| commit | f515bb1c4453d6bb01a37d7abaaf4704e27ae00c | [log] [tgz] |
|---|---|---|
| author | Thomas Altenbach <thomas.altenbach@legrand.com> | Fri Apr 26 18:31:57 2024 +0200 |
| committer | Fabio Utzig <utzig@utzig.org> | Mon Jul 15 20:03:21 2024 -0300 |
| tree | f40025461d3a99f3016dc426a4d4ada9d17f4db7 | |
| parent | fb2cf0ec3da3687b93f28e556ab682bdd4b85223 [diff] |
bootutil: Properly retrieve image headers after interrupted swap-scratch For swap using scratch, the boot_read_image_header routine, responsible for reading the image headers, was always looking for the primary and secondary image's headers at the beginning of respectively the primary and secondary slots, regardless of the current boot status. This means if during a swap-scratch upgrade a reset happens after the sector containing the image header in the primary or secondary slot has been erased, invalid image headers were read since at that time the location of the headers has changed. Currently, this doesn't seem to cause any issue because the swap-scratch algorithm is implemented in such a way the content of the headers is no more necessary when the headers are erased. However, to be able to decrypt the secondary image when copied to the primary slot instead of when copied to the scratch area, properly reading the secondary image's header is required even after it has been erased from the secondary slot. To that end, the boot_read_image_header is modified to determine from the boot status the current location of the image headers and to always read the actual header, no matter the current state of the upgrade process. Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com>
- .github/
- boot/
- ci/
- docs/
- ext/
- ptest/
- samples/
- scripts/
- sim/
- testplan/
- zephyr/
- .gitignore
- .gitmodules
- .mbedignore
- .travis.yml-disabled
- Cargo.lock
- Cargo.toml
- CODE_OF_CONDUCT.md
- enc-aes128kw.b64
- enc-aes256kw.b64
- enc-ec256-priv.pem
- enc-ec256-pub.pem
- enc-rsa2048-priv.pem
- enc-rsa2048-pub.pem
- enc-x25519-priv.pem
- enc-x25519-pub.pem
- go.mod
- LICENSE
- NOTICE
- project.yml
- README.md
- repository.yml
- root-ec-p256-pkcs8.pem
- root-ec-p256.pem
- root-ec-p384-pkcs8.pem
- root-ec-p384.pem
- root-ed25519.pem
- root-rsa-2048.pem
- root-rsa-3072.pem
MCUboot
This is MCUboot version 2.1.0
MCUboot is a secure bootloader for 32-bits microcontrollers. It defines a common infrastructure for the bootloader and the system flash layout on microcontroller systems, and provides a secure bootloader that enables easy software upgrade.
MCUboot is not dependent on any specific operating system and hardware and relies on hardware porting layers from the operating system it works with. Currently, MCUboot works with the following operating systems and SoCs:
RIOT is supported only as a boot target. We will accept any new port contributed by the community once it is good enough.
MCUboot How-tos
See the following pages for instructions on using MCUboot with different operating systems and SoCs:
There are also instructions for the Simulator.
Roadmap
The issues being planned and worked on are tracked using GitHub issues. To give your input, visit MCUboot GitHub Issues.
Source files
You can find additional documentation on the bootloader in the source files. For more information, use the following links:
- boot/bootutil - The core of the bootloader itself.
- boot/boot_serial - Support for serial upgrade within the bootloader itself.
- boot/zephyr - Port of the bootloader to Zephyr.
- boot/mynewt - Bootloader application for Apache Mynewt.
- boot/nuttx - Bootloader application and port of MCUboot interfaces for Apache NuttX.
- boot/mbed - Port of the bootloader to Mbed OS.
- boot/espressif - Bootloader application and MCUboot port for Espressif SoCs.
- boot/cypress - Bootloader application and MCUboot port for Cypress/Infineon SoCs.
- imgtool - A tool to securely sign firmware images for booting by MCUboot.
- sim - A bootloader simulator for testing and regression.
Joining the project
Developers are welcome!
Use the following links to join or see more about the project: