a/bootloader/Kconfig.firmware_loader b/bootloader/Kconfig.firmware_loader new file mode 100644 index 00000000..1ba22394 --- /dev/null +++ b/bootloader/Kconfig.firmware_loader @@ -0,0 +1,47 @@ +# Copyright (c) 2023 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: Apache-2.0 + +if BOOT_FIRMWARE_LOADER + +menu "Firmware loader entrance methods" + +menuconfig BOOT_FIRMWARE_LOADER_ENTRANCE_GPIO + bool "GPIO" + depends on GPIO + help + Use a GPIO to enter firmware loader mode. + +config BOOT_FIRMWARE_LOADER_DETECT_DELAY + int "Serial detect pin detection delay time [ms]" + default 0 + depends on BOOT_FIRMWARE_LOADER_ENTRANCE_GPIO + help + Used to prevent the bootloader from loading on button press. + Useful for powering on when using the same button as + the one used to place the device in bootloader mode. + +config BOOT_FIRMWARE_LOADER_BOOT_MODE + bool "Check boot mode via retention subsystem" + depends on RETENTION_BOOT_MODE + help + Allows for entering firmware loader mode by using Zephyr's boot mode + retention system (i.e. an application must set the boot mode to stay + in firmware loader mode and reboot the module). + +config BOOT_FIRMWARE_LOADER_NO_APPLICATION + bool "Stay in bootloader if no application" + help + Allows for entering firmware loader mode if there is no bootable + application that the bootloader can jump to. + +config BOOT_FIRMWARE_LOADER_PIN_RESET + bool "Check for device reset by pin" + select HWINFO + help + Checks if the module reset was caused by the reset pin and will + remain in bootloader firmware loader mode if it was. + +endmenu + +endif diff --git a/bootloader/Kconfig.serial_recovery b/bootloader/Kconfig.serial_recovery new file mode 100644 index 00000000..72be5ccf --- /dev/null +++ b/bootloader/Kconfig.serial_recovery @@ -0,0 +1,214 @@ +# Copyright (c) 2017-2020 Linaro Limited +# Copyright (c) 2020 Arm Limited +# Copyright (c) 2017-2023 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: Apache-2.0 + +menuconfig MCUBOOT_SERIAL + bool "MCUboot serial recovery" + default n + select REBOOT + select SERIAL + select UART_INTERRUPT_DRIVEN + select BASE64 + select CRC + select ZCBOR + depends on !BOOT_FIRMWARE_LOADER + help + If y, enables a serial-port based update mode. This allows + MCUboot itself to load update images into flash over a UART. + If unsure, leave at the default value. + +if MCUBOOT_SERIAL + +choice BOOT_SERIAL_DEVICE + prompt "Serial device" + default BOOT_SERIAL_UART if !BOARD_NRF52840DONGLE_NRF52840 + default BOOT_SERIAL_CDC_ACM if BOARD_NRF52840DONGLE_NRF52840 + +config BOOT_SERIAL_UART + bool "UART" + # SERIAL and UART_INTERRUPT_DRIVEN already selected + help + The serial device to use will be fist selected via chosen + node "zephyr,uart-mcumgr", when such node does not exist + the "zephyr,console" is used. In case when + the "zephyr,uart-mcumgr" points to the same device as + the "zephyr,console" compilation error will be triggered. + +config BOOT_SERIAL_CDC_ACM + bool "CDC ACM" + select USB_DEVICE_STACK + help + This setting will choose CDC ACM for serial recovery unless chosen + "zephyr,uart-mcumgr" is present, in which case the chosen takes + precedence and redirects serial recovery to uart pointed by + the chosen, leaving console on CDC ACM. + +endchoice + +config MCUBOOT_SERIAL_DIRECT_IMAGE_UPLOAD + bool "Allow to select image number for DFU" + depends on !SINGLE_APPLICATION_SLOT + help + With the option enabled, the mcuboot serial recovery will + respect the "image" field in mcumgr image update frame + header. + The mapping of image number to partition is as follows: + 0 -> default behaviour, same as 1; + 1 -> image-0 (primary slot of the first image); + 2 -> image-1 (secondary slot of the first image); + 3 -> image-2; + 4 -> image-3. + Note that 0 is default upload target when no explicit + selection is done. + +config BOOT_SERIAL_UNALIGNED_BUFFER_SIZE + int "Stack buffer for unaligned memory writes" + default 512 if SOC_SERIES_LPC55XXX + default 128 if SOC_SERIES_MCXN + default 64 + range 0 1024 + help + Specifies the stack usage for a buffer which is used for unaligned + memory access when data is written to a device with memory alignment + requirements. Set to 0 to disable. + +config BOOT_MAX_LINE_INPUT_LEN + int "Maximum input line length" + default 128 + help + Maximum length of input serial port buffer (SMP serial transport uses + fragments of 128-bytes, this should not need to be changed unless a + different value is used for the transport). + +config BOOT_LINE_BUFS + int "Number of receive buffers" + range 2 128 + default 8 + help + Number of receive buffers for data received via the serial port. + +config BOOT_SERIAL_MAX_RECEIVE_SIZE + int "Maximum command line length" + default 1024 + help + Maximum length of received commands via the serial port (this should + be equal to the maximum line length, BOOT_MAX_LINE_INPUT_LEN times + by the number of receive buffers, BOOT_LINE_BUFS to allow for + optimal data transfer speeds). + +config BOOT_ERASE_PROGRESSIVELY + bool "Erase flash progressively when receiving new firmware" + default y if SOC_FAMILY_NORDIC_NRF || SOC_FAMILY_NXP_IMXRT + help + If enabled, flash is erased as necessary when receiving new firmware, + instead of erasing the whole image slot at once. This is necessary + on some hardware that has long erase times, to prevent long wait + times at the beginning of the DFU process. + +config BOOT_MGMT_ECHO + bool "Enable echo command" + help + if enabled, support for the mcumgr echo command is being added. + +menuconfig ENABLE_MGMT_PERUSER + bool "Enable system specific mcumgr commands" + help + The option enables processing of system specific mcumgr commands; + system specific commands are within group MGMT_GROUP_ID_PERUSER (64) + and above, as defined within mcumgr library. + These are system specific command and system specific implementation + function is required to process these commands. + +if ENABLE_MGMT_PERUSER + +config BOOT_MGMT_CUSTOM_STORAGE_ERASE + bool "Enable storage erase command" + help + The option enables mcumgr command that allows to erase storage + partition. + Note that the storage partition needs to be defined, in DTS, otherwise + enabling the option will cause a compilation to fail. + +endif # ENABLE_MGMT_PERUSER + +menu "Entrance methods" + +menuconfig BOOT_SERIAL_ENTRANCE_GPIO + bool "GPIO" + default y + depends on GPIO + help + Use a GPIO to enter serial recovery mode. + +config BOOT_SERIAL_DETECT_DELAY + int "Serial detect pin detection delay time [ms]" + default 0 + depends on BOOT_SERIAL_ENTRANCE_GPIO + help + Used to prevent the bootloader from loading on button press. + Useful for powering on when using the same button as + the one used to place the device in bootloader mode. + +menuconfig BOOT_SERIAL_WAIT_FOR_DFU + bool "Wait a prescribed duration to see if DFU is invoked by receiving a MCUmgr comand" + depends on BOOT_SERIAL_UART || BOOT_SERIAL_CDC_ACM + help + If y, MCUboot waits for a prescribed duration of time to allow + for DFU to be invoked. The serial recovery can be entered by receiving any + mcumgr command. + +config BOOT_SERIAL_WAIT_FOR_DFU_TIMEOUT + int "Duration to wait for the serial DFU timeout in ms" + default 500 + depends on BOOT_SERIAL_WAIT_FOR_DFU + help + Timeout in ms for MCUboot to wait to allow for DFU to be invoked. + +config BOOT_SERIAL_BOOT_MODE + bool "Check boot mode via retention subsystem" + depends on RETENTION_BOOT_MODE + help + Allows for entering serial recovery mode by using Zephyr's boot mode + retention system (i.e. an application must set the boot mode to stay + in serial recovery mode and reboot the module). + +config BOOT_SERIAL_NO_APPLICATION + bool "Stay in bootloader if no application" + help + Allows for entering serial recovery mode if there is no bootable + application that the bootloader can jump to. + +config BOOT_SERIAL_PIN_RESET + bool "Check for device reset by pin" + select HWINFO + help + Checks if the module reset was caused by the reset pin and will + remain in bootloader serial recovery mode if it was. + +endmenu + +config BOOT_SERIAL_IMG_GRP_HASH + bool "Image list hash support" + default y + help + If y, image list responses will include the image hash (adds ~100 + bytes of flash). + +config BOOT_SERIAL_IMG_GRP_IMAGE_STATE + bool "Image state support" + depends on !SINGLE_APPLICATION_SLOT + select BOOT_SERIAL_IMG_GRP_HASH if UPDATEABLE_IMAGE_NUMBER > 1 + help + If y, image states will be included with image lists and the set + state command can be used to mark an image as test/confirmed. + +config BOOT_SERIAL_IMG_GRP_SLOT_INFO + bool "Slot info" + default y if UPDATEABLE_IMAGE_NUMBER > 1 + help + If y, will include the slot info command which lists what available + slots there are in the system. + +endif # MCUBOOT_SERIAL diff --git a/bootloader/boards/diamond_main.conf b/bootloader/boards/diamond_main.conf index a729f384..cb9ef65d 100644 --- a/bootloader/boards/diamond_main.conf +++ b/bootloader/boards/diamond_main.conf @@ -1,3 +1,4 @@ # Max number of sector for an update # 448K (partition) / 2K (sector) = 224 +CONFIG_BOOT_MAX_IMG_SECTORS_AUTO=n CONFIG_BOOT_MAX_IMG_SECTORS=256 diff --git a/bootloader/include/config-asn1.h b/bootloader/include/config-asn1.h index 6acb0e9a..b9d70df4 100644 --- a/bootloader/include/config-asn1.h +++ b/bootloader/include/config-asn1.h @@ -41,6 +41,4 @@ // #define MBEDTLS_OID_C // #define MBEDTLS_SHA256_C -#include "mbedtls/check_config.h" - #endif /* MBEDTLS_CONFIG_ASN1_H */ diff --git a/bootloader/include/config-ec.h b/bootloader/include/config-ec.h index acef21f7..41e08d2c 100644 --- a/bootloader/include/config-ec.h +++ b/bootloader/include/config-ec.h @@ -91,6 +91,4 @@ #define MBEDTLS_NIST_KW_C #endif /* MCUBOOT_ENC_IMAGES */ -#include "mbedtls/check_config.h" - #endif /* MCUBOOT_MBEDTLS_CONFIG_ECDSA */ diff --git a/bootloader/include/config-ed25519.h b/bootloader/include/config-ed25519.h index 201c57a6..8b79a3ec 100644 --- a/bootloader/include/config-ed25519.h +++ b/bootloader/include/config-ed25519.h @@ -73,6 +73,4 @@ /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 -#include "mbedtls/check_config.h" - #endif /* MCUBOOT_MBEDTLS_CONFIG_RSA */ diff --git a/bootloader/include/config-kw.h b/bootloader/include/config-kw.h index 76d5da78..1198fe5e 100644 --- a/bootloader/include/config-kw.h +++ b/bootloader/include/config-kw.h @@ -63,6 +63,4 @@ #define MBEDTLS_CIPHER_C #define MBEDTLS_NIST_KW_C -#include "mbedtls/check_config.h" - #endif /* MCUBOOT_MBEDTLS_CONFIG_KW */ diff --git a/bootloader/include/config-rsa-kw.h b/bootloader/include/config-rsa-kw.h index 24d0d534..d30ec7fb 100644 --- a/bootloader/include/config-rsa-kw.h +++ b/bootloader/include/config-rsa-kw.h @@ -77,6 +77,4 @@ /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 -#include "mbedtls/check_config.h" - #endif /* MCUBOOT_MBEDTLS_CONFIG_RSA_KW */ diff --git a/bootloader/include/config-rsa.h b/bootloader/include/config-rsa.h index 4573cf4e..9b016900 100644 --- a/bootloader/include/config-rsa.h +++ b/bootloader/include/config-rsa.h @@ -80,6 +80,4 @@ /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 -#include "mbedtls/check_config.h" - #endif /* MCUBOOT_MBEDTLS_CONFIG_RSA */ diff --git a/bootloader/include/mcuboot-mbedtls-cfg.h b/bootloader/include/mcuboot-mbedtls-cfg.h index 8538d92d..383e75ce 100644 --- a/bootloader/include/mcuboot-mbedtls-cfg.h +++ b/bootloader/include/mcuboot-mbedtls-cfg.h @@ -25,7 +25,6 @@ #include "config-rsa.h" #elif defined(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256) || \ defined(CONFIG_BOOT_ENCRYPT_EC256) || \ - defined(CONFIG_BOOT_SERIAL_ENCRYPT_EC256) || \ (defined(CONFIG_BOOT_ENCRYPT_X25519) && \ !defined(CONFIG_BOOT_SIGNATURE_TYPE_ED25519)) #include "config-asn1.h" diff --git a/bootloader/include/mcuboot_config/mcuboot_config.h b/bootloader/include/mcuboot_config/mcuboot_config.h index eebeab03..eca9d6df 100644 --- a/bootloader/include/mcuboot_config/mcuboot_config.h +++ b/bootloader/include/mcuboot_config/mcuboot_config.h @@ -2,6 +2,7 @@ * Copyright (c) 2018 Open Source Foundries Limited * Copyright (c) 2019-2020 Arm Limited * Copyright (c) 2019-2020 Linaro Limited + * Copyright (c) 2023 Nordic Semiconductor ASA * * SPDX-License-Identifier: Apache-2.0 */ @@ -42,6 +43,16 @@ #ifdef CONFIG_BOOT_USE_NRF_CC310_BL #define MCUBOOT_USE_NRF_CC310_BL #endif +#elif defined(CONFIG_MBEDTLS_PSA_CRYPTO_CLIENT) +#define MCUBOOT_USE_PSA_CRYPTO +#endif + +#ifdef CONFIG_BOOT_IMG_HASH_ALG_SHA512 +#define MCUBOOT_SHA512 +#endif + +#ifdef CONFIG_BOOT_IMG_HASH_ALG_SHA256 +#define MCUBOOT_SHA256 #endif /* Zephyr, regardless of C library used, provides snprintf */ @@ -87,6 +98,10 @@ #define IMAGE_EXECUTABLE_RAM_SIZE CONFIG_BOOT_IMAGE_EXECUTABLE_RAM_SIZE #endif +#ifdef CONFIG_BOOT_FIRMWARE_LOADER +#define MCUBOOT_FIRMWARE_LOADER +#endif + #ifdef CONFIG_UPDATEABLE_IMAGE_NUMBER #define MCUBOOT_IMAGE_NUMBER CONFIG_UPDATEABLE_IMAGE_NUMBER #else @@ -117,16 +132,15 @@ #define MCUBOOT_ENCRYPT_EC256 #endif -#ifdef CONFIG_BOOT_SERIAL_ENCRYPT_EC256 -#define MCUBOOT_ENC_IMAGES -#define MCUBOOT_ENCRYPT_EC256 -#endif - #ifdef CONFIG_BOOT_ENCRYPT_X25519 #define MCUBOOT_ENC_IMAGES #define MCUBOOT_ENCRYPT_X25519 #endif +#ifdef CONFIG_BOOT_DECOMPRESSION +#define MCUBOOT_DECOMPRESS_IMAGES +#endif + #ifdef CONFIG_BOOT_BOOTSTRAP #define MCUBOOT_BOOTSTRAP 1 #endif @@ -159,6 +173,18 @@ #define MCUBOOT_DATA_SHARING #endif +#ifdef CONFIG_BOOT_SHARE_BACKEND_RETENTION +#define MCUBOOT_CUSTOM_DATA_SHARING_FUNCTION +#endif + +#ifdef CONFIG_BOOT_SHARE_DATA_BOOTINFO +#define MCUBOOT_DATA_SHARING_BOOTINFO +#endif + +#ifdef CONFIG_MEASURED_BOOT_MAX_CBOR_SIZE +#define MAX_BOOT_RECORD_SZ CONFIG_MEASURED_BOOT_MAX_CBOR_SIZE +#endif + #ifdef CONFIG_BOOT_FIH_PROFILE_OFF #define MCUBOOT_FIH_PROFILE_OFF #endif @@ -197,6 +223,10 @@ #define MCUBOOT_VERIFY_IMG_ADDRESS #endif +#ifdef CONFIG_MCUBOOT_SERIAL +#define MCUBOOT_SERIAL +#endif + /* * The configuration option enables direct image upload with the * serial recovery. @@ -217,6 +247,18 @@ #define MCUBOOT_SERIAL_IMG_GRP_IMAGE_STATE #endif +#ifdef CONFIG_BOOT_SERIAL_IMG_GRP_SLOT_INFO +#define MCUBOOT_SERIAL_IMG_GRP_SLOT_INFO +#endif + +#ifdef CONFIG_MCUBOOT_SERIAL +#define MCUBOOT_SERIAL_RECOVERY +#endif + +#if (defined(CONFIG_BOOT_USB_DFU_WAIT) || defined(CONFIG_BOOT_USB_DFU_GPIO)) +#define MCUBOOT_USB_DFU +#endif + /* * The option enables code, currently in boot_serial, that attempts * to erase flash progressively, as update fragments are received, @@ -244,7 +286,11 @@ #endif #endif -#ifdef CONFIG_BOOT_MAX_IMG_SECTORS +#if defined(CONFIG_BOOT_MAX_IMG_SECTORS_AUTO) && defined(MIN_SECTOR_COUNT) + +#define MCUBOOT_MAX_IMG_SECTORS MIN_SECTOR_COUNT + +#elif defined(CONFIG_BOOT_MAX_IMG_SECTORS) #define MCUBOOT_MAX_IMG_SECTORS CONFIG_BOOT_MAX_IMG_SECTORS @@ -261,6 +307,15 @@ CONFIG_BOOT_SERIAL_UNALIGNED_BUFFER_SIZE #endif +#if defined(MCUBOOT_DATA_SHARING) && defined(ZEPHYR_VER_INCLUDE) +#include + +#define MCUBOOT_VERSION_AVAILABLE +#define MCUBOOT_VERSION_MAJOR APP_VERSION_MAJOR +#define MCUBOOT_VERSION_MINOR APP_VERSION_MINOR +#define MCUBOOT_VERSION_PATCHLEVEL APP_PATCHLEVEL +#endif + /* Support 32-byte aligned flash sizes */ #if DT_HAS_CHOSEN(zephyr_flash) #if DT_PROP_OR(DT_CHOSEN(zephyr_flash), write_block_size, 0) > 8 @@ -269,8 +324,12 @@ #endif #endif +#ifdef CONFIG_MCUBOOT_BOOTUTIL_LIB_FOR_DIRECT_XIP +#define MCUBOOT_BOOTUTIL_LIB_FOR_DIRECT_XIP 1 +#endif + #if CONFIG_BOOT_WATCHDOG_FEED -#if CONFIG_NRFX_WDT +#if CONFIG_BOOT_WATCHDOG_FEED_NRFX_WDT #include #define FEED_WDT_INST(id) \ @@ -290,11 +349,22 @@ } while (0) #elif defined(CONFIG_NRFX_WDT0) #define MCUBOOT_WATCHDOG_FEED() FEED_WDT_INST(0); -#else /* defined(CONFIG_NRFX_WDT0) && defined(CONFIG_NRFX_WDT1) */ +#elif defined(CONFIG_NRFX_WDT30) && defined(CONFIG_NRFX_WDT31) +#define MCUBOOT_WATCHDOG_FEED() \ + do { \ + FEED_WDT_INST(30); \ + FEED_WDT_INST(31); \ + } while (0) +#elif defined(CONFIG_NRFX_WDT30) +#define MCUBOOT_WATCHDOG_FEED() FEED_WDT_INST(30); +#elif defined(CONFIG_NRFX_WDT31) +#define MCUBOOT_WATCHDOG_FEED() FEED_WDT_INST(31); +#else #error "No NRFX WDT instances enabled" -#endif /* defined(CONFIG_NRFX_WDT0) && defined(CONFIG_NRFX_WDT1) */ +#endif -#elif DT_NODE_HAS_STATUS(DT_ALIAS(watchdog0), okay) /* CONFIG_NRFX_WDT */ +#elif DT_NODE_HAS_STATUS(DT_ALIAS(watchdog0), \ + okay) /* CONFIG_BOOT_WATCHDOG_FEED_NRFX_WDT */ #include #include diff --git a/bootloader/include/single_loader.h b/bootloader/include/single_loader.h deleted file mode 100644 index 072c41c2..00000000 --- a/bootloader/include/single_loader.