adafruit-mirror/zephyr
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 8
zephyr/share/sysbuild/images/bootloader/Kconfig
Grzegorz Swiderski 17ba479585 sysbuild: Fix Kconfig symbol SIGNATURE_TYPE 
Add missing quotes around string values, so that they won't be
interpreted as undefined symbol names.

Signed-off-by: Grzegorz Swiderski <grzegorz.swiderski@nordicsemi.no>
2025-01-17 16:35:53 +01:00

172 lines
6.4 KiB
Text
Raw Blame History

# Copyright (c) 2022 Nordic Semiconductor
#
# SPDX-License-Identifier: Apache-2.0
config SUPPORT_BOOTLOADER
bool
default y
config SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR
bool
default y
choice BOOTLOADER
prompt "Bootloader support"
default BOOTLOADER_NONE
depends on SUPPORT_BOOTLOADER
config BOOTLOADER_NONE
bool "None"
help
Do not Include a bootloader in the build
config BOOTLOADER_MCUBOOT
bool "MCUboot"
depends on SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR
help
Include MCUboot (Zephyr port) as the bootloader to use
endchoice
if BOOTLOADER_MCUBOOT
choice MCUBOOT_MODE
prompt "Mode of operation"
default MCUBOOT_MODE_SWAP_WITHOUT_SCRATCH
help
The operating mode of MCUboot (which will also be propagated to the application).
config MCUBOOT_MODE_SINGLE_APP
bool "Single slot"
help
MCUboot will only boot slot0_partition placed application and does not care about other
slots. In this mode application is not able to DFU its own update to secondary slot and
all updates need to be performed using MCUboot serial recovery.
config MCUBOOT_MODE_SWAP_WITHOUT_SCRATCH
bool "Swap without scratch (swap using move)"
help
MCUboot expects slot0_partition and slot1_partition to be present in DT and application
will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.
config MCUBOOT_MODE_SWAP_SCRATCH
bool "Swap using scratch"
help
MCUboot expects slot0_partition, slot1_partition and scratch_partition to be present in
DT, and application will boot from slot0_partition. In this mode scratch_partition is
used as temporary storage when MCUboot swaps application from the secondary slot to the
primary slot.
MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected in main application if MCUboot
has been built with MCUBOOT_DOWNGRADE_PREVENTION.
config MCUBOOT_MODE_OVERWRITE_ONLY
bool "Overwrite"
help
MCUboot will take contents of secondary slot of an image and will overwrite primary slot
with it. In this mode it is not possible to revert back to previous version as it is not
stored in the secondary slot.
This mode supports MCUBOOT_BOOTLOADER_NO_DOWNGRADE which means that the overwrite will
not happen unless the version of secondary slot is higher than the version in primary
slot.
config MCUBOOT_MODE_DIRECT_XIP
bool "DirectXIP"
help
MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot
can boot from either partition and will select one with higher application image version,
which usually means major.minor.patch triple, unless BOOT_VERSION_CMP_USE_BUILD_NUMBER is
also selected in MCUboot that enables comparison of build number.
This option automatically selectes MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible
to swap back to older version of application.
config MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT
bool "DirectXIP with revert"
help
MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot
will boot the application with the higher version from either slot, as long as it has
been marked to be boot next time for test or permanently. In case when application is
marked for test it needs to confirm itself, on the first boot, or it will be removed and
MCUboot will revert to booting previously approved application.
This mode does not allow freely switching between application versions, as, once higher
version application is approved, it is not possible to select lower version for boot.
This mode selects MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible to downgrade
running application, but note that MCUboot may do that if application with higher
version will not get confirmed.
config MCUBOOT_MODE_RAM_LOAD
bool "RAM load"
help
MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode, MCUboot
will select the image with the higher version number, copy it to RAM and begin execution
from there. The image must be linked to execute from RAM, the address that it is copied
to is specified using the load-addr argument when running imgtool.
Note: RAM must be assigned to the bootloader that is not used by the application in this
mode so that the bootloader is able to function until the application has booted.
config MCUBOOT_MODE_FIRMWARE_UPDATER
bool "Firmware updater"
help
MCUboot will only boot slot0_partition for the main application but has an entrance
mechanism defined for entering the slot1_partition which is a dedicated firmware updater
application used to update the slot0_partition application.
endchoice
config SIGNATURE_TYPE
string
default "NONE" if BOOT_SIGNATURE_TYPE_NONE
default "RSA" if BOOT_SIGNATURE_TYPE_RSA
default "ECDSA_P256" if BOOT_SIGNATURE_TYPE_ECDSA_P256
default "ED25519" if BOOT_SIGNATURE_TYPE_ED25519
choice BOOT_SIGNATURE_TYPE
prompt "Signature type"
default BOOT_SIGNATURE_TYPE_RSA
config BOOT_SIGNATURE_TYPE_NONE
bool "No signature; use only hash check"
config BOOT_SIGNATURE_TYPE_RSA
bool "RSA signatures"
config BOOT_SIGNATURE_TYPE_ECDSA_P256
bool "Elliptic curve digital signatures with curve P-256"
config BOOT_SIGNATURE_TYPE_ED25519
bool "Edwards curve digital signatures using ed25519"
endchoice
config BOOT_SIGNATURE_KEY_FILE
string "Signing PEM key file" if !BOOT_SIGNATURE_TYPE_NONE
default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519
default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA
default ""
help
Absolute path to signing key file to use with MCUBoot.
config SUPPORT_BOOT_ENCRYPTION
bool
depends on !BOOT_SIGNATURE_TYPE_NONE && !MCUBOOT_MODE_DIRECT_XIP && !MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT && !MCUBOOT_MODE_FIRMWARE_UPDATER
default y
config BOOT_ENCRYPTION
bool "Encrypted image support"
depends on SUPPORT_BOOT_ENCRYPTION
help
Support encrypted images.
config BOOT_ENCRYPTION_KEY_FILE
string "Encryption PEM key file"
depends on BOOT_ENCRYPTION
default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-ec256-priv.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-x25519-priv.pem" if BOOT_SIGNATURE_TYPE_ED25519
default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-rsa2048-priv.pem" if BOOT_SIGNATURE_TYPE_RSA
default ""
help
Absolute path to encryption key file to use with MCUBoot.
endif
Reference in a new issue View git blame Copy permalink