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * SPDX-License-Identifier: Apache-2.0 - * - * Copyright (c) 2021-2021 Crodeon Technologies - * - */ - -#ifndef H_SINGLE_LOADER_ -#define H_SINGLE_LOADER_ -#include "bootutil/fault_injection_hardening.h" - -/** - * Handle an encrypted firmware in the main flash. - * This will decrypt the image inplace - */ -int -boot_handle_enc_fw(); - -fih_ret -boot_image_validate(const struct flash_area *fa_p, struct image_header *hdr); -#endif diff --git a/bootloader/include/sysflash/sysflash.h b/bootloader/include/sysflash/sysflash.h index 95cc60c6..2b97213c 100644 --- a/bootloader/include/sysflash/sysflash.h +++ b/bootloader/include/sysflash/sysflash.h @@ -1,4 +1,8 @@ -/* Manual version of auto-generated version. */ +/* + * Copyright (c) 2023-2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ #ifndef __SYSFLASH_H__ #define __SYSFLASH_H__ @@ -6,43 +10,55 @@ #include #include #include +#include + +#ifndef SOC_FLASH_0_ID +#define SOC_FLASH_0_ID 0 +#endif + +#ifndef SPI_FLASH_0_ID +#define SPI_FLASH_0_ID 1 +#endif + +#if !defined(CONFIG_SINGLE_APPLICATION_SLOT) && \ + !defined(CONFIG_MCUBOOT_BOOTLOADER_MODE_SINGLE_APP) -#ifndef CONFIG_SINGLE_APPLICATION_SLOT +/* Each pair of slots is separated by , and there is no terminating character */ +#define FLASH_AREA_IMAGE_0_SLOTS slot0_partition, slot1_partition +#define FLASH_AREA_IMAGE_1_SLOTS slot2_partition, slot3_partition +#define FLASH_AREA_IMAGE_2_SLOTS slot4_partition, slot5_partition #if (MCUBOOT_IMAGE_NUMBER == 1) -/* - * NOTE: the definition below returns the same values for true/false on - * purpose, to avoid having to mark x as non-used by all callers when - * running in single image mode. - */ -#define FLASH_AREA_IMAGE_PRIMARY(x) \ - (((x) == 0) ? FIXED_PARTITION_ID(slot0_partition) \ - : FIXED_PARTITION_ID(slot0_partition)) -#define FLASH_AREA_IMAGE_SECONDARY(x) \ - (((x) == 0) ? FIXED_PARTITION_ID(slot1_partition) \ - : FIXED_PARTITION_ID(slot1_partition)) +#define ALL_AVAILABLE_SLOTS FLASH_AREA_IMAGE_0_SLOTS #elif (MCUBOOT_IMAGE_NUMBER == 2) -/* MCUBoot currently supports only up to 2 updateable firmware images. - * If the number of the current image is greater than MCUBOOT_IMAGE_NUMBER - 1 - * then a dummy value will be assigned to the flash area macros. - */ -#define FLASH_AREA_IMAGE_PRIMARY(x) \ - (((x) == 0) ? FIXED_PARTITION_ID(slot0_partition) \ - : ((x) == 1) ? FIXED_PARTITION_ID(slot2_partition) \ - : 255) -#define FLASH_AREA_IMAGE_SECONDARY(x) \ - (((x) == 0) ? FIXED_PARTITION_ID(slot1_partition) \ - : ((x) == 1) ? FIXED_PARTITION_ID(slot3_partition) \ - : 255) -#else -#error "Image slot and flash area mapping is not defined" +#define ALL_AVAILABLE_SLOTS FLASH_AREA_IMAGE_0_SLOTS, FLASH_AREA_IMAGE_1_SLOTS +#elif (MCUBOOT_IMAGE_NUMBER == 3) +#define ALL_AVAILABLE_SLOTS \ + FLASH_AREA_IMAGE_0_SLOTS, FLASH_AREA_IMAGE_1_SLOTS, FLASH_AREA_IMAGE_2_SLOTS #endif +static inline uint32_t +__flash_area_ids_for_slot(int img, int slot) +{ + static const int all_slots[] = { + FOR_EACH_NONEMPTY_TERM(FIXED_PARTITION_ID, (, ), ALL_AVAILABLE_SLOTS)}; + return all_slots[img * 2 + slot]; +}; + +#undef FLASH_AREA_IMAGE_0_SLOTS +#undef FLASH_AREA_IMAGE_1_SLOTS +#undef FLASH_AREA_IMAGE_2_SLOTS +#undef ALL_AVAILABLE_SLOTS + +#define FLASH_AREA_IMAGE_PRIMARY(x) __flash_area_ids_for_slot(x, 0) +#define FLASH_AREA_IMAGE_SECONDARY(x) __flash_area_ids_for_slot(x, 1) + #if !defined(CONFIG_BOOT_SWAP_USING_MOVE) #define FLASH_AREA_IMAGE_SCRATCH FIXED_PARTITION_ID(scratch_partition) #endif -#else /* CONFIG_SINGLE_APPLICATION_SLOT */ +#else /* !CONFIG_SINGLE_APPLICATION_SLOT && \ + !CONFIG_MCUBOOT_BOOTLOADER_MODE_SINGLE_APP */ #define FLASH_AREA_IMAGE_PRIMARY(x) FIXED_PARTITION_ID(slot0_partition) #define FLASH_AREA_IMAGE_SECONDARY(x) FIXED_PARTITION_ID(slot0_partition) diff --git a/bootloader/include/target.h b/bootloader/include/target.h index d9d46486..abfeac9c 100644 --- a/bootloader/include/target.h +++ b/bootloader/include/target.h @@ -32,7 +32,7 @@ */ #if (!defined(CONFIG_XTENSA) && !DT_HAS_CHOSEN(zephyr_flash_controller)) || \ (defined(CONFIG_XTENSA) && !DT_NODE_EXISTS(DT_INST(0, jedec_spi_nor)) && \ - !defined(CONFIG_SOC_FAMILY_ESP32)) || \ + !defined(CONFIG_SOC_FAMILY_ESPRESSIF_ESP32)) || \ !defined(FLASH_ALIGN) || !(FIXED_PARTITION_EXISTS(slot0_partition)) || \ !(FIXED_PARTITION_EXISTS(slot1_partition) || \ CONFIG_SINGLE_APPLICATION_SLOT) || \ diff --git a/bootloader/prj.conf b/bootloader/prj.conf index b2ae8edf..e649bcf8 100644 --- a/bootloader/prj.conf +++ b/bootloader/prj.conf @@ -15,9 +15,6 @@ CONFIG_BOOT_SIGNATURE_KEY_FILE="orb/public/utils/ota/root-ec-p256.pem" # encryption CONFIG_BOOT_SWAP_SAVE_ENCTLV=n # do not store encrypted TLV -CONFIG_BOOT_ENCRYPT_RSA=n -CONFIG_BOOT_ENCRYPT_EC256=y -CONFIG_BOOT_ENCRYPT_X25519=n CONFIG_BOOT_UPGRADE_ONLY=n CONFIG_BOOT_BOOTSTRAP=n diff --git a/bootloader/src/arm_cleanup.c b/bootloader/src/arm_cleanup.c index 02f444d9..9a5d3fad 100644 --- a/bootloader/src/arm_cleanup.c +++ b/bootloader/src/arm_cleanup.c @@ -4,9 +4,9 @@ * SPDX-License-Identifier: Apache-2.0 */ -#include #include +#include #if CONFIG_CPU_HAS_NXP_MPU #include #endif diff --git a/bootloader/src/flash_map_extended.c b/bootloader/src/flash_map_extended.c index df70bf65..684c198b 100644 --- a/bootloader/src/flash_map_extended.c +++ b/bootloader/src/flash_map_extended.c @@ -28,7 +28,7 @@ BOOT_LOG_MODULE_DECLARE(mcuboot); #define FLASH_DEVICE_BASE 0 #define FLASH_DEVICE_NODE DT_INST(0, jedec_spi_nor) -#elif defined(CONFIG_SOC_FAMILY_ESP32) +#elif defined(CONFIG_SOC_FAMILY_ESPRESSIF_ESP32) #define FLASH_DEVICE_ID SPI_FLASH_0_ID #define FLASH_DEVICE_BASE 0 @@ -117,6 +117,14 @@ flash_area_id_from_direct_image(int image_id) #if FIXED_PARTITION_EXISTS(slot3_partition) case 4: return FIXED_PARTITION_ID(slot3_partition); +#endif +#if FIXED_PARTITION_EXISTS(slot4_partition) + case 5: + return FIXED_PARTITION_ID(slot4_partition); +#endif +#if FIXED_PARTITION_EXISTS(slot5_partition) + case 6: + return FIXED_PARTITION_ID(slot5_partition); #endif } return -EINVAL; @@ -143,8 +151,12 @@ flash_area_sector_from_off(off_t off, struct flash_sector *sector) uint8_t flash_area_get_device_id(const struct flash_area *fa) { +#if defined(CONFIG_ARM) + return fa->fa_id; +#else (void)fa; return FLASH_DEVICE_ID; +#endif } #define ERASED_VAL 0xff diff --git a/bootloader/src/keys.c b/bootloader/src/keys.c index d25c327a..720e77d8 100644 --- a/bootloader/src/keys.c +++ b/bootloader/src/keys.c @@ -29,19 +29,20 @@ #include #if !defined(MCUBOOT_HW_KEY) -#if defined(MCUBOOT_SIGN_RSA) +#if defined(MCUBOOT_SIGN_RSA) || defined(MCUBOOT_SIGN_EC256) || \ + defined(MCUBOOT_SIGN_ED25519) #define HAVE_KEYS +#if defined(MCUBOOT_SIGN_RSA) extern const unsigned char rsa_pub_key[]; extern unsigned int rsa_pub_key_len; #elif defined(MCUBOOT_SIGN_EC256) -#define HAVE_KEYS extern const unsigned char ecdsa_pub_key[]; extern unsigned int ecdsa_pub_key_len; #elif defined(MCUBOOT_SIGN_ED25519) -#define HAVE_KEYS extern const unsigned char ed25519_pub_key[]; extern unsigned int ed25519_pub_key_len; #endif +#endif /* * NOTE: *_pub_key and *_pub_key_len are autogenerated based on the provided @@ -74,135 +75,14 @@ struct bootutil_key bootutil_keys[1] = {{ const int bootutil_key_cnt = 1; #endif /* !MCUBOOT_HW_KEY */ -#if defined(MCUBOOT_ENCRYPT_RSA) -// This is an unused key from upstream MCUBoot that is not used in production -unsigned char enc_priv_key[] = { - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, - 0xb4, 0x26, 0x14, 0x49, 0x3d, 0x16, 0x13, 0x3a, 0x6d, 0x9c, 0x84, 0xa9, - 0x8b, 0x6a, 0x10, 0x20, 0x61, 0xef, 0x48, 0x04, 0xa4, 0x4b, 0x24, 0xf3, - 0x00, 0x32, 0xac, 0x22, 0xe0, 0x30, 0x27, 0x70, 0x18, 0xe5, 0x55, 0xc8, - 0xb8, 0x05, 0x34, 0x03, 0xb0, 0xf8, 0xa5, 0x96, 0xd2, 0x48, 0x58, 0xef, - 0x70, 0xb0, 0x09, 0xdb, 0xe3, 0x58, 0x62, 0xef, 0x99, 0x63, 0x01, 0xb2, - 0x89, 0xc4, 0xb3, 0xf6, 0x9e, 0x62, 0xbf, 0x4d, 0xc2, 0x8a, 0xd0, 0xc9, - 0x4d, 0x43, 0xa3, 0xd8, 0xe5, 0x1d, 0xec, 0x62, 0x63, 0x08, 0xe2, 0x20, - 0xa5, 0xfc, 0x78, 0xd0, 0x3e, 0x74, 0xc8, 0xa4, 0x1b, 0x36, 0xad, 0x7b, - 0xf5, 0x06, 0xae, 0x4d, 0x51, 0x9b, 0x40, 0xce, 0x30, 0x4f, 0x6c, 0xea, - 0xf9, 0xe9, 0x74, 0xea, 0x06, 0xee, 0x9c, 0xe4, 0x14, 0x68, 0x20, 0xb9, - 0x3d, 0xe7, 0x11, 0x14, 0x8b, 0x25, 0xa3, 0xff, 0x4c, 0x8a, 0xf3, 0x53, - 0xee, 0x6b, 0x3e, 0xef, 0x34, 0xcd, 0x6a, 0x3f, 0x62, 0x68, 0xc0, 0xff, - 0x78, 0x4c, 0xb0, 0xc3, 0xe6, 0x96, 0x61, 0xfc, 0x1f, 0x18, 0xf1, 0x7a, - 0x82, 0xe2, 0x8f, 0x35, 0xa8, 0x2b, 0x86, 0x16, 0xa4, 0x46, 0xfb, 0xac, - 0x7e, 0x41, 0xdb, 0x02, 0x05, 0x91, 0x6d, 0xdf, 0xc1, 0xde, 0x13, 0x95, - 0x9c, 0xf9, 0x9e, 0x5e, 0x72, 0xba, 0xa7, 0x25, 0x93, 0xfb, 0xdc, 0xe8, - 0xab, 0x86, 0x45, 0x88, 0x47, 0x2d, 0xed, 0xee, 0xee, 0x97, 0x9e, 0xce, - 0x5d, 0x9b, 0x04, 0x04, 0x40, 0x7c, 0xcb, 0x7c, 0x3d, 0x2c, 0x74, 0xab, - 0xa4, 0xcc, 0x64, 0xa3, 0x5c, 0x95, 0x3d, 0xd4, 0xa2, 0xdc, 0x92, 0xb2, - 0xc8, 0x18, 0xcb, 0xf9, 0x00, 0x39, 0x81, 0x8f, 0x8f, 0x40, 0xc2, 0xdf, - 0x99, 0x29, 0xac, 0x8a, 0xc2, 0x3b, 0xd8, 0xa4, 0xf2, 0xad, 0xaf, 0x74, - 0xc0, 0x11, 0xc7, 0x99, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, - 0x00, 0x42, 0x47, 0x80, 0x4f, 0x31, 0xda, 0x5d, 0x58, 0xb1, 0xdb, 0x54, - 0x33, 0xcc, 0xc7, 0x49, 0x07, 0xa1, 0x00, 0x98, 0x4e, 0x9c, 0xe3, 0xc8, - 0xc4, 0x5e, 0xde, 0x45, 0xd6, 0xcf, 0x04, 0xe8, 0x7d, 0xa5, 0xab, 0x3a, - 0xd4, 0x8e, 0x5f, 0xdb, 0xb3, 0x3f, 0xf9, 0x3b, 0x73, 0x32, 0x0a, 0xcc, - 0x2d, 0xcc, 0x17, 0xf8, 0x88, 0x9e, 0x2c, 0x76, 0xba, 0x10, 0x85, 0x0c, - 0xaa, 0xd3, 0x65, 0x3b, 0x91, 0x10, 0xd4, 0xe3, 0xed, 0x88, 0x15, 0xea, - 0x9b, 0x25, 0x82, 0x2d, 0x56, 0x2f, 0x75, 0xc2, 0xf2, 0xaf, 0xdd, 0x24, - 0xd5, 0x3e, 0x3c, 0x95, 0x76, 0x88, 0x84, 0x0f, 0x0d, 0xd1, 0xb5, 0x5c, - 0x3e, 0xae, 0xf7, 0xb6, 0x49, 0x5c, 0x2c, 0xf2, 0xba, 0xe9, 0xab, 0x4f, - 0x37, 0x64, 0x9b, 0x30, 0x18, 0xaa, 0x54, 0x40, 0x04, 0xea, 0x3d, 0x25, - 0x4d, 0x02, 0x29, 0x71, 0x6f, 0x4d, 0x82, 0x9b, 0xc3, 0x44, 0x2a, 0x9d, - 0x0c, 0x98, 0xd3, 0xc8, 0x15, 0x0d, 0x04, 0x93, 0x60, 0x30, 0xc7, 0x5e, - 0x79, 0xea, 0x53, 0x9d, 0xc0, 0x0e, 0x81, 0xac, 0x90, 0xbc, 0x9e, 0x1e, - 0xd2, 0x28, 0x0f, 0x10, 0xf5, 0x1f, 0xdf, 0x38, 0x7f, 0x8a, 0x90, 0x8d, - 0x49, 0x07, 0x7d, 0x78, 0xcb, 0xa7, 0xef, 0x92, 0x6d, 0x3b, 0x13, 0x95, - 0x9b, 0xba, 0x83, 0xc6, 0xb3, 0x71, 0x25, 0x27, 0x07, 0x99, 0x54, 0x82, - 0x3d, 0xec, 0xc5, 0xf8, 0xb4, 0xa0, 0x38, 0x7a, 0x59, 0x6a, 0x0b, 0xca, - 0x69, 0x6c, 0x17, 0xa4, 0x18, 0xe0, 0xb4, 0xaa, 0x89, 0x99, 0x8f, 0xcb, - 0x71, 0x34, 0x09, 0x1b, 0x6e, 0xe6, 0x87, 0x00, 0xb5, 0xba, 0x70, 0x8a, - 0x29, 0x3d, 0x9a, 0x06, 0x18, 0x2d, 0x66, 0x5e, 0x61, 0x37, 0xeb, 0xdd, - 0x5e, 0xc8, 0x28, 0x92, 0x05, 0x30, 0xfd, 0xb8, 0x65, 0xb1, 0x7f, 0xbf, - 0x2d, 0x55, 0x12, 0x91, 0xc1, 0x02, 0x81, 0x81, 0x00, 0xda, 0x65, 0xda, - 0x38, 0x7c, 0x18, 0xfb, 0x00, 0x11, 0x60, 0xeb, 0x37, 0x65, 0xb8, 0x83, - 0x62, 0x88, 0xc4, 0x3a, 0x4e, 0x64, 0x6a, 0xf3, 0x3e, 0x4e, 0xc0, 0x34, - 0x19, 0x8a, 0xcb, 0x4a, 0xca, 0x2f, 0x5d, 0x50, 0x7a, 0xac, 0xf7, 0x9e, - 0x87, 0x5a, 0xfc, 0x4d, 0x49, 0xd7, 0xf9, 0x21, 0xf5, 0x0b, 0x6f, 0x57, - 0x41, 0x3d, 0x8f, 0xb8, 0xec, 0x7f, 0xcc, 0x92, 0x09, 0xbe, 0xd3, 0xa4, - 0xc3, 0x14, 0x85, 0x21, 0x5d, 0x05, 0xa3, 0xaa, 0x20, 0xf6, 0x62, 0x44, - 0x50, 0x03, 0x5e, 0x53, 0x4a, 0xcd, 0x6a, 0xb6, 0x65, 0x8e, 0x4e, 0x4b, - 0x3f, 0x25, 0xc6, 0x16, 0x31, 0xf5, 0x99, 0x13, 0x77, 0x42, 0xda, 0xdc, - 0x70, 0x4d, 0x65, 0xb0, 0x99, 0x0f, 0xdf, 0x5a, 0xb1, 0x45, 0xf0, 0xb9, - 0x8e, 0xa0, 0xae, 0x4f, 0x4d, 0x65, 0x09, 0x84, 0xb5, 0x38, 0x29, 0xbf, - 0x69, 0xe0, 0x88, 0x1f, 0x27, 0x02, 0x81, 0x81, 0x00, 0xd3, 0x2a, 0x59, - 0xec, 0x28, 0xc3, 0x0d, 0x4f, 0x92, 0x96, 0xca, 0x67, 0x94, 0xfc, 0x2e, - 0xa6, 0x86, 0x68, 0x45, 0x53, 0x92, 0xcc, 0x86, 0x7f, 0x8a, 0xe1, 0x5d, - 0xe8, 0x1d, 0x9e, 0xbb, 0x1e, 0x00, 0x26, 0x1d, 0x80, 0x12, 0xff, 0x9c, - 0x11, 0x0a, 0xbd, 0xa6, 0xc3, 0x8d, 0x48, 0xda, 0xfc, 0x10, 0xf7, 0x7a, - 0x16, 0x07, 0x15, 0xa0, 0x3a, 0xd3, 0x94, 0xfb, 0x52, 0x87, 0x39, 0xee, - 0xe7, 0xc4, 0x26, 0x49, 0x16, 0xc6, 0xc0, 0x83, 0x25, 0xbf, 0x6a, 0x4e, - 0x8c, 0x0b, 0x10, 0x85, 0x66, 0xab, 0x7e, 0xae, 0xac, 0x4c, 0x69, 0x3c, - 0x44, 0xeb, 0xcd, 0xe9, 0xf6, 0x64, 0x8b, 0x4a, 0xd8, 0x6a, 0x4d, 0x6d, - 0x47, 0xa9, 0xb8, 0x55, 0x72, 0xc1, 0xfd, 0xf4, 0x81, 0x4c, 0x66, 0xbe, - 0x49, 0xf2, 0x75, 0x4f, 0x80, 0xf1, 0x20, 0x38, 0xb8, 0x6a, 0x1b, 0x75, - 0x41, 0x30, 0x0f, 0x1b, 0x3f, 0x02, 0x81, 0x80, 0x09, 0x35, 0xfa, 0x7a, - 0x1f, 0x61, 0xbe, 0x54, 0x46, 0x67, 0x5c, 0x04, 0x3e, 0x1a, 0x06, 0x10, - 0x85, 0xcc, 0x20, 0xd9, 0x65, 0x8a, 0xcd, 0x2f, 0x77, 0x8a, 0xcb, 0xa7, - 0xb8, 0x1e, 0xd2, 0xcc, 0xac, 0x2a, 0xb7, 0x56, 0x35, 0x2d, 0x4c, 0x56, - 0x51, 0x14, 0x0a, 0xfe, 0x6e, 0x49, 0x67, 0x91, 0x3a, 0x26, 0x3b, 0xfb, - 0xd8, 0x68, 0xd3, 0x57, 0xc6, 0x1c, 0x0e, 0x9c, 0xb2, 0x9b, 0xa2, 0x7b, - 0x47, 0xc6, 0x45, 0x9d, 0xf2, 0xba, 0xf0, 0x55, 0xeb, 0x8e, 0x41, 0x6b, - 0x4e, 0x79, 0x0f, 0xf2, 0x3b, 0xaf, 0xa0, 0x79, 0xb0, 0x02, 0xc5, 0x51, - 0xa8, 0x7a, 0x2e, 0x3d, 0x75, 0x2a, 0x3b, 0x93, 0xf0, 0x11, 0xe2, 0xf2, - 0x29, 0x91, 0x7c, 0x5d, 0x38, 0x3a, 0x27, 0x4d, 0x0a, 0xb2, 0x18, 0x61, - 0x57, 0x8d, 0x82, 0x72, 0xb5, 0x2c, 0x2d, 0x98, 0xa7, 0x01, 0xbb, 0xbc, - 0xef, 0x67, 0x4e, 0x49, 0x02, 0x81, 0x81, 0x00, 0xb2, 0x70, 0x53, 0x54, - 0x70, 0x8d, 0x82, 0xad, 0xff, 0x1d, 0x55, 0x24, 0x7a, 0x8d, 0x2f, 0x8e, - 0xa0, 0x7d, 0x74, 0x37, 0xcf, 0x10, 0xed, 0x86, 0xd1, 0x80, 0xe7, 0xad, - 0xc1, 0x79, 0xe4, 0x7c, 0xd1, 0x7b, 0x63, 0xea, 0x5a, 0x23, 0x8d, 0x6a, - 0x09, 0x3d, 0x81, 0xb2, 0x35, 0xad, 0x9e, 0xfe, 0xea, 0x07, 0x76, 0x2f, - 0x2f, 0x05, 0x63, 0x44, 0xd2, 0x8e, 0x4e, 0x61, 0xca, 0xcb, 0x75, 0xca, - 0x7b, 0xc2, 0x2e, 0x79, 0x04, 0xb2, 0xa1, 0x20, 0x40, 0xc4, 0x40, 0x63, - 0xae, 0xe5, 0xe3, 0x14, 0x83, 0x4e, 0xa5, 0xa4, 0x0b, 0x5d, 0xd2, 0x04, - 0x1b, 0x8f, 0x01, 0x69, 0xa8, 0x44, 0xdc, 0x96, 0x4c, 0x1d, 0xe9, 0x7e, - 0x69, 0x38, 0xcf, 0x5c, 0x0d, 0xf9, 0xdf, 0xa7, 0x73, 0x3c, 0x4f, 0x08, - 0x85, 0xce, 0x03, 0xc4, 0xdd, 0xfd, 0x70, 0x70, 0xc5, 0x99, 0x36, 0x58, - 0x43, 0x98, 0x40, 0x59, 0x02, 0x81, 0x81, 0x00, 0xd5, 0xaa, 0xfb, 0xec, - 0x8d, 0xc6, 0xdd, 0xfa, 0x2b, 0x5a, 0x24, 0xd0, 0xda, 0x58, 0xbd, 0x87, - 0x92, 0x1a, 0x29, 0x62, 0x13, 0x1d, 0x4b, 0x79, 0x1b, 0xbe, 0x79, 0x7d, - 0xad, 0x79, 0xca, 0x17, 0x75, 0xda, 0xe8, 0x32, 0xe8, 0xa0, 0x9e, 0xa8, - 0x77, 0x53, 0xac, 0x38, 0xd6, 0xeb, 0xe6, 0x22, 0x65, 0xc4, 0xaa, 0x4c, - 0xc8, 0xd0, 0x33, 0x1a, 0x1e, 0xbe, 0xbd, 0x73, 0x09, 0x4a, 0xfa, 0x85, - 0x5c, 0xf3, 0x0c, 0x9c, 0x81, 0x56, 0x30, 0xa7, 0xf7, 0x9b, 0xf4, 0x92, - 0x9c, 0x6b, 0x93, 0x6a, 0x00, 0x33, 0xdc, 0x2f, 0x54, 0x1e, 0x78, 0xd4, - 0x97, 0xec, 0x24, 0xa2, 0xdb, 0x3d, 0x03, 0x33, 0x09, 0xb2, 0x2c, 0x03, - 0x05, 0x40, 0xde, 0x52, 0xf2, 0x9b, 0xfa, 0x00, 0x8d, 0x4b, 0xfe, 0x5b, - 0x9b, 0x9c, 0x73, 0xad, 0xfb, 0x7a, 0x00, 0x42, 0x62, 0x9e, 0xa0, 0x95, - 0x55, 0x50, 0x32, 0x87}; -static unsigned int enc_priv_key_len = 1192; - -const struct bootutil_key bootutil_enc_key = { - .key = enc_priv_key, - .len = &enc_priv_key_len, -}; -#elif defined(MCUBOOT_ENCRYPT_EC256) +#if defined(MCUBOOT_ENCRYPT_RSA) || defined(MCUBOOT_ENCRYPT_X25519) || \ + defined(MCUBOOT_ENCRYPT_EC256) extern const unsigned char enc_priv_key[]; extern unsigned int enc_priv_key_len; const struct bootutil_key bootutil_enc_key = { .key = enc_priv_key, .len = &enc_priv_key_len, }; -#elif defined(MCUBOOT_ENCRYPT_X25519) -// This is an unused key from upstream MCUBoot that is not used in production -unsigned char enc_key[] = { - 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x6e, - 0x04, 0x22, 0x04, 0x20, 0x28, 0x80, 0x2f, 0xef, 0xef, 0x82, 0x95, 0x50, - 0xf1, 0x41, 0x93, 0x03, 0x6c, 0x1b, 0xb9, 0x49, 0x6c, 0x51, 0xe5, 0x26, - 0x87, 0x8f, 0x77, 0x07, 0xf8, 0xb4, 0x1f, 0x04, 0x45, 0x6d, 0x84, 0x4f, -}; -static unsigned int enc_key_len = 48; -const struct bootutil_key bootutil_enc_key = { - .key = enc_key, - .len = &enc_key_len, -}; #elif defined(MCUBOOT_ENCRYPT_KW) #error "Encrypted images with AES-KW is not implemented yet." #endif diff --git a/bootloader/src/main.c b/bootloader/src/main.c index 84f7e3b6..713f19f8 100644 --- a/bootloader/src/main.c +++ b/bootloader/src/main.c @@ -27,12 +27,17 @@ #include #include -#if defined(CONFIG_CPU_AARCH32_CORTEX_A) || defined(CONFIG_CPU_AARCH32_CORTEX_R) -#include -#elif defined(CONFIG_CPU_CORTEX_M) -#include +#if defined(CONFIG_BOOT_DISABLE_CACHES) +#include #endif +#if defined(CONFIG_ARM) +#include +#endif + +#include + +#include "io/io.h" #include "target.h" #include "bootutil/bootutil.h" @@ -43,10 +48,10 @@ #include "flash_map_backend/flash_map_backend.h" /* Check if Espressif target is supported */ -#ifdef CONFIG_SOC_FAMILY_ESP32 +#ifdef CONFIG_SOC_FAMILY_ESPRESSIF_ESP32 #include -#include +#include #define IMAGE_INDEX_0 0 #define IMAGE_INDEX_1 1 @@ -64,7 +69,7 @@ #define IMAGE1_PRIMARY_SIZE \ DT_PROP_BY_IDX(DT_NODE_BY_FIXED_PARTITION_LABEL(image_1), reg, 1) -#endif /* CONFIG_SOC_FAMILY_ESP32 */ +#endif /* CONFIG_SOC_FAMILY_ESPRESSIF_ESP32 */ #ifdef CONFIG_MCUBOOT_SERIAL #include "boot_serial/boot_serial.h" @@ -74,10 +79,6 @@ const struct boot_uart_funcs boot_funcs = {.read = console_read, .write = console_write}; #endif -#ifdef CONFIG_BOOT_SERIAL_BOOT_MODE -#include -#endif - #if defined(CONFIG_BOOT_USB_DFU_WAIT) || defined(CONFIG_BOOT_USB_DFU_GPIO) #include #endif @@ -86,10 +87,6 @@ const struct boot_uart_funcs boot_funcs = {.read = console_read, #include #endif -#ifdef CONFIG_BOOT_SERIAL_PIN_RESET -#include -#endif - /* CONFIG_LOG_MINIMAL is the legacy Kconfig property, * replaced by CONFIG_LOG_MODE_MINIMAL. */ @@ -108,7 +105,7 @@ const struct boot_uart_funcs boot_funcs = {.read = console_read, !defined(ZEPHYR_LOG_MODE_MINIMAL) #ifdef CONFIG_LOG_PROCESS_THREAD #warning "The log internal thread for log processing can't transfer the log"\ - "well for MCUBoot." + "well for MCUBoot." #else #include @@ -136,70 +133,8 @@ K_SEM_DEFINE(boot_log_sem, 1, 1); * !defined(ZEPHYR_LOG_MODE_MINIMAL) \ */ -#ifdef CONFIG_SOC_FAMILY_NRF -#include - -static inline bool -boot_skip_serial_recovery() -{ - uint32_t rr = nrfx_reset_reason_get(); - - return !(rr == 0 || (rr & NRFX_RESET_REASON_RESETPIN_MASK)); -} -#else -static inline bool -boot_skip_serial_recovery() -{ - return false; -} -#endif - BOOT_LOG_MODULE_REGISTER(mcuboot); -/* Validate serial recovery configuration */ -#ifdef CONFIG_MCUBOOT_SERIAL -#if !defined(CONFIG_BOOT_SERIAL_ENTRANCE_GPIO) && \ - !defined(CONFIG_BOOT_SERIAL_WAIT_FOR_DFU) && \ - !defined(CONFIG_BOOT_SERIAL_BOOT_MODE) && \ - !defined(CONFIG_BOOT_SERIAL_NO_APPLICATION) && \ - !defined(CONFIG_BOOT_SERIAL_PIN_RESET) -#error "Serial recovery selected without an entrance mode set" -#endif -#endif - -#ifdef CONFIG_MCUBOOT_INDICATION_LED - -/* - * The led0 devicetree alias is optional. If present, we'll use it - * to turn on the LED whenever the button is pressed. - */ -#if DT_NODE_EXISTS(DT_ALIAS(mcuboot_led0)) -#define LED0_NODE DT_ALIAS(mcuboot_led0) -#elif DT_NODE_EXISTS(DT_ALIAS(bootloader_led0)) -#warning "bootloader-led0 alias is deprecated; use mcuboot-led0 instead" -#define LED0_NODE DT_ALIAS(bootloader_led0) -#endif - -#if DT_NODE_HAS_STATUS(LED0_NODE, okay) && DT_NODE_HAS_PROP(LED0_NODE, gpios) -static const struct gpio_dt_spec led0 = GPIO_DT_SPEC_GET(LED0_NODE, gpios); -#else -/* A build error here means your board isn't set up to drive an LED. */ -#error "Unsupported board: led0 devicetree alias is not defined" -#endif - -void -led_init(void) -{ - if (!device_is_ready(led0.port)) { - BOOT_LOG_ERR("Didn't find LED device referred by the LED0_NODE\n"); - return; - } - - gpio_pin_configure_dt(&led0, GPIO_OUTPUT); - gpio_pin_set_dt(&led0, 0); -} -#endif /* CONFIG_MCUBOOT_INDICATION_LED */ - void os_heap_init(void); @@ -229,15 +164,27 @@ do_boot(struct boot_rsp *rsp) vt = (struct arm_vector_table *)(rsp->br_hdr->ih_load_addr + rsp->br_hdr->ih_hdr_size); #else - uintptr_t flash_base; int rc; + const struct flash_area *fap; + static uint32_t dst[2]; /* Jump to flash image */ - rc = flash_device_base(rsp->br_flash_dev_id, &flash_base); + rc = flash_area_open(rsp->br_flash_dev_id, &fap); assert(rc == 0); - vt = (struct arm_vector_table *)(flash_base + rsp->br_image_off + - rsp->br_hdr->ih_hdr_size); + rc = flash_area_read(fap, rsp->br_hdr->ih_hdr_size, dst, sizeof(dst)); + assert(rc == 0); +#ifndef CONFIG_ASSERT + /* Enter a lock up as asserts are disabled */ + if (rc != 0) { + while (1) + ; + } +#endif + + flash_area_close(fap); + + vt = (struct arm_vector_table *)dst; #endif if (IS_ENABLED(CONFIG_SYSTEM_TIMER_HAS_DISABLE_SUPPORT)) { @@ -251,11 +198,13 @@ do_boot(struct boot_rsp *rsp) #if CONFIG_MCUBOOT_CLEANUP_ARM_CORE cleanup_arm_nvic(); /* cleanup NVIC registers */ -#ifdef CONFIG_CPU_CORTEX_M_HAS_CACHE - /* Disable instruction cache and data cache before chain-load the +#if defined(CONFIG_BOOT_DISABLE_CACHES) + /* Flush and disable instruction/data caches before chain-loading the * application */ - SCB_DisableDCache(); - SCB_DisableICache(); + (void)sys_cache_instr_flush_all(); + (void)sys_cache_data_flush_all(); + sys_cache_instr_disable(); + sys_cache_data_disable(); #endif #if CONFIG_CPU_HAS_ARM_MPU || CONFIG_CPU_HAS_NXP_MPU @@ -301,7 +250,7 @@ do_boot(struct boot_rsp *rsp) #elif defined(CONFIG_XTENSA) || defined(CONFIG_RISCV) -#ifndef CONFIG_SOC_FAMILY_ESP32 +#ifndef CONFIG_SOC_FAMILY_ESPRESSIF_ESP32 #define SRAM_BASE_ADDRESS 0xBE030000 @@ -331,7 +280,7 @@ copy_img_to_SRAM(int slot, unsigned int hdr_offset) done: flash_area_close(fap); } -#endif /* !CONFIG_SOC_FAMILY_ESP32 */ +#endif /* !CONFIG_SOC_FAMILY_ESPRESSIF_ESP32 */ /* Entry point (.ResetVector) is at the very beginning of the image. * Simply copy the image to a suitable location and jump there. @@ -339,12 +288,14 @@ copy_img_to_SRAM(int slot, unsigned int hdr_offset) static void do_boot(struct boot_rsp *rsp) { +#ifndef CONFIG_SOC_FAMILY_ESPRESSIF_ESP32 void *start; +#endif /* CONFIG_SOC_FAMILY_ESPRESSIF_ESP32 */ BOOT_LOG_INF("br_image_off = 0x%x\n", rsp->br_image_off); BOOT_LOG_INF("ih_hdr_size = 0x%x\n", rsp->br_hdr->ih_hdr_size); -#ifdef CONFIG_SOC_FAMILY_ESP32 +#ifdef CONFIG_SOC_FAMILY_ESPRESSIF_ESP32 int slot = (rsp->br_image_off == IMAGE0_PRIMARY_START_ADDRESS) ? PRIMARY_SLOT : SECONDARY_SLOT; @@ -357,7 +308,7 @@ do_boot(struct boot_rsp *rsp) /* Jump to entry point */ start = (void *)(SRAM_BASE_ADDRESS + rsp->br_hdr->ih_hdr_size); ((void (*)(void))start)(); -#endif /* CONFIG_SOC_FAMILY_ESP32 */ +#endif /* CONFIG_SOC_FAMILY_ESPRESSIF_ESP32 */ } #else @@ -388,6 +339,56 @@ do_boot(struct boot_rsp *rsp) } #endif +#ifdef DEBUG +/** + * Using the original Zephyr app image can be useful to easily debug the + * application This image doesn't contain a valid header so this function simply + * bypass checks performed on the header + */ +static void +do_boot_debug() +{ + uintptr_t flash_base; + int rc; + struct arm_vector_table *vt; + struct image_header header; + + rc = flash_device_base(SOC_FLASH_0_ID, &flash_base); + assert(rc == 0); + + // get offset of the image in flash + const struct flash_area *flash_area_p; + rc = flash_area_open(flash_area_id_from_image_slot(0), &flash_area_p); + assert(rc == 0); + + // get header size + // default to 0x200 = CONFIG_ROM_START_OFFSET for the Orb MCUs' app. + uint32_t hdr_size = 0x200; + rc = boot_image_load_header(flash_area_p, &header); + if (rc == 0) { + hdr_size = header.ih_hdr_size; + } + + vt = (struct arm_vector_table *)(flash_base + flash_area_p->fa_off + + hdr_size); + + // checking that the entry point is still within a valid range + if (vt->reset > (uint32_t)vt && + vt->reset < (uint32_t)(flash_base + flash_area_p->fa_off + 0x44000)) { + BOOT_LOG_INF("Jumping into image during debug session @0x%x", + (uint32_t)vt->reset); +#ifdef CONFIG_SYS_CLOCK_EXISTS + sys_clock_disable(); +#endif + + /* Lock interrupts and dive into the entry point */ + irq_lock(); + __set_MSP(vt->msp); + ((void (*)(void))vt->reset)(); + } +} +#endif // DEBUG + #if defined(CONFIG_LOG) && !defined(ZEPHYR_LOG_MODE_IMMEDIATE) && \ !defined(CONFIG_LOG_PROCESS_THREAD) && !defined(ZEPHYR_LOG_MODE_MINIMAL) /* The log internal thread for log processing can't transfer log well as has too @@ -428,10 +429,10 @@ void zephyr_boot_log_start(void) { /* start logging thread */ - k_thread_create( - &boot_log_thread, boot_log_stack, K_THREAD_STACK_SIZEOF(boot_log_stack), - (k_thread_entry_t)boot_log_thread_func, NULL, NULL, NULL, - K_HIGHEST_APPLICATION_THREAD_PRIO, 0, BOOT_LOG_PROCESSING_INTERVAL); + k_thread_create(&boot_log_thread, boot_log_stack, + K_THREAD_STACK_SIZEOF(boot_log_stack), boot_log_thread_func, + NULL, NULL, NULL, K_HIGHEST_APPLICATION_THREAD_PRIO, 0, + BOOT_LOG_PROCESSING_INTERVAL); k_thread_name_set(&boot_log_thread, "logging"); } @@ -454,124 +455,16 @@ zephyr_boot_log_stop(void) */ #if defined(CONFIG_BOOT_SERIAL_ENTRANCE_GPIO) || \ - defined(CONFIG_BOOT_USB_DFU_GPIO) - -#ifdef CONFIG_MCUBOOT_SERIAL -#define BUTTON_0_DETECT_DELAY CONFIG_BOOT_SERIAL_DETECT_DELAY -#else -#define BUTTON_0_DETECT_DELAY CONFIG_BOOT_USB_DFU_DETECT_DELAY -#endif - -#define BUTTON_0_NODE DT_ALIAS(mcuboot_button0) - -#if DT_NODE_EXISTS(BUTTON_0_NODE) && DT_NODE_HAS_PROP(BUTTON_0_NODE, gpios) -static const struct gpio_dt_spec button0 = - GPIO_DT_SPEC_GET(BUTTON_0_NODE, gpios); -#else -#error \ - "Serial recovery/USB DFU button must be declared in device tree as 'mcuboot_button0'" -#endif - -static bool -detect_pin(void) -{ - int rc; - int pin_active; - - if (!device_is_ready(button0.port)) { - __ASSERT(false, "GPIO device is not ready.\n"); - return false; - } - - rc = gpio_pin_configure_dt(&button0, GPIO_INPUT); - __ASSERT(rc == 0, "Failed to initialize boot detect pin.\n"); - - rc = gpio_pin_get_dt(&button0); - pin_active = rc; - - __ASSERT(rc >= 0, "Failed to read boot detect pin.\n"); - - if (pin_active) { - if (BUTTON_0_DETECT_DELAY > 0) { -#ifdef CONFIG_MULTITHREADING - k_sleep(K_MSEC(50)); -#else - k_busy_wait(50000); -#endif - - /* Get the uptime for debounce purposes. */ - int64_t timestamp = k_uptime_get(); - - for (;;) { - rc = gpio_pin_get_dt(&button0); - pin_active = rc; - __ASSERT(rc >= 0, "Failed to read boot detect pin.\n"); - - /* Get delta from when this started */ - uint32_t delta = k_uptime_get() - timestamp; - - /* If not pressed OR if pressed > debounce period, stop. */ - if (delta >= BUTTON_0_DETECT_DELAY || !pin_active) { - break; - } - - /* Delay 1 ms */ -#ifdef CONFIG_MULTITHREADING - k_sleep(K_MSEC(1)); -#else - k_busy_wait(1000); -#endif - } - } - } - - return (bool)pin_active; -} -#endif - -#ifdef DEBUG -/** - * Using the original Zephyr app image can be useful to easily debug the - * application This image doesn't contain a valid header so this function simply - * bypass checks performed on the header - */ -static void -do_boot_debug() -{ - uintptr_t flash_base; - int rc; - struct arm_vector_table *vt; - - rc = flash_device_base(SOC_FLASH_0_ID, &flash_base); - assert(rc == 0); - - // hardcoded offset + header size - vt = (struct arm_vector_table *)(flash_base + 0xC000 + 0x200); - - // checking that the entry point is still within a valid range - if (vt->reset > (uint32_t)vt && vt->reset < (uint32_t)0x8044000) { - BOOT_LOG_INF("Jumping into image during debug session @0x%x", - (uint32_t)vt->reset); -#ifdef CONFIG_SYS_CLOCK_EXISTS - sys_clock_disable(); -#endif - - /* Lock interrupts and dive into the entry point */ - irq_lock(); - __set_MSP(vt->msp); - ((void (*)(void))vt->reset)(); - } -} -#endif // DEBUG - -#ifdef CONFIG_MCUBOOT_SERIAL + defined(CONFIG_BOOT_SERIAL_PIN_RESET) || \ + defined(CONFIG_BOOT_SERIAL_BOOT_MODE) || \ + defined(CONFIG_BOOT_SERIAL_NO_APPLICATION) static void boot_serial_enter() { int rc; #ifdef CONFIG_MCUBOOT_INDICATION_LED - gpio_pin_set_dt(&led0, 1); + io_led_set(1); #endif mcuboot_status_change(MCUBOOT_STATUS_SERIAL_DFU_ENTERED); @@ -591,14 +484,6 @@ main(void) int rc; FIH_DECLARE(fih_rc, FIH_FAILURE); -#ifdef CONFIG_BOOT_SERIAL_BOOT_MODE - int32_t boot_mode; -#endif - -#ifdef CONFIG_BOOT_SERIAL_PIN_RESET - uint32_t reset_cause; -#endif - MCUBOOT_WATCHDOG_SETUP(); MCUBOOT_WATCHDOG_FEED(); @@ -610,7 +495,7 @@ main(void) #ifdef CONFIG_MCUBOOT_INDICATION_LED /* LED init */ - led_init(); + io_led_init(); #endif os_heap_init(); @@ -622,24 +507,21 @@ main(void) mcuboot_status_change(MCUBOOT_STATUS_STARTUP); #ifdef CONFIG_BOOT_SERIAL_ENTRANCE_GPIO - if (detect_pin() && !boot_skip_serial_recovery()) { + if (io_detect_pin() && !io_boot_skip_serial_recovery()) { boot_serial_enter(); } #endif #ifdef CONFIG_BOOT_SERIAL_PIN_RESET - rc = hwinfo_get_reset_cause(&reset_cause); - - if (rc == 0 && reset_cause == RESET_PIN) { - (void)hwinfo_clear_reset_cause(); + if (io_detect_pin_reset()) { boot_serial_enter(); } #endif #if defined(CONFIG_BOOT_USB_DFU_GPIO) - if (detect_pin()) { + if (io_detect_pin()) { #ifdef CONFIG_MCUBOOT_INDICATION_LED - gpio_pin_set_dt(&led0, 1); + io_led_set(1); #endif mcuboot_status_change(MCUBOOT_STATUS_USB_DFU_ENTERED); @@ -678,18 +560,19 @@ main(void) rc = boot_console_init(); int timeout_in_ms = CONFIG_BOOT_SERIAL_WAIT_FOR_DFU_TIMEOUT; uint32_t start = k_uptime_get_32(); + +#ifdef CONFIG_MCUBOOT_INDICATION_LED + io_led_set(1); +#endif #endif FIH_CALL(boot_go, fih_rc, &rsp); #ifdef CONFIG_BOOT_SERIAL_BOOT_MODE - boot_mode = bootmode_check(BOOT_MODE_TYPE_BOOTLOADER); - - if (boot_mode == 1) { + if (io_detect_boot_mode()) { /* Boot mode to stay in bootloader, clear status and enter serial * recovery mode */ - bootmode_clear(); boot_serial_enter(); } #endif @@ -701,6 +584,10 @@ main(void) timeout_in_ms = 1; } boot_serial_check_start(&boot_funcs, timeout_in_ms); + +#ifdef CONFIG_MCUBOOT_INDICATION_LED + io_led_set(0); +#endif #endif if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) { @@ -718,12 +605,28 @@ main(void) * recovery mode */ boot_serial_enter(); +#elif defined(CONFIG_BOOT_USB_DFU_NO_APPLICATION) + rc = usb_enable(NULL); + if (rc && rc != -EALREADY) { + BOOT_LOG_ERR("Cannot enable USB"); + } else { + BOOT_LOG_INF("Waiting for USB DFU"); + wait_for_usb_dfu(K_FOREVER); + } #endif FIH_PANIC; } +#ifdef CONFIG_BOOT_RAM_LOAD + BOOT_LOG_INF("Bootloader chainload address offset: 0x%x", + rsp.br_hdr->ih_load_addr); +#else BOOT_LOG_INF("Bootloader chainload address offset: 0x%x", rsp.br_image_off); +#endif + + BOOT_LOG_INF("Image version: v%d.%d.%d", rsp.br_hdr->ih_ver.iv_major, + rsp.br_hdr->ih_ver.iv_minor, rsp.br_hdr->ih_ver.iv_revision); #if defined(MCUBOOT_DIRECT_XIP) BOOT_LOG_INF("Jumping to the image slot"); From c38cad0edff872ac433128ae1b6a717d3be7f651 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Wed, 27 Nov 2024 18:41:09 +0100 Subject: [PATCH 09/17] chore(picolibc): use picolibc by default instead of newlib redefine M_PI BUILD_ASSERT must be used instead of static_assert Signed-off-by: Cyril Fougeray --- lib/include/utils.h | 8 ++++++++ main_board/prj.conf | 4 ++-- main_board/src/optics/mirror/mirror.c | 9 +-------- main_board/src/power/battery/battery_amber.c | 2 +- main_board/src/power/battery/battery_ruby.c | 2 +- main_board/src/runner/runner.c | 5 ++--- 6 files changed, 15 insertions(+), 15 deletions(-) diff --git a/lib/include/utils.h b/lib/include/utils.h index 5c08025e..87084156 100644 --- a/lib/include/utils.h +++ b/lib/include/utils.h @@ -52,4 +52,12 @@ } while (0) #endif +// _ANSI_SOURCE is used with newlib to make sure newlib doesn't provide +// primitives conflicting with Zephyr's POSIX definitions which remove +// definition of M_PI, so let's redefine it +#if defined(_ANSI_SOURCE) +// taken from math.h +#define M_PI 3.14159265358979323846f +#endif + #define STATIC_OR_EXTERN static diff --git a/main_board/prj.conf b/main_board/prj.conf index 71b27370..14f6df3f 100644 --- a/main_board/prj.conf +++ b/main_board/prj.conf @@ -24,8 +24,8 @@ CONFIG_RING_BUFFER=y CONFIG_UART_ASYNC_API=y # Floating Point Options -CONFIG_NEWLIB_LIBC=y -CONFIG_NEWLIB_LIBC_NANO=y +CONFIG_PICOLIBC=y +CONFIG_PICOLIBC_IO_FLOAT=y CONFIG_FPU=y CONFIG_FPU_SHARING=y diff --git a/main_board/src/optics/mirror/mirror.c b/main_board/src/optics/mirror/mirror.c index 835a69af..0c2b3448 100644 --- a/main_board/src/optics/mirror/mirror.c +++ b/main_board/src/optics/mirror/mirror.c @@ -7,19 +7,12 @@ #include #include #include +#include #include #include #include #include -// _ANSI_SOURCE is used with newlib to make sure newlib doesn't provide -// primitives conflicting with Zephyr's POSIX definitions which remove -// definition of M_PI, so let's redefine it -#if defined(CONFIG_NEWLIB_LIBC) && defined(_ANSI_SOURCE) -// taken from math.h -#define M_PI 3.14159265358979323846f -#endif - LOG_MODULE_REGISTER(mirror, CONFIG_MIRROR_LOG_LEVEL); K_THREAD_STACK_DEFINE(stack_area_mirror_work_queue, 2048); diff --git a/main_board/src/power/battery/battery_amber.c b/main_board/src/power/battery/battery_amber.c index d31a4e70..727072ed 100644 --- a/main_board/src/power/battery/battery_amber.c +++ b/main_board/src/power/battery/battery_amber.c @@ -41,7 +41,7 @@ static orb_mcu_main_BatteryIsCharging is_charging; #define BATTERY_MESSAGES_REMOVED_TIMEOUT_MS (BATTERY_INFO_SEND_PERIOD_MS * 3) #define BATTERY_MESSAGES_FORCE_REBOOT_TIMEOUT_MS \ (BATTERY_INFO_SEND_PERIOD_MS * 10) -static_assert( +BUILD_ASSERT( BATTERY_MESSAGES_FORCE_REBOOT_TIMEOUT_MS > BATTERY_INFO_SEND_PERIOD_MS * 3, "Coarse timing resolution to check if battery is still sending messages"); diff --git a/main_board/src/power/battery/battery_ruby.c b/main_board/src/power/battery/battery_ruby.c index 85783cd0..f5e4535d 100644 --- a/main_board/src/power/battery/battery_ruby.c +++ b/main_board/src/power/battery/battery_ruby.c @@ -43,7 +43,7 @@ static orb_mcu_main_BatteryIsCharging is_charging; #define BATTERY_MESSAGES_REMOVED_TIMEOUT_MS (BATTERY_INFO_SEND_PERIOD_MS * 3) #define BATTERY_MESSAGES_FORCE_REBOOT_TIMEOUT_MS \ (BATTERY_INFO_SEND_PERIOD_MS * 10) -static_assert( +BUILD_ASSERT( BATTERY_MESSAGES_FORCE_REBOOT_TIMEOUT_MS > BATTERY_INFO_SEND_PERIOD_MS * 3, "Coarse timing resolution to check if battery is still sending messages"); diff --git a/main_board/src/runner/runner.c b/main_board/src/runner/runner.c index 61bbd33b..1c518641 100644 --- a/main_board/src/runner/runner.c +++ b/main_board/src/runner/runner.c @@ -1445,9 +1445,8 @@ static const hm_callback handle_message_callbacks[] = { #endif }; -static_assert( - ARRAY_SIZE(handle_message_callbacks) <= 48, - "It seems like the `handle_message_callbacks` array is too large"); +BUILD_ASSERT((ARRAY_SIZE(handle_message_callbacks) <= 48), + "It seems like the `handle_message_callbacks` array is too large"); _Noreturn static void runner_process_jobs_thread() From 5f0f48556d4052c6cc6673147e1b32ebe53d7f4d Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 29 Nov 2024 10:54:34 +0100 Subject: [PATCH 10/17] fix(bootloader): explicitly enable watchdog was enabled as long as `watchdog0` was an existing label. now, kconfig has to be enabled Signed-off-by: Cyril Fougeray --- bootloader/prj.conf | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/bootloader/prj.conf b/bootloader/prj.conf index e649bcf8..9baf9efd 100644 --- a/bootloader/prj.conf +++ b/bootloader/prj.conf @@ -19,17 +19,9 @@ CONFIG_BOOT_SWAP_SAVE_ENCTLV=n # do not store encrypted TLV CONFIG_BOOT_UPGRADE_ONLY=n CONFIG_BOOT_BOOTSTRAP=n -### mbedTLS has its own heap -# CONFIG_HEAP_MEM_POOL_SIZE is not set - -### We never want Zephyr's copy of tinycrypt. If tinycrypt is needed, -### MCUboot has its own copy in tree. -# CONFIG_TINYCRYPT is not set -# CONFIG_TINYCRYPT_ECC_DSA is not set -# CONFIG_TINYCRYPT_SHA256 is not set - CONFIG_FLASH=y -### Various Zephyr boards enable features that we don't want. -# CONFIG_BT is not set -# CONFIG_BT_CTLR is not set -# CONFIG_I2C is not set + +# watchdog set to 1000ms to be able to boot with signature verification +CONFIG_WATCHDOG=y +CONFIG_BOOT_WATCHDOG_FEED=y +CONFIG_IWDG_STM32_INITIAL_TIMEOUT=1000 From 6fe0bbeac083e462331a73b9bb2912dc1b00817b Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 29 Nov 2024 11:42:25 +0100 Subject: [PATCH 11/17] chore(watchdog): init right after device driver use sys_init to initialize watchdog callback cannot be set dynamically anymore, but weakly defined instead so that it can be overridden by user at compile time. Signed-off-by: Cyril Fougeray --- lib/errors/errors_tests.c | 9 +-------- lib/watchdog/Kconfig | 12 ++++++++++++ lib/watchdog/include/watchdog.h | 24 ++++++++++++++++++++---- lib/watchdog/watchdog.c | 26 ++++++++++++++++++++------ main_board/debug.conf | 2 -- main_board/prj.conf | 3 ++- main_board/src/main.c | 4 ++-- main_board/src/power/boot/boot.c | 6 ++++++ 8 files changed, 63 insertions(+), 23 deletions(-) diff --git a/lib/errors/errors_tests.c b/lib/errors/errors_tests.c index 20f68a6d..f83444a0 100644 --- a/lib/errors/errors_tests.c +++ b/lib/errors/errors_tests.c @@ -100,13 +100,6 @@ trigger_z_oops(void) } #endif -__maybe_unused static bool -watchdog_feed_callback(void) -{ - /* Deliberately prevent feeding the watchdog */ - return false; -} - void fatal_errors_trigger(enum error_case_e type) { @@ -160,7 +153,7 @@ fatal_errors_trigger(enum error_case_e type) #endif #ifdef CONFIG_ORB_LIB_WATCHDOG case FATAL_WATCHDOG: - (void)watchdog_init(watchdog_feed_callback); + watchdog_stop_feed(); break; #endif diff --git a/lib/watchdog/Kconfig b/lib/watchdog/Kconfig index 850708ed..986db03f 100644 --- a/lib/watchdog/Kconfig +++ b/lib/watchdog/Kconfig @@ -4,6 +4,18 @@ config ORB_LIB_WATCHDOG if ORB_LIB_WATCHDOG +config ORB_LIB_WATCHDOG_SYS_INIT + bool "Initialize watchdog in sys_init, when disabled (default) `watchdog_init()` must be explicitly called" + default n + +if ORB_LIB_WATCHDOG_SYS_INIT + +config ORB_LIB_WATCHDOG_INIT_PRIORITY + int "Watchdog initialization priority" + default 51 # KERNEL_INIT_PRIORITY_DEVICE + 1 + +endif + config ORB_LIB_THREAD_PRIORITY_WATCHDOG int "Watchdog thread priority" default 10 diff --git a/lib/watchdog/include/watchdog.h b/lib/watchdog/include/watchdog.h index a621491d..bb6e99a8 100644 --- a/lib/watchdog/include/watchdog.h +++ b/lib/watchdog/include/watchdog.h @@ -1,16 +1,32 @@ #pragma once #include + +/** + * @brief Perform checks to determine if watchdog should be fed + * + * Weakly defined function in `watchdog.c` that can be overridden by the user + */ +bool +watchdog_perform_checks(void); + +/** + * @brief Stop feeding the watchdog + */ +void +watchdog_stop_feed(void); + +#if !defined(CONFIG_ORB_LIB_WATCHDOG_SYS_INIT) + /** * Setup watchdog & spawn low-priority thread to reload the watchdog * - * @param callback Function to be called periodically to check if watchdog - * should be fed. Should return true to feed watchdog - * or false to not feed. * @retval 0 on success * @retval RET_ERROR_NOT_INITIALIZED on failure: watchdog peripheral not ready * or unable to install timeout * @retval RET_ERROR_ALREADY_INITIALIZED if already initialized */ int -watchdog_init(bool (*callback)(void)); +watchdog_init(void); + +#endif diff --git a/lib/watchdog/watchdog.c b/lib/watchdog/watchdog.c index ce918031..70989ccd 100644 --- a/lib/watchdog/watchdog.c +++ b/lib/watchdog/watchdog.c @@ -15,8 +15,6 @@ static volatile int wdt_channel_id = -1; static const struct device *const watchdog_dev = DEVICE_DT_GET(DT_ALIAS(watchdog0)); -static bool (*watchdog_callback)(void) = NULL; - #ifndef WATCHDOG_RELOAD_MS #define WATCHDOG_RELOAD_MS CONFIG_ORB_LIB_WATCHDOG_RELOAD_MS #endif @@ -25,13 +23,27 @@ BUILD_ASSERT(CONFIG_ORB_LIB_WATCHDOG_RELOAD_MS < CONFIG_ORB_LIB_WATCHDOG_TIMEOUT_MS, "Watchdog reload time must be less than watchdog timeout"); +static bool feed = true; + +__WEAK bool +watchdog_perform_checks(void) +{ + return true; +} + +void +watchdog_stop_feed(void) +{ + feed = false; +} + static void watchdog_thread() { while (wdt_channel_id >= 0) { // Allow null callback, // Don't rearrange due to short circuit rules, NULL check must be first - if ((watchdog_callback == NULL) || (watchdog_callback() == true)) { + if (feed && watchdog_perform_checks() == true) { wdt_feed(watchdog_dev, wdt_channel_id); } k_sleep(K_MSEC(WATCHDOG_RELOAD_MS)); @@ -41,7 +53,7 @@ watchdog_thread() } int -watchdog_init(bool (*callback)(void)) +watchdog_init(void) { int err_code; @@ -81,8 +93,6 @@ watchdog_init(bool (*callback)(void)) return RET_ERROR_NOT_INITIALIZED; } - watchdog_callback = callback; - k_thread_create(&watchdog_thread_data, stack_area, K_THREAD_STACK_SIZEOF(stack_area), (k_thread_entry_t)watchdog_thread, NULL, NULL, NULL, @@ -91,3 +101,7 @@ watchdog_init(bool (*callback)(void)) return RET_SUCCESS; } + +#if CONFIG_ORB_LIB_WATCHDOG_SYS_INIT +SYS_INIT(watchdog_init, POST_KERNEL, CONFIG_ORB_LIB_WATCHDOG_INIT_PRIORITY); +#endif diff --git a/main_board/debug.conf b/main_board/debug.conf index eb4448e9..39907a23 100644 --- a/main_board/debug.conf +++ b/main_board/debug.conf @@ -55,5 +55,3 @@ CONFIG_POWER_SEQUENCE_LOG_LEVEL_DBG=y # thread awareness # openOCD with Zephyr patch is needed CONFIG_DEBUG_THREAD_INFO=y - -CONFIG_ORB_LIB_WATCHDOG=n diff --git a/main_board/prj.conf b/main_board/prj.conf index 14f6df3f..446d76a3 100644 --- a/main_board/prj.conf +++ b/main_board/prj.conf @@ -86,8 +86,9 @@ CONFIG_ORB_LIB_UART_MESSAGING=y CONFIG_ORB_LIB_ERRORS=y CONFIG_ORB_LIB_DFU=y CONFIG_ORB_LIB_STORAGE=y -CONFIG_ORB_LIB_WATCHDOG=y CONFIG_WATCHDOG=y +CONFIG_ORB_LIB_WATCHDOG=y +CONFIG_ORB_LIB_WATCHDOG_SYS_INIT=y CONFIG_ORB_LIB_HEALTH_MONITORING=y CONFIG_ORB_LIB_LOGS_CAN=y # Same priority as CAN RX and TX threads to make sure other threads cannot block DFU diff --git a/main_board/src/main.c b/main_board/src/main.c index 1c7330d5..d0f7ded2 100644 --- a/main_board/src/main.c +++ b/main_board/src/main.c @@ -205,8 +205,8 @@ initialize(void) app_assert_init(app_assert_cb); -#if CONFIG_ORB_LIB_WATCHDOG - err_code = watchdog_init(NULL); +#if CONFIG_ORB_LIB_WATCHDOG && !(CONFIG_ORB_LIB_WATCHDOG_SYS_INIT) + err_code = watchdog_init(); ASSERT_SOFT(err_code); #endif diff --git a/main_board/src/power/boot/boot.c b/main_board/src/power/boot/boot.c index e9dd6a8b..c76651f3 100644 --- a/main_board/src/power/boot/boot.c +++ b/main_board/src/power/boot/boot.c @@ -632,6 +632,12 @@ app_init_state(void) return ret; } +#if CONFIG_ORB_LIB_WATCHDOG_SYS_INIT +BUILD_ASSERT(CONFIG_ORB_LIB_WATCHDOG_INIT_PRIORITY < + SYS_INIT_WAIT_FOR_BUTTON_PRESS_PRIORITY, + "Watchdog must be initialized before waiting for button press"); +#endif + SYS_INIT(app_init_state, POST_KERNEL, SYS_INIT_WAIT_FOR_BUTTON_PRESS_PRIORITY); #if defined(CONFIG_BOARD_DIAMOND_MAIN) From 39b82790f2dc96710c185d495fe275f76b03b4c6 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 29 Nov 2024 15:59:17 +0100 Subject: [PATCH 12/17] fix(build): update orb-messages (public), and nanopb fix the generation of proto files. cmake from orb-messages library is requesting to be linked into target. Plus, use target defined in zephyr cmake as a dependency. Signed-off-by: Cyril Fougeray --- main_board/CMakeLists.txt | 7 ------- west.yml | 7 ++++--- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/main_board/CMakeLists.txt b/main_board/CMakeLists.txt index 1c102394..6c0b2a54 100644 --- a/main_board/CMakeLists.txt +++ b/main_board/CMakeLists.txt @@ -170,14 +170,7 @@ zephyr_include_directories(config) zephyr_linker_sources(SECTIONS config/compact-logs.ld) # link with Zephyr modules below -# - modules/orb-protobuf-definitions: data format definitions and serializer/deserializer for messages between MCU, Jetson and Security MCU # - bootloader/mcuboot/boot/bootutil: public functions to access/modify mcuboot data from the application -if (CONFIG_ORB_MCU_MESSAGING_LIB) - zephyr_link_libraries(ORB_MCU_MESSAGING_LIB) - # dependency below doesn't have to be forced if using West but must be added when using CMake only - # to build zephyr_final - add_dependencies(app generate_proto_files) -endif () if (CONFIG_MCUBOOT_BOOTUTIL_LIB) # check path is absolute if (IS_ABSOLUTE ${CONFIG_MCUBOOT_SIGNATURE_KEY_FILE}) diff --git a/west.yml b/west.yml index 42503bd0..f2417169 100644 --- a/west.yml +++ b/west.yml @@ -22,10 +22,10 @@ manifest: remote: memfault revision: 1.17.0 - name: orb-messages - revision: d303b8ae88c96559b08336fdbcdcc55e3ea27698 + revision: 7efef8aa435c8278f77c67f9b746351d39eb754d path: modules/orb-messages/public - name: priv-orb-messages - revision: 24b1543547649818bc236ecb9a1ed5794b7f57d0 + revision: 9fab6ea3cc3b80937725489318cf8d84c50e45b8 path: modules/orb-messages groups: [internal] - name: plug-and-trust @@ -38,4 +38,5 @@ manifest: # by default, only public projects are built # if access is granted, enable internal projects # with `west config manifest.group-filter +internal` - group-filter: [-internal] + # `optional` is used to fetch nanopb from the Zephyr west manifest + group-filter: [-internal, +optional] From f43a635d41e105cb52242dfc66a6d18b9c31be7d Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 13 Dec 2024 15:36:03 +0100 Subject: [PATCH 13/17] fix(west): project in `orb/` by default (public) don't use `orb/public` was not causing issues so far but zephyr_module.py changed and isn't able to find the project repo for zephyr.meta generation it's important to note that this is only when the repo is used alone, without it's `private` counterpart. Signed-off-by: Cyril Fougeray --- .github/workflows/main.yml | 4 +-- .github/workflows/twister_native.yml | 6 ++--- .github/workflows/zephyr_build.yml | 25 +++++++++++++++---- CONTRIBUTING.md | 6 ++--- README.md | 16 ++++++------ bootloader/README.md | 4 +-- bootloader/prj.conf | 3 ++- main_board/README.md | 10 ++++---- main_board/prj.conf | 5 ++-- .../ir_camera_system/CMakeLists.txt | 4 +-- .../ir_camera_timer_settings/CMakeLists.txt | 4 +-- utils/docker/Makefile | 20 +++++++++------ 12 files changed, 64 insertions(+), 43 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index dd888dc8..95a1b173 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -12,7 +12,7 @@ jobs: uses: ./.github/workflows/zephyr_build.yml with: board: pearl_main - app_path: orb/public/main_board + app_path: orb/main_board secrets: gh_token: ${{ secrets.GIT_HUB_TOKEN }} @@ -21,6 +21,6 @@ jobs: uses: ./.github/workflows/zephyr_build.yml with: board: diamond_main - app_path: orb/public/main_board + app_path: orb/main_board secrets: gh_token: ${{ secrets.GIT_HUB_TOKEN }} diff --git a/.github/workflows/twister_native.yml b/.github/workflows/twister_native.yml index 312364f2..4b4da6a0 100644 --- a/.github/workflows/twister_native.yml +++ b/.github/workflows/twister_native.yml @@ -12,17 +12,17 @@ jobs: steps: - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin@v3 with: - path: "${{ github.job }}/orb/public" + path: "${{ github.job }}/orb" - name: Initialize West repo run: | cd ${{ github.job }} git config --global --add url."https://wc-cicd:${{ secrets.GIT_HUB_TOKEN }}@github.com/worldcoin/".insteadOf "git@github.com:worldcoin/" - cd orb && west init -l --mf public/west.yml . || echo "Ignoring west init error $?" # might be already initialized + cd orb && west init -l --mf west.yml . || echo "Ignoring west init error $?" # might be already initialized west update --narrow --fetch-opt=--depth=1 - name: Twister unit tests run: | cd ${{ github.job }} - if ! ./zephyr/scripts/twister -T orb/public/main_board -vv -c -p unit_testing; then + if ! ./zephyr/scripts/twister -T orb/main_board -vv -c -p unit_testing; then find twister-out/ \( -name 'build.log' -o -name 'handler.log' -o -name 'device.log' \) -exec cat {} \; false fi diff --git a/.github/workflows/zephyr_build.yml b/.github/workflows/zephyr_build.yml index 4ce21856..5ad6ec8e 100644 --- a/.github/workflows/zephyr_build.yml +++ b/.github/workflows/zephyr_build.yml @@ -24,16 +24,31 @@ jobs: steps: - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin@v3 with: - path: "${{ github.job }}/orb/public" + path: "${{ github.job }}/orb" - name: Initialize West repo run: | cd ${{ github.job }} git config --global --add url."https://wc-cicd:${{ secrets.gh_token }}@github.com/worldcoin/".insteadOf "git@github.com:worldcoin/" - cd orb && west init -l --mf public/west.yml . || echo "Ignoring west init error $?" # might be already initialized + cd orb && west init -l --mf west.yml . || echo "Ignoring west init error $?" # might be already initialized west update --narrow --fetch-opt=--depth=1 - name: Generate temporary signing keys locally - run: cd ${{ github.job }}/orb/public/utils/ota/ && ./generate_dev_keys + run: cd ${{ github.job }}/orb/utils/ota/ && ./generate_dev_keys - name: Build app - run: cd ${{ github.job }} && west build ${APP_PATH} -d ${APP_PATH}/build -b ${BOARD} -p -- -DCMAKE_BUILD_TYPE="Release" -DEXTRA_COMPILE_FLAGS=-Werror -DBUILD_FROM_CI=1 + run: | + cd ${{ github.job }} + PROJ_DIR=$(dirname $(west manifest --path)) + west build ${APP_PATH} -d ${APP_PATH}/build -b ${BOARD} -p -- \ + -DCMAKE_BUILD_TYPE="Release" \ + -DEXTRA_COMPILE_FLAGS=-Werror \ + -DBUILD_FROM_CI=1 \ + -DCONFIG_MCUBOOT_SIGNATURE_KEY_FILE=\"${PROJ_DIR}/utils/ota/root-ec-p256.pem\" \ + -DCONFIG_MCUBOOT_ENCRYPTION_KEY_FILE=\"${PROJ_DIR}/utils/ota/enc-ec256-pub.pem\" - name: Build bootloader - run: cd ${{ github.job }} && west build orb/public/bootloader -d orb/public/bootloader/build -b ${BOARD} -p -- -DCMAKE_BUILD_TYPE="Release" -DBUILD_FROM_CI=1 + run: | + cd ${{ github.job }} + PROJ_DIR=$(dirname $(west manifest --path)) + ENC_KEY_FILE="${PROJ_DIR}/utils/ota/enc-ec256-pub.pem" + west build orb/bootloader -d orb/bootloader/build -b ${BOARD} -p -- \ + -DCMAKE_BUILD_TYPE="Release" \ + -DBUILD_FROM_CI=1 \ + -DCONFIG_BOOT_SIGNATURE_KEY_FILE=\"${PROJ_DIR}/utils/ota/root-ec-p256.pem\" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5c3afeb4..7f3f07e7 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -15,7 +15,7 @@ the [conda environment](utils/env/environment.yml). Configure `pre-commit` using the config in the repo: ```shell -cd "$REPO_DIR"/orb/public +cd "$WEST_TOPDIR"/orb pre-commit install -c utils/format/pre-commit-config.yaml --hook-type commit-msg ``` @@ -24,13 +24,13 @@ pre-commit install -c utils/format/pre-commit-config.yaml --hook-type commit-msg Manually: ```shell -cd "$REPO_DIR"/orb/public && pre-commit run --all-files --config utils/format/pre-commit-config.yaml +cd "$WEST_TOPDIR"/orb && pre-commit run --all-files --config utils/format/pre-commit-config.yaml ``` Using Docker: ```shell -cd "$REPO_DIR"/orb/public/utils/docker +cd utils/docker make format ``` diff --git a/README.md b/README.md index 15bfabeb..4b199874 100644 --- a/README.md +++ b/README.md @@ -42,14 +42,14 @@ enumerated in the [west.yml](west.yml) file. 2. Create an empty directory where the projects and dependencies will be located. ```shell - export REPO_DIR=$HOME/firmware # or any other directory - mkdir "$REPO_DIR" + export WEST_TOPDIR=$HOME/firmware # or any other directory + mkdir "$WEST_TOPDIR" ``` 3. Clone the manifest repository using west. ```shell - cd "$REPO_DIR" + cd "$WEST_TOPDIR" west init -m --mr main ``` @@ -65,7 +65,7 @@ enumerated in the [west.yml](west.yml) file. 5. If you prefer to use Docker, you can use the provided [Dockerfile](utils/docker/Dockerfile). ```shell - cd "$REPO_DIR"/orb/public/utils/docker + cd utils/docker make build make shell ``` @@ -81,11 +81,11 @@ the [Zephyr getting started guide](https://docs.zephyrproject.org/latest/getting for [installing dependencies](https://docs.zephyrproject.org/latest/getting_started/index.html#install-dependencies). - Then: ```shell - pip3 install -r "$REPO_DIR"/zephyr/scripts/requirements.txt + pip3 install -r "$WEST_TOPDIR"/zephyr/scripts/requirements.txt ``` - Or install the Conda environment provided [here](utils/env/environment.yml). ```shell - conda env create -f orb/public/utils/env/environment.yml + conda env create -f orb/utils/env/environment.yml conda activate worldcoin ``` @@ -171,7 +171,7 @@ the [Zephyr getting started guide](https://docs.zephyrproject.org/latest/getting 10. Export CMake packages. ```shell -cd "$REPO_DIR" +cd "$WEST_TOPDIR" west zephyr-export ``` @@ -207,7 +207,7 @@ Print out the bootloader and main MCU application logs using: ```shell # replace /dev/ttyxxx with your UART device -python "$REPO_DIR"/orb/public/utils/debug/uart_dump.py -p /dev/ttyxxx -b 115200 +python "$WEST_TOPDIR"/orb/utils/debug/uart_dump.py -p /dev/ttyxxx -b 115200 ``` ## Contributing diff --git a/bootloader/README.md b/bootloader/README.md index 71d1959b..a3679625 100644 --- a/bootloader/README.md +++ b/bootloader/README.md @@ -7,9 +7,9 @@ First, follow the instructions in the [top-level README.md](../README.md). ## Compiling and Flashing If you don't have development keys already created locally, then run -`./generate_dev_keys` while in the directory `"$REPO_DIR"/orb/public/utils/ota/`. +`./generate_dev_keys` while in the directory `utils/ota/`. -Make sure you are in `"$REPO_DIR"/orb/public/bootloader/` directory. +Make sure you are in `"$WEST_TOPDIR"/orb/bootloader/` directory. Compile the bootloader for the main microcontroller: ```shell diff --git a/bootloader/prj.conf b/bootloader/prj.conf index 9baf9efd..fefa955d 100644 --- a/bootloader/prj.conf +++ b/bootloader/prj.conf @@ -11,7 +11,8 @@ CONFIG_GPIO=y # signature CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=y # path to signature key; must be relative to West top dir -CONFIG_BOOT_SIGNATURE_KEY_FILE="orb/public/utils/ota/root-ec-p256.pem" +# dev key, redefined for production +CONFIG_BOOT_SIGNATURE_KEY_FILE="orb/utils/ota/root-ec-p256.pem" # encryption CONFIG_BOOT_SWAP_SAVE_ENCTLV=n # do not store encrypted TLV diff --git a/main_board/README.md b/main_board/README.md index bc2981e5..e3f35caa 100644 --- a/main_board/README.md +++ b/main_board/README.md @@ -10,7 +10,7 @@ Once downloaded, `west` will check out this repository in the `orb` directory wi you want to work on the repo, make sure to check out the `main` branch and branch from there. ```shell -cd "$REPO_DIR"/orb/public/ +cd orb git remote add origin git fetch git checkout main @@ -29,14 +29,14 @@ Let's build and run the application, you have several options: > 💡 Important notes: > > - Firmware images are signed and encrypted. If you don't have development keys already created locally, then run -> `./generate_dev_keys` while in the directory `"$REPO_DIR"/orb/public/utils/ota/`. +> `./generate_dev_keys` while in the directory `utils/ota/`. > - Make sure to have the [bootloader built and flashed](../../bootloader/README.md) with the keys _before_ flashing the application. > - If you want to use the one-slot configuration (`-DDTC_OVERLAY_FILE=one_slot.overlay`) then the bootloader must have > been built with this option as well. #### With Makefile -- Go to `${REPO_DIR}/orb/public/utils/docker`. +- Go to `utils/docker`. - Run `make help` to see all options To Build: `make main_board-build` @@ -45,7 +45,7 @@ To Flash: `make mcu-flash` #### Manually -Make sure you are in `"$REPO_DIR"/orb/public/main_board` directory. Compile the app: +Make sure you are in `"$WEST_TOPDIR"/orb/main_board` directory. Compile the app: ```shell # 'west build' defaults to pearl_main and Debug build @@ -116,7 +116,7 @@ Twister can be used to compile and flash test configurations defined in `testcas with `pyocd` runner: ```shell -twister -vv -T . -A ./../../boards/ -p pearl_main -c --test orb/public/main_board/orb.hil \ +twister -vv -T . -A ./../../boards/ -p pearl_main -c --test orb/main_board/orb.hil \ --device-serial /dev/ttyXXX --device-testing --west-flash="-i=" ``` diff --git a/main_board/prj.conf b/main_board/prj.conf index 446d76a3..bc744c81 100644 --- a/main_board/prj.conf +++ b/main_board/prj.conf @@ -112,8 +112,9 @@ CONFIG_DYNAMIC_INTERRUPTS=y # Enable Zephyr application to be booted by MCUboot CONFIG_BOOTLOADER_MCUBOOT=y # Path to signature file. Must be absolute or relative to West top dir -CONFIG_MCUBOOT_SIGNATURE_KEY_FILE="orb/public/utils/ota/root-ec-p256.pem" -CONFIG_MCUBOOT_ENCRYPTION_KEY_FILE="orb/public/utils/ota/enc-ec256-pub.pem" +# dev key, redefined for production +CONFIG_MCUBOOT_SIGNATURE_KEY_FILE="orb/utils/ota/root-ec-p256.pem" +CONFIG_MCUBOOT_ENCRYPTION_KEY_FILE="orb/utils/ota/enc-ec256-pub.pem" CONFIG_MCUBOOT_BOOTUTIL_LIB=y CONFIG_BOOT_BANNER=n diff --git a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/CMakeLists.txt b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/CMakeLists.txt index 93605983..1769eccc 100644 --- a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/CMakeLists.txt +++ b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_system/CMakeLists.txt @@ -9,8 +9,8 @@ endif () find_package(Zephyr COMPONENTS unittest REQUIRED HINTS $ENV{ZEPHYR_BASE}) -set(ORB_DIR ${ZEPHYR_BASE}/../orb/public) -set(APP_DIR ${ORB_DIR}/main_board) +get_filename_component(APP_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../../../../.." ABSOLUTE) +get_filename_component(ORB_DIR "${APP_DIR}/.." ABSOLUTE) target_include_directories(testbinary PRIVATE mock_include diff --git a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/CMakeLists.txt b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/CMakeLists.txt index f515e331..5cdb35f3 100644 --- a/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/CMakeLists.txt +++ b/main_board/src/optics/ir_camera_system/unit_tests/ir_camera_timer_settings/CMakeLists.txt @@ -9,8 +9,8 @@ endif () find_package(Zephyr COMPONENTS unittest REQUIRED HINTS $ENV{ZEPHYR_BASE}) -set(ORB_DIR ${ZEPHYR_BASE}/../orb/public) -set(APP_DIR ${ORB_DIR}/main_board) +get_filename_component(APP_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../../../../.." ABSOLUTE) +get_filename_component(ORB_DIR "${APP_DIR}/.." ABSOLUTE) target_include_directories(testbinary PRIVATE mock_include diff --git a/utils/docker/Makefile b/utils/docker/Makefile index e048f5bd..f221ceb7 100644 --- a/utils/docker/Makefile +++ b/utils/docker/Makefile @@ -1,6 +1,10 @@ # Use DOCKER_TAG if passed in from command line DOCKER_IMAGE_NAME := orb-mcu-firmware-builder$(if $(DOCKER_TAG),:$(DOCKER_TAG),:local) +# Get the project root directory +WEST_YAML := $(shell west manifest --path) +PROJ_DIR := $(dirname $(WEST_YAML)) + ifneq ($(filter help all build,$(MAKECMDGOALS)),) .PHONY: help @@ -24,8 +28,8 @@ help: @:$(info ) @:$(info Examples:) @:$(info ) - @:$(info make main_mcu-build REPO_DIR=/home/$USER/firmware) - @:$(info make main_mcu-tests REPO_DIR=/home/$USER/firmware) + @:$(info make main_mcu-build WEST_TOPDIR=/home/$USER/firmware) + @:$(info make main_mcu-tests WEST_TOPDIR=/home/$USER/firmware) .PHONY: all build all build: .docker_image_built @@ -36,8 +40,8 @@ all build: .docker_image_built else -ifndef REPO_DIR -REPO_DIR := $(shell west topdir) +ifndef WEST_TOPDIR +WEST_TOPDIR := $(shell west topdir) endif ifdef BOARD @@ -64,18 +68,18 @@ shell: mcu-build: $(DOCKER_CMD) /bin/bash -c -- \ - 'cd $(REPO_DIR)/orb/public/main_board && west build $(BOARD_CMD)' + 'cd $(PROJ_DIR)/main_board && west build $(BOARD_CMD)' mcu-flash: $(DOCKER_CMD) /bin/bash -c -- \ - 'cd $(REPO_DIR)/orb/public/main_board && west build $(BOARD_CMD) && su-exec root west flash' + 'cd $(PROJ_DIR)/main_board && west build $(BOARD_CMD) && su-exec root west flash' mcu-clean: - cd $(REPO_DIR)/orb/main_board && rm -rf build + cd $(WEST_TOPDIR)/orb/main_board && rm -rf build mcu-tests: $(DOCKER_CMD) /bin/bash -c -- \ - 'source $(REPO_DIR)/zephyr/zephyr-env.sh && cd $(REPO_DIR)/orb/main_board && twister -T . -vv -c -p native_posix_64' + 'source $(WEST_TOPDIR)/zephyr/zephyr-env.sh && cd $(PROJ_DIR)/main_board && twister -T . -vv -c -p native_posix_64' .PHONY: format format: From 78e3197b4c6bd32da30c56c1ee6801dfaf5a4580 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Tue, 17 Dec 2024 10:28:22 +0100 Subject: [PATCH 14/17] feat(cmake): load private config with cmake package when found, the cmake package `McuPrivate` is used to load custom configs. Allow a single point of entry for private configs, which is simpler to maintain and understand. Signed-off-by: Cyril Fougeray --- bootloader/CMakeLists.txt | 11 ++++++----- main_board/CMakeLists.txt | 15 ++++++--------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/bootloader/CMakeLists.txt b/bootloader/CMakeLists.txt index d9f34cb2..fec7910e 100644 --- a/bootloader/CMakeLists.txt +++ b/bootloader/CMakeLists.txt @@ -1,4 +1,5 @@ cmake_minimum_required(VERSION 3.20.0) +set(TARGET bootloader) if ("${CMAKE_BUILD_TYPE}" STREQUAL "Release") message(STATUS "⚡️ Maximum optimization for size") @@ -60,11 +61,11 @@ message(STATUS "Workspace directory: ${WORKSPACE_DIR}") list(APPEND BOARD_ROOT ${PROJECT_DIR}) list(APPEND DTS_ROOT ${PROJECT_DIR}) -set(SEC_BOARD_ROOT ${WORKSPACE_DIR}/orb/private) -if (EXISTS ${SEC_BOARD_ROOT}) - list(APPEND BOARD_ROOT ${SEC_BOARD_ROOT}) - list(APPEND DTS_ROOT ${SEC_BOARD_ROOT}) -endif () +# Load private & custom board configuration. +# Private config is not available publicly as the name suggests. +# The package is thus optional. +list(APPEND CMAKE_MODULE_PATH ${WORKSPACE_DIR}/orb/private/utils/cmake) +find_package(McuPrivate) # find_package(Zephyr) in order to load application boilerplate: # http://docs.zephyrproject.org/application/application.html diff --git a/main_board/CMakeLists.txt b/main_board/CMakeLists.txt index 6c0b2a54..109d8b16 100644 --- a/main_board/CMakeLists.txt +++ b/main_board/CMakeLists.txt @@ -47,18 +47,15 @@ elseif ("$ENV{ORB}" STREQUAL "diamond") set(ENV{BOARD} diamond_main) endif () -# Load board before Zephyr loads it to get some custom/private board configuration. -# Private config is not available publicly as the name suggests and contains -# paths to private keys. -cmake_parse_arguments(CACHE_VAR "REQUIRED;WATCH" "" "" BOARD) -set (PRIV_CONF_FILE ${WORKSPACE_DIR}/orb/private/${BOARD}.conf) -if (EXISTS ${PRIV_CONF_FILE}) - message(STATUS "Using private board configuration file: ${PRIV_CONF_FILE}") - list(APPEND EXTRA_CONF_FILE ${PRIV_CONF_FILE}) -endif () list(APPEND BOARD_ROOT ${PROJECT_DIR}) list(APPEND DTS_ROOT ${PROJECT_DIR}) +# Load private & custom board configuration. +# Private config is not available publicly as the name suggests. +# The package is thus optional. +list(APPEND CMAKE_MODULE_PATH ${WORKSPACE_DIR}/orb/private/utils/cmake) +find_package(McuPrivate) + # Add a common dts overlay necessary to ensure the app is linked into, # and fits inside, the slot0 partition. (If the user specified a # DTC_OVERLAY_FILE on the CMake command line, we need to append onto From e74a4f4ab87db10997d0e597f831a9adede628d8 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Mon, 23 Dec 2024 12:40:43 +0100 Subject: [PATCH 15/17] fix(adc-internal): set internal path for vbat, vref and die temp internal routing is now set in specific drivers that we don't use, as we use the adc drivers to get vbat, vref and die temperature. so we need so hardcode the configuration. Signed-off-by: Cyril Fougeray --- main_board/src/optics/liquid_lens/liquid_lens.c | 7 +++++++ .../src/voltage_measurement/voltage_measurement.c | 11 +++++++++++ 2 files changed, 18 insertions(+) diff --git a/main_board/src/optics/liquid_lens/liquid_lens.c b/main_board/src/optics/liquid_lens/liquid_lens.c index 04e83ff3..438b7949 100644 --- a/main_board/src/optics/liquid_lens/liquid_lens.c +++ b/main_board/src/optics/liquid_lens/liquid_lens.c @@ -386,6 +386,13 @@ liquid_lens_init(const orb_mcu_Hardware *hw_version) } } + /* /!\ hardcoded */ + /* Do not remove existing paths so read value first */ + uint32_t path = + LL_ADC_GetCommonPathInternalCh(__LL_ADC_COMMON_INSTANCE(ADC3)); + LL_ADC_SetCommonPathInternalCh(__LL_ADC_COMMON_INSTANCE(ADC3), + path | LL_ADC_PATH_INTERNAL_VREFINT); + thread_id = k_thread_create(&liquid_lens_thread_data, liquid_lens_stack_area, K_THREAD_STACK_SIZEOF(liquid_lens_stack_area), diff --git a/main_board/src/voltage_measurement/voltage_measurement.c b/main_board/src/voltage_measurement/voltage_measurement.c index b25d6e15..d793a7c8 100644 --- a/main_board/src/voltage_measurement/voltage_measurement.c +++ b/main_board/src/voltage_measurement/voltage_measurement.c @@ -1050,6 +1050,17 @@ voltage_measurement_init(const orb_mcu_Hardware *hw_version, } } + /* /!\ hardcoded */ + /* Do not remove existing paths so read value first */ + uint32_t path = + LL_ADC_GetCommonPathInternalCh(__LL_ADC_COMMON_INSTANCE(ADC1)); + LL_ADC_SetCommonPathInternalCh(__LL_ADC_COMMON_INSTANCE(ADC1), + path | LL_ADC_PATH_INTERNAL_TEMPSENSOR | + LL_ADC_PATH_INTERNAL_VBAT); + path = LL_ADC_GetCommonPathInternalCh(__LL_ADC_COMMON_INSTANCE(ADC5)); + LL_ADC_SetCommonPathInternalCh(__LL_ADC_COMMON_INSTANCE(ADC5), + path | LL_ADC_PATH_INTERNAL_VREFINT); + k_tid_t tid_adc1 = k_thread_create( &voltage_measurement_adc1_thread_data, voltage_measurement_adc1_thread_stack, From 41290be1909588af3115a34cb8df9076d9f24f3e Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Mon, 6 Jan 2025 16:03:49 +0100 Subject: [PATCH 16/17] feat(bootloader): keep difference to original mcuboot project minimal disable formatter for CMakeLists.txt rename dts.overlay to app.overlay copy-pasted all files from original project encryption enabled in release builds only Signed-off-by: Cyril Fougeray --- .github/workflows/zephyr_build.yml | 4 +- bootloader/CMakeLists.txt | 738 +++++++++++++----- bootloader/{dts.overlay => app.overlay} | 0 bootloader/boards/diamond_main.conf | 4 - bootloader/include/boot_serial/boot_serial.ld | 9 + .../boot_serial/boot_serial_extensions.h | 41 + bootloader/include/io/io.h | 90 +++ bootloader/kernel/banner.c | 49 ++ bootloader/prj.conf | 6 +- bootloader/release.conf | 4 + bootloader/src/flash_check.c | 54 ++ bootloader/src/io.c | 223 ++++++ bootloader/src/shared_data.c | 124 +++ 13 files changed, 1129 insertions(+), 217 deletions(-) rename bootloader/{dts.overlay => app.overlay} (100%) delete mode 100644 bootloader/boards/diamond_main.conf create mode 100644 bootloader/include/boot_serial/boot_serial.ld create mode 100644 bootloader/include/boot_serial/boot_serial_extensions.h create mode 100644 bootloader/include/io/io.h create mode 100644 bootloader/kernel/banner.c create mode 100644 bootloader/src/flash_check.c create mode 100644 bootloader/src/io.c create mode 100644 bootloader/src/shared_data.c diff --git a/.github/workflows/zephyr_build.yml b/.github/workflows/zephyr_build.yml index 5ad6ec8e..e94dff11 100644 --- a/.github/workflows/zephyr_build.yml +++ b/.github/workflows/zephyr_build.yml @@ -47,8 +47,8 @@ jobs: run: | cd ${{ github.job }} PROJ_DIR=$(dirname $(west manifest --path)) - ENC_KEY_FILE="${PROJ_DIR}/utils/ota/enc-ec256-pub.pem" west build orb/bootloader -d orb/bootloader/build -b ${BOARD} -p -- \ -DCMAKE_BUILD_TYPE="Release" \ -DBUILD_FROM_CI=1 \ - -DCONFIG_BOOT_SIGNATURE_KEY_FILE=\"${PROJ_DIR}/utils/ota/root-ec-p256.pem\" + -DCONFIG_BOOT_SIGNATURE_KEY_FILE=\"${PROJ_DIR}/utils/ota/root-ec-p256.pem\" \ + -DCONFIG_BOOT_ENCRYPTION_KEY_FILE=\"${PROJ_DIR}/utils/ota/enc-ec256-priv.pem\" diff --git a/bootloader/CMakeLists.txt b/bootloader/CMakeLists.txt index fec7910e..26ddf3cc 100644 --- a/bootloader/CMakeLists.txt +++ b/bootloader/CMakeLists.txt @@ -1,4 +1,16 @@ -cmake_minimum_required(VERSION 3.20.0) +# CMakeLists.txt for building mcuboot as a Zephyr project +# +# Copyright (c) 2017 Open Source Foundries Limited +# Copyright (c) 2023 Nordic Semiconductor ASA +# Copyright (c) 2025 Tools for Humanity +# +# SPDX-License-Identifier: Apache-2.0 + +# To keep differences with the original mcuboot CMakeLists.txt file minimal +# turn off formatting +# @formatter:off + +cmake_minimum_required(VERSION 3.13.1) set(TARGET bootloader) if ("${CMAKE_BUILD_TYPE}" STREQUAL "Release") @@ -6,7 +18,7 @@ if ("${CMAKE_BUILD_TYPE}" STREQUAL "Release") add_compile_options(-Os) # Add configuration file to overwrite debug configuration - set(OVERLAY_CONFIG "release.conf") + list(APPEND EXTRA_CONF_FILE "release.conf") else () message(STATUS "🧐 Minimal optimization, logging enabled") add_compile_definitions(DEBUG) @@ -18,32 +30,13 @@ endif () # the list). if (DTC_OVERLAY_FILE) set(DTC_OVERLAY_FILE - "${DTC_OVERLAY_FILE} ${CMAKE_CURRENT_LIST_DIR}/dts.overlay" + "${DTC_OVERLAY_FILE} ${CMAKE_CURRENT_LIST_DIR}/app.overlay" CACHE STRING "" FORCE ) else () - set(DTC_OVERLAY_FILE ${CMAKE_CURRENT_LIST_DIR}/dts.overlay) + set(DTC_OVERLAY_FILE ${CMAKE_CURRENT_LIST_DIR}/app.overlay) endif () -# Enable Zephyr runner options which request mass erase if so -# configured. -# -# Note that this also disables the default "leave" option when -# targeting STM32 DfuSe devices with dfu-util, making the chip stay in -# the bootloader after flashing. -# -# That's the right thing, because mcuboot has nothing to do since the -# chip was just erased. The next thing the user is going to want to do -# is flash the application. (Developers can reset DfuSE devices -# manually to test mcuboot behavior on an otherwise erased flash -# device.) -macro(app_set_runner_args) - if (CONFIG_ZEPHYR_TRY_MASS_ERASE) - board_runner_args(dfu-util "--dfuse-modifiers=force:mass-erase") - board_runner_args(pyocd "--flash-opt=-e=chip") - board_runner_args(nrfjprog "--erase") - endif () -endmacro() # Get our custom boards definitions before loading Zephyr get_filename_component(PROJECT_DIR ${CMAKE_CURRENT_SOURCE_DIR} DIRECTORY) @@ -72,11 +65,10 @@ find_package(McuPrivate) find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) project(orb-mcu-bootloader) -# Path to mcuboot -set(MCUBOOT_DIR $ENV{ZEPHYR_BASE}/../bootloader/mcuboot) -# Path to "boot" subdirectory of mcuboot repository. -set(BOOT_DIR ${MCUBOOT_DIR}/boot) - +# Path to "boot" subdirectory of mcuboot repository root. +set(BOOT_DIR $ENV{ZEPHYR_BASE}/../bootloader/mcuboot/boot) +# Path to top-level repository root directory. +get_filename_component(MCUBOOT_DIR ${BOOT_DIR} DIRECTORY) # Path to tinycrypt library source subdirectory of MCUBOOT_DIR. set(TINYCRYPT_DIR "${MCUBOOT_DIR}/ext/tinycrypt/lib") assert_exists(TINYCRYPT_DIR) @@ -90,223 +82,551 @@ set(MBEDTLS_ASN1_DIR "${MCUBOOT_DIR}/ext/mbedtls-asn1") assert_exists(MBEDTLS_ASN1_DIR) zephyr_library_include_directories( - include -) + include + ) # Zephyr port-specific sources. zephyr_library_sources( - src/main.c - src/flash_map_extended.c - src/os.c - src/keys.c + src/main.c + src/io.c + src/flash_map_extended.c + src/os.c + src/keys.c ) -if (NOT DEFINED CONFIG_FLASH_PAGE_LAYOUT) +if(DEFINED CONFIG_ENABLE_MGMT_PERUSER) + zephyr_library_sources( + boot_serial_extensions.c + ) + + zephyr_linker_sources_ifdef( + CONFIG_ENABLE_MGMT_PERUSER + SECTIONS include/boot_serial/boot_serial.ld + ) + + if(DEFINED CONFIG_BOOT_MGMT_CUSTOM_STORAGE_ERASE OR DEFINED CONFIG_BOOT_MGMT_CUSTOM_IMG_LIST) zephyr_library_sources( - src/flash_map_legacy.c + boot_serial_extension_zephyr_basic.c + ) + endif() +endif() + +if(NOT DEFINED CONFIG_FLASH_PAGE_LAYOUT) + zephyr_library_sources( + flash_map_legacy.c ) -endif () +endif() + +if(DEFINED CONFIG_BOOT_SHARE_BACKEND_RETENTION) + zephyr_library_sources( + src/shared_data.c + ) +endif() # Generic bootutil sources and includes. zephyr_library_include_directories(${BOOT_DIR}/bootutil/include) zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/image_validate.c - ${BOOT_DIR}/bootutil/src/tlv.c - ${BOOT_DIR}/bootutil/src/encrypted.c - ${BOOT_DIR}/bootutil/src/image_rsa.c - ${BOOT_DIR}/bootutil/src/image_ecdsa.c - ${BOOT_DIR}/bootutil/src/image_ed25519.c - ${BOOT_DIR}/bootutil/src/bootutil_misc.c - ${BOOT_DIR}/bootutil/src/fault_injection_hardening.c -) + ${BOOT_DIR}/bootutil/src/image_validate.c + ${BOOT_DIR}/bootutil/src/tlv.c + ${BOOT_DIR}/bootutil/src/encrypted.c + ${BOOT_DIR}/bootutil/src/image_rsa.c + ${BOOT_DIR}/bootutil/src/image_ecdsa.c + ${BOOT_DIR}/bootutil/src/image_ed25519.c + ${BOOT_DIR}/bootutil/src/bootutil_misc.c + ${BOOT_DIR}/bootutil/src/fault_injection_hardening.c + ) + +if(DEFINED CONFIG_MEASURED_BOOT OR DEFINED CONFIG_BOOT_SHARE_DATA) + zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/boot_record.c + ) + + # Set a define for this file which will allow inclusion of the Zephyr version + # include file + set_source_files_properties( + ${BOOT_DIR}/bootutil/src/boot_record.c + PROPERTIES COMPILE_FLAGS -DZEPHYR_VER_INCLUDE=1 + ) +endif() # library which might be common source code for MCUBoot and an application zephyr_link_libraries(MCUBOOT_BOOTUTIL) -if (CONFIG_BOOT_FIH_PROFILE_HIGH) - zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c - ) -endif () +if(CONFIG_BOOT_FIH_PROFILE_HIGH) +zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c + ) +endif() -if (CONFIG_SINGLE_APPLICATION_SLOT) - zephyr_library_sources( - ${BOOT_DIR}/zephyr/single_loader.c +if(CONFIG_SINGLE_APPLICATION_SLOT) +zephyr_library_sources( + ${BOOT_DIR}/zephyr/single_loader.c + ) +zephyr_library_include_directories(${BOOT_DIR}/bootutil/src) +elseif(CONFIG_BOOT_FIRMWARE_LOADER) +zephyr_library_sources( + ${BOOT_DIR}/zephyr/firmware_loader.c + ) +zephyr_library_include_directories(${BOOT_DIR}/bootutil/src) +else() +zephyr_library_sources( + ${BOOT_DIR}/bootutil/src/loader.c + ${BOOT_DIR}/bootutil/src/swap_misc.c + ${BOOT_DIR}/bootutil/src/swap_scratch.c + ${BOOT_DIR}/bootutil/src/swap_move.c + ${BOOT_DIR}/bootutil/src/caps.c + ) +endif() + +if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256) + zephyr_library_include_directories( + ${MBEDTLS_ASN1_DIR}/include ) - zephyr_library_include_directories(${BOOT_DIR}/bootutil/src) -else () - zephyr_library_sources( - ${BOOT_DIR}/bootutil/src/loader.c - ${BOOT_DIR}/bootutil/src/swap_misc.c - ${BOOT_DIR}/bootutil/src/swap_scratch.c - ${BOOT_DIR}/bootutil/src/swap_move.c - ${BOOT_DIR}/bootutil/src/caps.c + zephyr_library_sources( + # Additionally pull in just the ASN.1 parser from mbedTLS. + ${MBEDTLS_ASN1_DIR}/src/asn1parse.c + ${MBEDTLS_ASN1_DIR}/src/platform_util.c ) -endif () + if(CONFIG_BOOT_USE_TINYCRYPT) + # When using ECDSA signatures, pull in our copy of the tinycrypt library. + zephyr_library_include_directories( + ${BOOT_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include + ) + zephyr_include_directories(${TINYCRYPT_DIR}/include) -if (CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256) - zephyr_library_include_directories( - ${MBEDTLS_ASN1_DIR}/include + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/ecc.c + ${TINYCRYPT_DIR}/source/ecc_dsa.c + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c ) - zephyr_library_sources( - # Additionally pull in just the ASN.1 parser from mbedTLS. - ${MBEDTLS_ASN1_DIR}/src/asn1parse.c - ${MBEDTLS_ASN1_DIR}/src/platform_util.c + elseif(CONFIG_BOOT_USE_NRF_CC310_BL) + zephyr_library_sources(${NRF_DIR}/cc310_glue.c) + zephyr_library_include_directories(${NRF_DIR}) + zephyr_link_libraries(nrfxlib_crypto) + endif() + + # Since here we are not using Zephyr's mbedTLS but rather our own, we need + # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this + # variable is set by its Kconfig in the Zephyr codebase. + zephyr_library_compile_definitions( + MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h" ) - if (CONFIG_BOOT_USE_TINYCRYPT) - # When using ECDSA signatures, pull in our copy of the tinycrypt library. - zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include - ) - zephyr_include_directories(${TINYCRYPT_DIR}/include) - - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/ecc.c - ${TINYCRYPT_DIR}/source/ecc_dsa.c - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c - ) - endif () - - # Since here we are not using Zephyr's mbedTLS but rather our own, we need - # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this - # variable is set by its Kconfig in the Zephyr codebase. - zephyr_library_compile_definitions( - MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h" - ) -elseif (CONFIG_BOOT_SIGNATURE_TYPE_NONE) - zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include +elseif(CONFIG_BOOT_SIGNATURE_TYPE_NONE) + zephyr_library_include_directories( + ${BOOT_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include ) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c ) -elseif (CONFIG_BOOT_SIGNATURE_TYPE_RSA) - # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file - # is set using Kconfig.) +elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA) + # Use mbedTLS provided by Zephyr for RSA signatures. (Its config file + # is set using Kconfig.) + zephyr_include_directories(include) + if(CONFIG_BOOT_ENCRYPT_RSA) + set_source_files_properties( + ${BOOT_DIR}/bootutil/src/encrypted.c + PROPERTIES + INCLUDE_DIRECTORIES ${ZEPHYR_MBEDTLS_MODULE_DIR}/library + ) + endif() +elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519) + if(CONFIG_BOOT_USE_TINYCRYPT) + zephyr_library_include_directories( + ${MBEDTLS_ASN1_DIR}/include + ${BOOT_DIR}/zephyr/include + ${TINYCRYPT_DIR}/include + ${TINYCRYPT_SHA512_DIR}/include + ) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/sha256.c + ${TINYCRYPT_DIR}/source/utils.c + ${TINYCRYPT_SHA512_DIR}/source/sha512.c + # Additionally pull in just the ASN.1 parser from mbedTLS. + ${MBEDTLS_ASN1_DIR}/src/asn1parse.c + ${MBEDTLS_ASN1_DIR}/src/platform_util.c + ) + zephyr_library_compile_definitions( + MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h" + ) + else() zephyr_include_directories(include) -elseif (CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519) - if (CONFIG_BOOT_USE_TINYCRYPT) - zephyr_library_include_directories( - ${MBEDTLS_ASN1_DIR}/include - ${BOOT_DIR}/zephyr/include - ${TINYCRYPT_DIR}/include - ${TINYCRYPT_SHA512_DIR}/include - ) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/sha256.c - ${TINYCRYPT_DIR}/source/utils.c - ${TINYCRYPT_SHA512_DIR}/source/sha512.c - # Additionally pull in just the ASN.1 parser from mbedTLS. - ${MBEDTLS_ASN1_DIR}/src/asn1parse.c - ${MBEDTLS_ASN1_DIR}/src/platform_util.c - ) - zephyr_library_compile_definitions( - MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h" - ) - else () - zephyr_include_directories(include) - endif () + endif() - zephyr_library_include_directories( - ${BOOT_DIR}/zephyr/include - ${FIAT_DIR}/include/ + zephyr_library_include_directories( + ${BOOT_DIR}/zephyr/include + ${FIAT_DIR}/include/ + ) + + zephyr_library_sources( + ${FIAT_DIR}/src/curve25519.c + ) +endif() + +if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/aes_encrypt.c + ${TINYCRYPT_DIR}/source/aes_decrypt.c + ${TINYCRYPT_DIR}/source/ctr_mode.c + ${TINYCRYPT_DIR}/source/hmac.c + ${TINYCRYPT_DIR}/source/ecc_dh.c ) +endif() - zephyr_library_sources( - ${FIAT_DIR}/src/curve25519.c +if(CONFIG_BOOT_ENCRYPT_EC256) + zephyr_library_sources( + ${TINYCRYPT_DIR}/source/ecc_dh.c ) -endif () +endif() -if (CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519) - zephyr_library_sources( - ${TINYCRYPT_DIR}/source/aes_encrypt.c - ${TINYCRYPT_DIR}/source/aes_decrypt.c - ${TINYCRYPT_DIR}/source/ctr_mode.c - ${TINYCRYPT_DIR}/source/hmac.c - ${TINYCRYPT_DIR}/source/ecc_dh.c +if(CONFIG_MCUBOOT_SERIAL) + message(ERROR "Serial is not an option for us") + # keep below to keep differences small with original mcuboot CMakeLists.txt + zephyr_sources(${BOOT_DIR}/zephyr/serial_adapter.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/boot_serial.c) + zephyr_sources(${BOOT_DIR}/boot_serial/src/zcbor_bulk.c) + + zephyr_include_directories(${BOOT_DIR}/bootutil/include) + zephyr_include_directories(${BOOT_DIR}/boot_serial/include) + zephyr_include_directories(include) + + zephyr_include_directories_ifdef( + CONFIG_BOOT_ERASE_PROGRESSIVELY + ${BOOT_DIR}/bootutil/src ) -endif () -if (CONFIG_BOOT_ENCRYPT_EC256) + if(CONFIG_BOOT_ENCRYPT_IMAGE) zephyr_library_sources( - ${TINYCRYPT_DIR}/source/ecc_dh.c + ${BOOT_DIR}/boot_serial/src/boot_serial_encryption.c ) -endif () + endif() +endif() -if (CONFIG_MCUBOOT_SERIAL) - message(ERROR "Serial is not an option for us") -endif () +if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "") + # CONF_FILE points to the KConfig configuration files of the bootloader. + foreach (filepath ${CONF_FILE}) + file(READ ${filepath} temp_text) + string(FIND "${temp_text}" ${CONFIG_BOOT_SIGNATURE_KEY_FILE} match) + if (${match} GREATER_EQUAL 0) + if (NOT DEFINED CONF_DIR) + get_filename_component(CONF_DIR ${filepath} DIRECTORY) + else() + message(FATAL_ERROR "Signature key file defined in multiple conf files") + endif() + endif() + endforeach() + + if(IS_ABSOLUTE ${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + set(KEY_FILE ${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + elseif((DEFINED CONF_DIR) AND + (EXISTS ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})) + set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + else() + set(KEY_FILE ${WORKSPACE_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) + endif() + message("MCUBoot bootloader key file: ${KEY_FILE}") + + set(GENERATED_PUBKEY ${ZEPHYR_BINARY_DIR}/autogen-pubkey.c) + add_custom_command( + OUTPUT ${GENERATED_PUBKEY} + COMMAND + ${PYTHON_EXECUTABLE} + ${MCUBOOT_DIR}/scripts/imgtool.py + getpub + -k + ${KEY_FILE} + > ${GENERATED_PUBKEY} + DEPENDS ${KEY_FILE} + ) + zephyr_library_sources(${GENERATED_PUBKEY}) +endif() -if (NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "") - # CONF_FILE points to the KConfig configuration files of the bootloader. - foreach (filepath ${CONF_FILE}) - file(READ ${filepath} temp_text) - string(FIND "${temp_text}" ${CONFIG_BOOT_SIGNATURE_KEY_FILE} match) - if (${match} GREATER_EQUAL 0) - if (NOT DEFINED CONF_DIR) - get_filename_component(CONF_DIR ${filepath} DIRECTORY) - else () - message(FATAL_ERROR "Signature key file defined in multiple conf files") - endif () - endif () - endforeach () - - if (IS_ABSOLUTE ${CONFIG_BOOT_SIGNATURE_KEY_FILE}) - set(KEY_FILE ${CONFIG_BOOT_SIGNATURE_KEY_FILE}) - elseif ((DEFINED CONF_DIR) AND - (EXISTS ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})) - set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) - else () - set(KEY_FILE ${WORKSPACE_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE}) - endif () - message("MCUBoot bootloader signature key file: ${KEY_FILE}") - - set(GENERATED_PUBKEY ${ZEPHYR_BINARY_DIR}/autogen-pubkey.c) - add_custom_command( - OUTPUT ${GENERATED_PUBKEY} - COMMAND - ${PYTHON_EXECUTABLE} - ${MCUBOOT_DIR}/scripts/imgtool.py - getpub - -k - ${KEY_FILE} - > ${GENERATED_PUBKEY} - DEPENDS ${KEY_FILE} +if(CONFIG_BOOT_ENCRYPTION_KEY_FILE AND NOT CONFIG_BOOT_ENCRYPTION_KEY_FILE STREQUAL "") + # CONF_FILE points to the KConfig configuration files of the bootloader. + unset(CONF_DIR) + foreach(filepath ${CONF_FILE}) + file(READ ${filepath} temp_text) + string(FIND "${temp_text}" ${CONFIG_BOOT_ENCRYPTION_KEY_FILE} match) + if(${match} GREATER_EQUAL 0) + if(NOT DEFINED CONF_DIR) + get_filename_component(CONF_DIR ${filepath} DIRECTORY) + else() + message(FATAL_ERROR "Encryption key file defined in multiple conf files") + endif() + endif() + endforeach() + + if(IS_ABSOLUTE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) + set(KEY_FILE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) + elseif((DEFINED CONF_DIR) AND + (EXISTS ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE})) + set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) + else() + set(KEY_FILE ${WORKSPACE_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE}) + endif() + message("MCUBoot bootloader encryption key file: ${KEY_FILE}") + + set(GENERATED_ENCKEY ${ZEPHYR_BINARY_DIR}/autogen-enckey.c) + add_custom_command( + OUTPUT ${GENERATED_ENCKEY} + COMMAND + ${PYTHON_EXECUTABLE} + ${MCUBOOT_DIR}/scripts/imgtool.py + getpriv + -k + ${KEY_FILE} + > ${GENERATED_ENCKEY} + DEPENDS ${KEY_FILE} ) - zephyr_library_sources(${GENERATED_PUBKEY}) -endif () + zephyr_library_sources(${GENERATED_ENCKEY}) +endif() -# Create C file embedding the encryption private key -# based on PEM file containing the private key -# PEM file should NOT be tracked using Git -# Make sure to recreate the same PEM file based on the same private key -if (CONFIG_BOOT_ENCRYPT_EC256) - # use environment variable if it exists - if (DEFINED ENV{ENC_KEY_FILE}) - set(ENC_KEY_FILE $ENV{ENC_KEY_FILE}) - else () - set(ENC_KEY_FILE ${PROJECT_DIR}/utils/ota/enc-ec256-priv.pem) - endif () - - if (NOT EXISTS ${ENC_KEY_FILE}) - message(FATAL_ERROR "Cannot find private key file, you can generate local dev keys by running 'generate_dev_keys' script") - else () - set(GENERATED_ENC_PRIVKEY ${CMAKE_CURRENT_SOURCE_DIR}/share/autogen-enc-privkey.c) - add_custom_command( - OUTPUT ${GENERATED_ENC_PRIVKEY} - COMMAND imgtool getpriv -k "${ENC_KEY_FILE}" --minimal > ${GENERATED_ENC_PRIVKEY} - ) - zephyr_library_sources(${GENERATED_ENC_PRIVKEY}) - endif () -endif () +if(CONFIG_MCUBOOT_CLEANUP_ARM_CORE) +zephyr_library_sources( + ${BOOT_DIR}/zephyr/arm_cleanup.c +) +endif() -if (CONFIG_MCUBOOT_CLEANUP_ARM_CORE) - zephyr_library_sources( - ${BOOT_DIR}/zephyr/arm_cleanup.c - ) -endif () +if(CONFIG_MCUBOOT_BOOT_BANNER) + # Replace Zephyr's boot banner with the MCUboot one + zephyr_sources(kernel/banner.c) +endif() + +function(align_up num align result) + math(EXPR out "(((${num}) + ((${align}) - 1)) & ~((${align}) - 1))") + set(${result} "${out}" PARENT_SCOPE) +endfunction() + +function(dt_get_parent node) + string(FIND "${${node}}" "/" pos REVERSE) + + if(pos EQUAL -1) + message(FATAL_ERROR "Unable to get parent of node: ${${node}}") + endif() + + string(SUBSTRING "${${node}}" 0 ${pos} ${node}) + set(${node} "${${node}}" PARENT_SCOPE) +endfunction() + +dt_nodelabel(slot0_flash NODELABEL "slot0_partition") +dt_prop(slot0_size PATH "${slot0_flash}" PROPERTY "reg" INDEX 1) +dt_get_parent(slot0_flash) +dt_get_parent(slot0_flash) +dt_prop(erase_size_slot0 PATH "${slot0_flash}" PROPERTY "erase-block-size") +dt_prop(write_size_slot0 PATH "${slot0_flash}" PROPERTY "write-block-size") + +if(CONFIG_BOOT_SWAP_USING_MOVE) + if(DEFINED erase_size_slot0) + zephyr_compile_definitions("MCUBOOT_SLOT0_EXPECTED_ERASE_SIZE=${erase_size_slot0}") + endif() + + if(DEFINED write_size_slot0) + zephyr_compile_definitions("MCUBOOT_SLOT0_EXPECTED_WRITE_SIZE=${write_size_slot0}") + endif() +endif() + +if(NOT CONFIG_SINGLE_APPLICATION_SLOT) + dt_nodelabel(slot1_flash NODELABEL "slot1_partition") + dt_prop(slot1_size PATH "${slot1_flash}" PROPERTY "reg" INDEX 1) + dt_get_parent(slot1_flash) + dt_get_parent(slot1_flash) + dt_prop(erase_size_slot1 PATH "${slot1_flash}" PROPERTY "erase-block-size") + dt_prop(write_size_slot1 PATH "${slot1_flash}" PROPERTY "write-block-size") + + if(CONFIG_BOOT_SWAP_USING_MOVE) + if(DEFINED erase_size_slot1) + zephyr_compile_definitions("MCUBOOT_SLOT1_EXPECTED_ERASE_SIZE=${erase_size_slot1}") + endif() + + if(DEFINED write_size_slot1) + zephyr_compile_definitions("MCUBOOT_SLOT1_EXPECTED_WRITE_SIZE=${write_size_slot1}") + endif() + endif() +endif() + +if(CONFIG_BOOT_MAX_IMG_SECTORS_AUTO) + if(NOT DEFINED slot0_size) + message(WARNING "Unable to determine size of slot0 partition, cannot calculate minimum sector usage") + elseif(NOT DEFINED erase_size_slot0) + message(WARNING "Unable to determine erase size of slot0 partition, cannot calculate minimum sector usage") + else() + math(EXPR slot_min_sectors "${slot0_size} / ${erase_size_slot0}") + endif() + + if(NOT CONFIG_SINGLE_APPLICATION_SLOT) + if(NOT DEFINED slot1_size) + message(WARNING "Unable to determine size of slot1 partition, cannot calculate minimum sector usage") + elseif(NOT DEFINED erase_size_slot1) + message(WARNING "Unable to determine erase size of slot1 partition, cannot calculate minimum sector usage") + else() + math(EXPR slot1_min_sectors "${slot1_size} / ${erase_size_slot1}") + + if("${slot1_min_sectors}" GREATER "${slot_min_sectors}") + set(slot_min_sectors ${slot1_min_sectors}) + endif() + endif() + endif() + + if(DEFINED slot_min_sectors AND "${slot_min_sectors}" GREATER "0") + zephyr_compile_definitions("MIN_SECTOR_COUNT=${slot_min_sectors}") + message("Calculated maximum number of sectors: ${slot_min_sectors}") + else() + message(WARNING "Unable to calculate minimum number of sector sizes, falling back to 128 sector default. Please disable CONFIG_BOOT_MAX_IMG_SECTORS_AUTO and set CONFIG_BOOT_MAX_IMG_SECTORS to the required value") + endif() +endif() + +if((CONFIG_BOOT_SWAP_USING_SCRATCH OR CONFIG_BOOT_SWAP_USING_MOVE) AND (DEFINED write_size_slot0 OR DEFINED write_size_slot1)) + zephyr_library_sources(src/flash_check.c) +endif() + +if(SYSBUILD) + if(CONFIG_SINGLE_APPLICATION_SLOT OR CONFIG_BOOT_FIRMWARE_LOADER OR CONFIG_BOOT_SWAP_USING_SCRATCH OR CONFIG_BOOT_SWAP_USING_MOVE OR CONFIG_BOOT_UPGRADE_ONLY OR CONFIG_BOOT_DIRECT_XIP OR CONFIG_BOOT_RAM_LOAD) + # TODO: RAM LOAD support + dt_nodelabel(slot0_flash NODELABEL "slot0_partition") + dt_get_parent(slot0_flash) + dt_get_parent(slot0_flash) + + if(NOT CONFIG_SINGLE_APPLICATION_SLOT) + dt_nodelabel(slot1_flash NODELABEL "slot1_partition") + dt_get_parent(slot1_flash) + dt_get_parent(slot1_flash) + + if(NOT "${slot0_flash}" STREQUAL "${slot1_flash}") + # Check both slots for the one with the largest write/erase block size + dt_prop(erase_size_slot0 PATH "${slot0_flash}" PROPERTY "erase-block-size") + dt_prop(write_size_slot0 PATH "${slot0_flash}" PROPERTY "write-block-size") + dt_prop(erase_size_slot1 PATH "${slot1_flash}" PROPERTY "erase-block-size") + dt_prop(write_size_slot1 PATH "${slot1_flash}" PROPERTY "write-block-size") + + if(DEFINED erase_size_slot0 AND DEFINED erase_size_slot1) + if(${erase_size_slot0} GREATER ${erase_size_slot1}) + set(erase_size ${erase_size_slot0}) + else() + set(erase_size ${erase_size_slot1}) + endif() + elseif(DEFINED erase_size_slot0) + set(erase_size ${erase_size_slot0}) + elseif(DEFINED erase_size_slot1) + set(erase_size ${erase_size_slot1}) + endif() + + if(DEFINED write_size_slot0 AND DEFINED write_size_slot1) + if(${write_size_slot0} GREATER ${write_size_slot1}) + set(write_size ${write_size_slot0}) + else() + set(write_size ${write_size_slot1}) + endif() + elseif(DEFINED write_size_slot0) + set(write_size ${write_size_slot0}) + elseif(DEFINED write_size_slot1) + set(write_size ${write_size_slot1}) + endif() + else() + dt_prop(erase_size PATH "${slot0_flash}" PROPERTY "erase-block-size") + dt_prop(write_size PATH "${slot0_flash}" PROPERTY "write-block-size") + endif() + else() + dt_prop(erase_size PATH "${slot0_flash}" PROPERTY "erase-block-size") + dt_prop(write_size PATH "${slot0_flash}" PROPERTY "write-block-size") + endif() + + if(NOT DEFINED erase_size) + message(WARNING "Unable to determine erase size of slot0 or slot1 partition, setting to 1 (this is probably wrong)") + set(erase_size 1) + endif() + + if(NOT DEFINED write_size) + message(WARNING "Unable to determine write size of slot0 or slot1 partition, setting to 8 (this is probably wrong)") + set(write_size 8) + endif() + + if(${write_size} LESS 8) + set(max_align_size 8) + else() + set(max_align_size ${write_size}) + endif() + + set(key_size 0) + + # Boot trailer magic size + set(boot_magic_size 16) + + # Estimates for trailer TLV data size, this was taken from hello world builds for nrf52840dk + if(CONFIG_BOOT_SIGNATURE_TYPE_RSA) + if(CONFIG_BOOT_SIGNATURE_TYPE_RSA_LEN EQUAL 3072) + set(boot_tlv_estimate 464) + else() + set(boot_tlv_estimate 336) + endif() + elseif(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256) + set(boot_tlv_estimate 150) + elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519) + set(boot_tlv_estimate 144) + else() + set(boot_tlv_estimate 40) + endif() + + if(CONFIG_BOOT_ENCRYPT_RSA OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519) + # 128-bit AES key size + set(boot_enc_key_size 16) + + if(CONFIG_BOOT_SWAP_SAVE_ENCTLV) + if(CONFIG_BOOT_ENCRYPT_RSA) + set(key_size 256) + elseif(CONFIG_BOOT_ENCRYPT_EC256) + math(EXPR key_size "65 + 32 + ${boot_enc_key_size}") + elseif(CONFIG_BOOT_ENCRYPT_X25519) + math(EXPR key_size "32 + 32 + ${boot_enc_key_size}") + endif() + else() + set(key_size "${boot_enc_key_size}") + endif() + + align_up(${key_size} ${max_align_size} key_size) + math(EXPR key_size "${key_size} * 2") + endif() + + align_up(${boot_magic_size} ${write_size} boot_magic_size) + + if(CONFIG_SINGLE_APPLICATION_SLOT OR CONFIG_BOOT_FIRMWARE_LOADER) + set(boot_swap_data_size 0) + else() + math(EXPR boot_swap_data_size "${max_align_size} * 4") + endif() + + if(CONFIG_BOOT_SWAP_USING_SCRATCH OR CONFIG_BOOT_SWAP_USING_MOVE) + if(CONFIG_BOOT_MAX_IMG_SECTORS_AUTO AND DEFINED slot_min_sectors AND "${slot_min_sectors}" GREATER "0") + math(EXPR boot_status_data_size "${slot_min_sectors} * (3 * ${write_size})") + else() + math(EXPR boot_status_data_size "${CONFIG_BOOT_MAX_IMG_SECTORS} * (3 * ${write_size})") + endif() + else() + set(boot_status_data_size 0) + endif() + + math(EXPR required_size "${key_size} + ${boot_magic_size} + ${boot_swap_data_size} + ${boot_status_data_size} + ${boot_tlv_estimate}") + align_up(${required_size} ${erase_size} required_size) + + if(CONFIG_SINGLE_APPLICATION_SLOT OR CONFIG_BOOT_FIRMWARE_LOADER) + set(required_upgrade_size "0") + else() + math(EXPR required_upgrade_size "${boot_magic_size} + ${boot_swap_data_size} + ${boot_status_data_size}") + align_up(${required_upgrade_size} ${erase_size} required_upgrade_size) + endif() + + if(CONFIG_BOOT_SWAP_USING_MOVE) + math(EXPR required_size "${required_size} + ${erase_size}") + math(EXPR required_upgrade_size "${required_upgrade_size} + ${erase_size}") + endif() + else() + set(required_size 0) + set(required_upgrade_size 0) + endif() + + set(mcuboot_image_footer_size ${required_size} CACHE INTERNAL "Estimated MCUboot image trailer size" FORCE) + set(mcuboot_image_upgrade_footer_size ${required_upgrade_size} CACHE INTERNAL "Estimated MCUboot update image trailer size" FORCE) +endif() diff --git a/bootloader/dts.overlay b/bootloader/app.overlay similarity index 100% rename from bootloader/dts.overlay rename to bootloader/app.overlay diff --git a/bootloader/boards/diamond_main.conf b/bootloader/boards/diamond_main.conf deleted file mode 100644 index cb9ef65d..00000000 --- a/bootloader/boards/diamond_main.conf +++ /dev/null @@ -1,4 +0,0 @@ -# Max number of sector for an update -# 448K (partition) / 2K (sector) = 224 -CONFIG_BOOT_MAX_IMG_SECTORS_AUTO=n -CONFIG_BOOT_MAX_IMG_SECTORS=256 diff --git a/bootloader/include/boot_serial/boot_serial.ld b/bootloader/include/boot_serial/boot_serial.ld new file mode 100644 index 00000000..c0e82ad3 --- /dev/null +++ b/bootloader/include/boot_serial/boot_serial.ld @@ -0,0 +1,9 @@ +/* + * Copyright (c) 2023 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include + +ITERABLE_SECTION_ROM(mcuboot_bs_custom_handlers, 4) diff --git a/bootloader/include/boot_serial/boot_serial_extensions.h b/bootloader/include/boot_serial/boot_serial_extensions.h new file mode 100644 index 00000000..ac854b7a --- /dev/null +++ b/bootloader/include/boot_serial/boot_serial_extensions.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2023 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#ifndef H_BOOT_SERIAL_EXTENTIONS_ +#define H_BOOT_SERIAL_EXTENTIONS_ + +#include +#include +#include + +/** + * Callback handler prototype for boot serial extensions. + * + * @param[in] hdr MCUmgr header + * @param[in] buffer Buffer with first MCUmgr message + * @param[in] len Length of data in buffer + * @param[out] cs Response + * + * @return MGMT_ERR_ENOTSUP to run other handlers, other MGMT_ERR_* value + * when expected handler has ran. + */ +typedef int (*bs_custom_handler_cb)(const struct nmgr_hdr *hdr, + const char *buffer, int len, + zcbor_state_t *cs); + +struct mcuboot_bs_custom_handlers { + const bs_custom_handler_cb handler; +}; + +/* Used to create an iterable section containing a boot serial handler + * function + */ +#define MCUMGR_HANDLER_DEFINE(name, _handler) \ + STRUCT_SECTION_ITERABLE(mcuboot_bs_custom_handlers, name) = { \ + .handler = _handler, \ + } + +#endif /* H_BOOT_SERIAL_EXTENTIONS_ */ diff --git a/bootloader/include/io/io.h b/bootloader/include/io/io.h new file mode 100644 index 00000000..69787742 --- /dev/null +++ b/bootloader/include/io/io.h @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2012-2014 Wind River Systems, Inc. + * Copyright (c) 2020 Arm Limited + * Copyright (c) 2021-2023 Nordic Semiconductor ASA + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef H_IO_ +#define H_IO_ + +#include + +#ifdef CONFIG_SOC_FAMILY_NORDIC_NRF +#include +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Initialises the configured LED. + */ +void +io_led_init(void); + +/* + * Sets value of the configured LED. + */ +void +io_led_set(int value); + +/* + * Checks if GPIO is set in the required way to remain in serial recovery mode + * + * @retval false for normal boot, true for serial recovery boot + */ +bool +io_detect_pin(void); + +/* + * Checks if board was reset using reset pin and if device should stay in + * serial recovery mode + * + * @retval false for normal boot, true for serial recovery boot + */ +bool +io_detect_pin_reset(void); + +/* + * Checks board boot mode via retention subsystem and if device should stay in + * serial recovery mode + * + * @retval false for normal boot, true for serial recovery boot + */ +bool +io_detect_boot_mode(void); + +#ifdef CONFIG_SOC_FAMILY_NORDIC_NRF +static inline bool +io_boot_skip_serial_recovery() +{ + uint32_t rr = nrfx_reset_reason_get(); + + return !(rr == 0 || (rr & NRFX_RESET_REASON_RESETPIN_MASK)); +} +#else +static inline bool +io_boot_skip_serial_recovery() +{ + return false; +} +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/bootloader/kernel/banner.c b/bootloader/kernel/banner.c new file mode 100644 index 00000000..70f4e02b --- /dev/null +++ b/bootloader/kernel/banner.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2020 Intel Corporation + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include +#include +#include +#include +#include + +#if defined(CONFIG_BOOT_DELAY) && (CONFIG_BOOT_DELAY > 0) +#define DELAY_STR STRINGIFY(CONFIG_BOOT_DELAY) +#define BANNER_POSTFIX " (delayed boot " DELAY_STR "ms)" +#else +#define BANNER_POSTFIX "" +#endif /* defined(CONFIG_BOOT_DELAY) && (CONFIG_BOOT_DELAY > 0) */ + +#ifndef BANNER_VERSION +#if defined(BUILD_VERSION) && !IS_EMPTY(BUILD_VERSION) +#define BANNER_VERSION STRINGIFY(BUILD_VERSION) +#else +#define BANNER_VERSION KERNEL_VERSION_STRING +#endif /* BUILD_VERSION */ +#endif /* !BANNER_VERSION */ + +#if defined(APP_BUILD_VERSION) +#define APPLICATION_BANNER_VERSION STRINGIFY(APP_BUILD_VERSION) +#elif defined(APP_VERSION_EXTENDED_STRING) +#define APPLICATION_BANNER_VERSION APP_VERSION_EXTENDED_STRING +#endif + +#if defined(APPLICATION_BANNER_VERSION) +void +boot_banner(void) +{ +#if defined(CONFIG_BOOT_DELAY) && (CONFIG_BOOT_DELAY > 0) + printk("***** delaying boot " DELAY_STR + "ms (per build configuration) *****\n"); + k_busy_wait(CONFIG_BOOT_DELAY * USEC_PER_MSEC); +#endif /* defined(CONFIG_BOOT_DELAY) && (CONFIG_BOOT_DELAY > 0) */ + + printk("*** Booting MCUboot " APPLICATION_BANNER_VERSION " ***\n"); + printk("*** " CONFIG_BOOT_BANNER_STRING " " BANNER_VERSION BANNER_POSTFIX + " ***\n"); +} +#endif /* APP_BUILD_VERSION */ diff --git a/bootloader/prj.conf b/bootloader/prj.conf index fefa955d..a3912029 100644 --- a/bootloader/prj.conf +++ b/bootloader/prj.conf @@ -8,6 +8,8 @@ CONFIG_MBEDTLS_CFG_FILE="mcuboot-mbedtls-cfg.h" CONFIG_PINCTRL=y CONFIG_GPIO=y +CONFIG_BOOT_MAX_IMG_SECTORS_AUTO=y + # signature CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=y # path to signature key; must be relative to West top dir @@ -22,7 +24,7 @@ CONFIG_BOOT_BOOTSTRAP=n CONFIG_FLASH=y -# watchdog set to 1000ms to be able to boot with signature verification +# watchdog set to 5000ms to be able to boot with signature verification CONFIG_WATCHDOG=y CONFIG_BOOT_WATCHDOG_FEED=y -CONFIG_IWDG_STM32_INITIAL_TIMEOUT=1000 +CONFIG_IWDG_STM32_INITIAL_TIMEOUT=5000 diff --git a/bootloader/release.conf b/bootloader/release.conf index 83b11942..0abd2166 100644 --- a/bootloader/release.conf +++ b/bootloader/release.conf @@ -5,3 +5,7 @@ CONFIG_BOOT_BANNER=n CONFIG_CONSOLE=n CONFIG_UART_CONSOLE=n CONFIG_UART_STM32=n + +# default key file for encryption, usually overwritten by the build system +CONFIG_BOOT_ENCRYPTION_KEY_FILE="orb/utils/ota/enc-ec256-priv.pem" +CONFIG_BOOT_ENCRYPT_IMAGE=y diff --git a/bootloader/src/flash_check.c b/bootloader/src/flash_check.c new file mode 100644 index 00000000..b8ec3e3e --- /dev/null +++ b/bootloader/src/flash_check.c @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include +#include +#include + +#include "bootutil/bootutil_log.h" +#include <../../bootutil/src/bootutil_priv.h> + +#include "mcuboot_config/mcuboot_config.h" + +#if defined(MCUBOOT_SLOT0_EXPECTED_WRITE_SIZE) || \ + defined(MCUBOOT_SLOT1_EXPECTED_WRITE_SIZE) +BOOT_LOG_MODULE_DECLARE(mcuboot); + +bool +swap_write_block_size_check(struct boot_loader_state *state) +{ +#ifdef MCUBOOT_SLOT0_EXPECTED_WRITE_SIZE + size_t flash_write_block_size_pri; +#endif +#ifdef MCUBOOT_SLOT1_EXPECTED_WRITE_SIZE + size_t flash_write_block_size_sec; +#endif + +#ifdef MCUBOOT_SLOT0_EXPECTED_WRITE_SIZE + flash_write_block_size_pri = flash_get_write_block_size( + state->imgs[0][BOOT_PRIMARY_SLOT].area->fa_dev); + + if (flash_write_block_size_pri != MCUBOOT_SLOT0_EXPECTED_WRITE_SIZE) { + BOOT_LOG_DBG( + "Discrepancy, slot0 expected write block size: %d, actual: %d", + MCUBOOT_SLOT0_EXPECTED_WRITE_SIZE, flash_write_block_size_pri); + } +#endif + +#ifdef MCUBOOT_SLOT1_EXPECTED_WRITE_SIZE + flash_write_block_size_sec = flash_get_write_block_size( + state->imgs[0][BOOT_SECONDARY_SLOT].area->fa_dev); + + if (flash_write_block_size_sec != MCUBOOT_SLOT1_EXPECTED_WRITE_SIZE) { + BOOT_LOG_DBG( + "Discrepancy, slot1 expected write block size: %d, actual: %d", + MCUBOOT_SLOT1_EXPECTED_WRITE_SIZE, flash_write_block_size_sec); + } +#endif + + return true; +} +#endif diff --git a/bootloader/src/io.c b/bootloader/src/io.c new file mode 100644 index 00000000..f6a1ff1f --- /dev/null +++ b/bootloader/src/io.c @@ -0,0 +1,223 @@ +/* + * Copyright (c) 2012-2014 Wind River Systems, Inc. + * Copyright (c) 2020 Arm Limited + * Copyright (c) 2021-2023 Nordic Semiconductor ASA + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "bootutil/bootutil_log.h" +#include "target.h" + +#if defined(CONFIG_BOOT_SERIAL_PIN_RESET) || \ + defined(CONFIG_BOOT_FIRMWARE_LOADER_PIN_RESET) +#include +#endif + +#if defined(CONFIG_BOOT_SERIAL_BOOT_MODE) || \ + defined(CONFIG_BOOT_FIRMWARE_LOADER_BOOT_MODE) +#include +#endif + +/* Validate serial recovery configuration */ +#ifdef CONFIG_MCUBOOT_SERIAL +#if !defined(CONFIG_BOOT_SERIAL_ENTRANCE_GPIO) && \ + !defined(CONFIG_BOOT_SERIAL_WAIT_FOR_DFU) && \ + !defined(CONFIG_BOOT_SERIAL_BOOT_MODE) && \ + !defined(CONFIG_BOOT_SERIAL_NO_APPLICATION) && \ + !defined(CONFIG_BOOT_SERIAL_PIN_RESET) +#error "Serial recovery selected without an entrance mode set" +#endif +#endif + +/* Validate firmware loader configuration */ +#ifdef CONFIG_BOOT_FIRMWARE_LOADER +#if !defined(CONFIG_BOOT_FIRMWARE_LOADER_ENTRANCE_GPIO) && \ + !defined(CONFIG_BOOT_FIRMWARE_LOADER_BOOT_MODE) && \ + !defined(CONFIG_BOOT_FIRMWARE_LOADER_NO_APPLICATION) && \ + !defined(CONFIG_BOOT_FIRMWARE_LOADER_PIN_RESET) +#error "Firmware loader selected without an entrance mode set" +#endif +#endif + +#ifdef CONFIG_MCUBOOT_INDICATION_LED + +/* + * The led0 devicetree alias is optional. If present, we'll use it + * to turn on the LED whenever the button is pressed. + */ +#if DT_NODE_EXISTS(DT_ALIAS(mcuboot_led0)) +#define LED0_NODE DT_ALIAS(mcuboot_led0) +#elif DT_NODE_EXISTS(DT_ALIAS(bootloader_led0)) +#warning "bootloader-led0 alias is deprecated; use mcuboot-led0 instead" +#define LED0_NODE DT_ALIAS(bootloader_led0) +#endif + +#if DT_NODE_HAS_STATUS(LED0_NODE, okay) && DT_NODE_HAS_PROP(LED0_NODE, gpios) +static const struct gpio_dt_spec led0 = GPIO_DT_SPEC_GET(LED0_NODE, gpios); +#else +/* A build error here means your board isn't set up to drive an LED. */ +#error "Unsupported board: led0 devicetree alias is not defined" +#endif + +BOOT_LOG_MODULE_DECLARE(mcuboot); + +void +io_led_init(void) +{ + if (!device_is_ready(led0.port)) { + BOOT_LOG_ERR("Didn't find LED device referred by the LED0_NODE\n"); + return; + } + + gpio_pin_configure_dt(&led0, GPIO_OUTPUT); + gpio_pin_set_dt(&led0, 0); +} + +void +io_led_set(int value) +{ + gpio_pin_set_dt(&led0, value); +} +#endif /* CONFIG_MCUBOOT_INDICATION_LED */ + +#if defined(CONFIG_BOOT_SERIAL_ENTRANCE_GPIO) || \ + defined(CONFIG_BOOT_USB_DFU_GPIO) || \ + defined(CONFIG_BOOT_FIRMWARE_LOADER_ENTRANCE_GPIO) + +#if defined(CONFIG_MCUBOOT_SERIAL) +#define BUTTON_0_DETECT_DELAY CONFIG_BOOT_SERIAL_DETECT_DELAY +#elif defined(CONFIG_BOOT_FIRMWARE_LOADER) +#define BUTTON_0_DETECT_DELAY CONFIG_BOOT_FIRMWARE_LOADER_DETECT_DELAY +#else +#define BUTTON_0_DETECT_DELAY CONFIG_BOOT_USB_DFU_DETECT_DELAY +#endif + +#define BUTTON_0_NODE DT_ALIAS(mcuboot_button0) + +#if DT_NODE_EXISTS(BUTTON_0_NODE) && DT_NODE_HAS_PROP(BUTTON_0_NODE, gpios) +static const struct gpio_dt_spec button0 = + GPIO_DT_SPEC_GET(BUTTON_0_NODE, gpios); +#else +#error \ + "Serial recovery/USB DFU button must be declared in device tree as 'mcuboot_button0'" +#endif + +bool +io_detect_pin(void) +{ + int rc; + int pin_active; + + if (!device_is_ready(button0.port)) { + __ASSERT(false, "GPIO device is not ready.\n"); + return false; + } + + rc = gpio_pin_configure_dt(&button0, GPIO_INPUT); + __ASSERT(rc == 0, "Failed to initialize boot detect pin.\n"); + + rc = gpio_pin_get_dt(&button0); + pin_active = rc; + + __ASSERT(rc >= 0, "Failed to read boot detect pin.\n"); + + if (pin_active) { + if (BUTTON_0_DETECT_DELAY > 0) { +#ifdef CONFIG_MULTITHREADING + k_sleep(K_MSEC(50)); +#else + k_busy_wait(50000); +#endif + + /* Get the uptime for debounce purposes. */ + int64_t timestamp = k_uptime_get(); + + for (;;) { + rc = gpio_pin_get_dt(&button0); + pin_active = rc; + __ASSERT(rc >= 0, "Failed to read boot detect pin.\n"); + + /* Get delta from when this started */ + uint32_t delta = k_uptime_get() - timestamp; + + /* If not pressed OR if pressed > debounce period, stop. */ + if (delta >= BUTTON_0_DETECT_DELAY || !pin_active) { + break; + } + + /* Delay 1 ms */ +#ifdef CONFIG_MULTITHREADING + k_sleep(K_MSEC(1)); +#else + k_busy_wait(1000); +#endif + } + } + } + + return (bool)pin_active; +} +#endif + +#if defined(CONFIG_BOOT_SERIAL_PIN_RESET) || \ + defined(CONFIG_BOOT_FIRMWARE_LOADER_PIN_RESET) +bool +io_detect_pin_reset(void) +{ + uint32_t reset_cause; + int rc; + + rc = hwinfo_get_reset_cause(&reset_cause); + + if (rc == 0 && reset_cause == RESET_PIN) { + (void)hwinfo_clear_reset_cause(); + return true; + } + + return false; +} +#endif + +#if defined(CONFIG_BOOT_SERIAL_BOOT_MODE) || \ + defined(CONFIG_BOOT_FIRMWARE_LOADER_BOOT_MODE) +bool +io_detect_boot_mode(void) +{ + int32_t boot_mode; + + boot_mode = bootmode_check(BOOT_MODE_TYPE_BOOTLOADER); + + if (boot_mode == 1) { + /* Boot mode to stay in bootloader, clear status and enter serial + * recovery mode + */ + bootmode_clear(); + + return true; + } + + return false; +} +#endif diff --git a/bootloader/src/shared_data.c b/bootloader/src/shared_data.c new file mode 100644 index 00000000..9dc12c2b --- /dev/null +++ b/bootloader/src/shared_data.c @@ -0,0 +1,124 @@ +/* + * Copyright (c) 2023, Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include <../../bootutil/src/bootutil_priv.h> +#include +#include +#include +#include +#include +#include +#include + +#define SHARED_MEMORY_MIN_SIZE 8 + +LOG_MODULE_REGISTER(bootloader_info, CONFIG_RETENTION_LOG_LEVEL); + +static bool shared_memory_init_done = false; +static uint16_t shared_data_size = SHARED_DATA_HEADER_SIZE; +static ssize_t shared_data_max_size = 0; +static const struct device *bootloader_info_dev = + DEVICE_DT_GET(DT_CHOSEN(zephyr_bootloader_info)); + +BUILD_ASSERT(SHARED_MEMORY_MIN_SIZE < + DT_REG_SIZE_BY_IDX(DT_CHOSEN(zephyr_bootloader_info), 0), + "zephyr,bootloader-info area is too small for bootloader " + "information struct"); + +int +boot_add_data_to_shared_area(uint8_t major_type, uint16_t minor_type, + size_t size, const uint8_t *data) +{ + struct shared_data_tlv_header header = { + .tlv_magic = SHARED_DATA_TLV_INFO_MAGIC, + .tlv_tot_len = shared_data_size, + }; + struct shared_data_tlv_entry tlv_entry = {0}; + uint16_t boot_data_size; + uintptr_t tlv_end, offset; + int rc; + + if (data == NULL) { + return SHARED_MEMORY_GEN_ERROR; + } + + /* Check whether first time to call this function. If does then initialise + * shared data area. + */ + if (!shared_memory_init_done) { + retention_clear(bootloader_info_dev); + shared_data_max_size = retention_size(bootloader_info_dev); + shared_memory_init_done = true; + } + + /* Check whether TLV entry is already added. + * Get the boundaries of TLV section + */ + tlv_end = shared_data_size; + offset = SHARED_DATA_HEADER_SIZE; + + /* Iterates over the TLV section looks for the same entry if found then + * returns with error: SHARED_MEMORY_OVERWRITE + */ + while (offset < tlv_end) { + /* Create local copy to avoid unaligned access */ + rc = retention_read(bootloader_info_dev, offset, (void *)&tlv_entry, + SHARED_DATA_ENTRY_HEADER_SIZE); + + if (rc) { + return SHARED_MEMORY_READ_ERROR; + } + + if (GET_MAJOR(tlv_entry.tlv_type) == major_type && + GET_MINOR(tlv_entry.tlv_type) == minor_type) { + return SHARED_MEMORY_OVERWRITE; + } + + offset += SHARED_DATA_ENTRY_SIZE(tlv_entry.tlv_len); + } + + /* Add TLV entry */ + tlv_entry.tlv_type = SET_TLV_TYPE(major_type, minor_type); + tlv_entry.tlv_len = size; + + if (!boot_u16_safe_add(&boot_data_size, shared_data_size, + SHARED_DATA_ENTRY_SIZE(size))) { + return SHARED_MEMORY_GEN_ERROR; + } + + /* Verify overflow of shared area */ + if (boot_data_size > shared_data_max_size) { + return SHARED_MEMORY_OVERFLOW; + } + + offset = shared_data_size; + rc = retention_write(bootloader_info_dev, offset, (void *)&tlv_entry, + SHARED_DATA_ENTRY_HEADER_SIZE); + if (rc) { + LOG_ERR("Shared data TLV header write failed: %d", rc); + return SHARED_MEMORY_WRITE_ERROR; + } + + offset += SHARED_DATA_ENTRY_HEADER_SIZE; + rc = retention_write(bootloader_info_dev, offset, data, size); + + if (rc) { + LOG_ERR("Shared data TLV data write failed: %d", rc); + return SHARED_MEMORY_WRITE_ERROR; + } + + shared_data_size += SHARED_DATA_ENTRY_SIZE(size); + header.tlv_tot_len = shared_data_size; + + rc = retention_write(bootloader_info_dev, 0, (void *)&header, + sizeof(header)); + + if (rc) { + return SHARED_MEMORY_WRITE_ERROR; + } + + return SHARED_MEMORY_OK; +} From 5ac56e1a9acd99bab3d8172da2e35fba33081c91 Mon Sep 17 00:00:00 2001 From: Cyril Fougeray Date: Fri, 10 Jan 2025 15:04:28 +0100 Subject: [PATCH 17/17] feat(zephyr): cyclic DMA buffer for UART from upstream zephyr with fixes watchdog can be initialized only once, by our libray adc node property: became "SYNC" Signed-off-by: Cyril Fougeray --- .github/workflows/twister_native.yml | 2 +- boards/tfh/diamond_main/diamond_main.dts | 13 +++++++------ boards/tfh/pearl_main/pearl_main.dts | 6 +++--- lib/watchdog/Kconfig | 1 + west.yml | 2 +- 5 files changed, 13 insertions(+), 11 deletions(-) diff --git a/.github/workflows/twister_native.yml b/.github/workflows/twister_native.yml index 4b4da6a0..fe3ead73 100644 --- a/.github/workflows/twister_native.yml +++ b/.github/workflows/twister_native.yml @@ -22,7 +22,7 @@ jobs: - name: Twister unit tests run: | cd ${{ github.job }} - if ! ./zephyr/scripts/twister -T orb/main_board -vv -c -p unit_testing; then + if ! ./zephyr/scripts/twister -T orb/main_board -A orb/main_board -vv -c -p unit_testing; then find twister-out/ \( -name 'build.log' -o -name 'handler.log' -o -name 'device.log' \) -exec cat {} \; false fi diff --git a/boards/tfh/diamond_main/diamond_main.dts b/boards/tfh/diamond_main/diamond_main.dts index 4f006e9f..983b694a 100644 --- a/boards/tfh/diamond_main/diamond_main.dts +++ b/boards/tfh/diamond_main/diamond_main.dts @@ -521,7 +521,7 @@ status = "okay"; pinctrl-0 = <&adc1_in1_pa0 &adc1_in2_pa1 &adc1_in3_pa2 &adc1_in7_pc1 &adc1_in8_pc2 &adc1_in9_pc3 &adc1_in11_pb12 &adc1_in14_pb11>; pinctrl-names = "default"; - st,adc-clock-source = ; + st,adc-clock-source = "SYNC"; st,adc-prescaler = <4>; vref-mv = <2048>; @@ -621,7 +621,7 @@ status = "okay"; pinctrl-0 = <&adc3_in10_pd13 &adc3_in11_pd14>; pinctrl-names = "default"; - st,adc-clock-source = ; + st,adc-clock-source = "SYNC"; st,adc-prescaler = <4>; vref-mv = <2048>; @@ -665,7 +665,7 @@ status = "okay"; pinctrl-0 = <&adc4_in1_pe14 &adc4_in2_pe15>; pinctrl-names = "default"; - st,adc-clock-source = ; + st,adc-clock-source = "SYNC"; st,adc-prescaler = <4>; vref-mv = <2048>; @@ -697,7 +697,7 @@ status = "okay"; pinctrl-0 = <&adc5_in7_pd10 &adc5_in8_pd11 &adc5_in9_pd12 &adc5_in12_pd8 &adc5_in13_pd9 &adc5_in14_pe10 &adc5_in15_pe11>; pinctrl-names = "default"; - st,adc-clock-source = ; + st,adc-clock-source = "SYNC"; st,adc-prescaler = <4>; vref-mv = <2048>; @@ -929,9 +929,10 @@ current-speed = <1000000>; status = "okay"; - dmas = <&dma1 3 LL_DMAMUX_REQ_USART1_RX ((DMA_DIR_PERIPH_TO_MEM << DMA_CONFIG_DIR_SHIFT) | (1 << DMA_MEM_INC_ADDR_SHIFT) | (1 << DMA_CONFIG_CYCLIC_SHIFT))>, - <&dma1 4 LL_DMAMUX_REQ_USART1_TX ((DMA_DIR_MEM_TO_PERIPH << DMA_CONFIG_DIR_SHIFT) | (1 << DMA_MEM_INC_ADDR_SHIFT) | (1 << DMA_CONFIG_CYCLIC_SHIFT))>; + dmas = <&dma1 3 LL_DMAMUX_REQ_USART1_RX (STM32_DMA_PERIPH_RX | STM32_DMA_MEM_8BITS | STM32_DMA_MODE_CYCLIC)>, + <&dma1 4 LL_DMAMUX_REQ_USART1_TX (STM32_DMA_PERIPH_TX)>; dma-names = "rx", "tx"; + fifo-enable; }; // debug diff --git a/boards/tfh/pearl_main/pearl_main.dts b/boards/tfh/pearl_main/pearl_main.dts index 69d500f9..e42daecf 100644 --- a/boards/tfh/pearl_main/pearl_main.dts +++ b/boards/tfh/pearl_main/pearl_main.dts @@ -259,7 +259,7 @@ status = "okay"; pinctrl-0 = <&adc1_in1_pa0 &adc1_in7_pc1 &adc1_in8_pc2 &adc1_in9_pc3 &adc1_in11_pb12>; pinctrl-names = "default"; - st,adc-clock-source = ; + st,adc-clock-source = "SYNC"; st,adc-prescaler = <4>; vref-mv = <3300>; @@ -335,7 +335,7 @@ status = "okay"; pinctrl-0 = <&adc3_in10_pd13 &adc3_in11_pd14>; pinctrl-names = "default"; - st,adc-clock-source = ; + st,adc-clock-source = "SYNC"; st,adc-prescaler = <4>; vref-mv = <3300>; @@ -378,7 +378,7 @@ status = "okay"; pinctrl-0 = <&adc5_in7_pd10 &adc5_in8_pd11 &adc5_in9_pd12 &adc5_in13_pd9>; pinctrl-names = "default"; - st,adc-clock-source = ; + st,adc-clock-source = "SYNC"; st,adc-prescaler = <4>; vref-mv = <3300>; diff --git a/lib/watchdog/Kconfig b/lib/watchdog/Kconfig index 986db03f..7877f8e7 100644 --- a/lib/watchdog/Kconfig +++ b/lib/watchdog/Kconfig @@ -1,5 +1,6 @@ config ORB_LIB_WATCHDOG bool "Watchdog library" + select WDT_DISABLE_AT_BOOT depends on WATCHDOG if ORB_LIB_WATCHDOG diff --git a/west.yml b/west.yml index f2417169..c8ea95cc 100644 --- a/west.yml +++ b/west.yml @@ -8,7 +8,7 @@ manifest: remote: worldcoin projects: - name: zephyr - revision: 8469084dfae85f854555f0607f2c838dad097235 # 4.0.0 + revision: 7a914a2d726ee541b2d24da31e5460489aa068f5 import: name-allowlist: - cmsis