Infineon: Switch to 1.9.0 code base, add xmc7000 family support, refactor memory layer
diff --git a/boot/zephyr/include/config-ec.h b/boot/zephyr/include/config-ec.h
index 3b11295..924d633 100644
--- a/boot/zephyr/include/config-ec.h
+++ b/boot/zephyr/include/config-ec.h
@@ -65,6 +65,7 @@
#define MBEDTLS_MD_C
#define MBEDTLS_OID_C
#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA256_SMALLER
#define MBEDTLS_SHA224_C
#define MBEDTLS_AES_C
diff --git a/boot/zephyr/include/config-ed25519.h b/boot/zephyr/include/config-ed25519.h
index 7e43708..95b299e 100644
--- a/boot/zephyr/include/config-ed25519.h
+++ b/boot/zephyr/include/config-ed25519.h
@@ -60,6 +60,7 @@
#define MBEDTLS_MD_C
#define MBEDTLS_OID_C
#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA256_SMALLER
#define MBEDTLS_SHA224_C
#define MBEDTLS_SHA512_C
#define MBEDTLS_AES_C
diff --git a/boot/zephyr/include/config-kw.h b/boot/zephyr/include/config-kw.h
index 168e56e..76d5da7 100644
--- a/boot/zephyr/include/config-kw.h
+++ b/boot/zephyr/include/config-kw.h
@@ -57,6 +57,7 @@
#define MBEDTLS_CIPHER_MODE_CTR
#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA256_SMALLER
#define MBEDTLS_SHA224_C
#define MBEDTLS_AES_C
#define MBEDTLS_CIPHER_C
diff --git a/boot/zephyr/include/config-rsa-kw.h b/boot/zephyr/include/config-rsa-kw.h
index bc3da7d..b5218dd 100644
--- a/boot/zephyr/include/config-rsa-kw.h
+++ b/boot/zephyr/include/config-rsa-kw.h
@@ -63,6 +63,7 @@
#define MBEDTLS_MD_C
#define MBEDTLS_OID_C
#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA256_SMALLER
#define MBEDTLS_SHA224_C
#define MBEDTLS_AES_C
#define MBEDTLS_CIPHER_C
diff --git a/boot/zephyr/include/config-rsa.h b/boot/zephyr/include/config-rsa.h
index 0552420..f07c457 100644
--- a/boot/zephyr/include/config-rsa.h
+++ b/boot/zephyr/include/config-rsa.h
@@ -64,6 +64,7 @@
#define MBEDTLS_MD_C
#define MBEDTLS_OID_C
#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA256_SMALLER
#define MBEDTLS_SHA224_C
#define MBEDTLS_AES_C
diff --git a/boot/zephyr/include/mcuboot-mbedtls-cfg.h b/boot/zephyr/include/mcuboot-mbedtls-cfg.h
index 2bab537..02bf0b0 100644
--- a/boot/zephyr/include/mcuboot-mbedtls-cfg.h
+++ b/boot/zephyr/include/mcuboot-mbedtls-cfg.h
@@ -25,6 +25,7 @@
#include "config-rsa.h"
#elif defined(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256) || \
defined(CONFIG_BOOT_ENCRYPT_EC256) || \
+ defined(CONFIG_BOOT_SERIAL_ENCRYPT_EC256) || \
(defined(CONFIG_BOOT_ENCRYPT_X25519) && !defined(CONFIG_BOOT_SIGNATURE_TYPE_ED25519))
#include "config-asn1.h"
#elif defined(CONFIG_BOOT_SIGNATURE_TYPE_ED25519)
diff --git a/boot/zephyr/include/mcuboot_config/mcuboot_config.h b/boot/zephyr/include/mcuboot_config/mcuboot_config.h
index 7061fc1..c2d6672 100644
--- a/boot/zephyr/include/mcuboot_config/mcuboot_config.h
+++ b/boot/zephyr/include/mcuboot_config/mcuboot_config.h
@@ -61,6 +61,10 @@
#define MCUBOOT_VALIDATE_PRIMARY_SLOT
#endif
+#ifdef CONFIG_BOOT_VALIDATE_SLOT0_ONCE
+#define MCUBOOT_VALIDATE_PRIMARY_SLOT_ONCE
+#endif
+
#ifdef CONFIG_BOOT_UPGRADE_ONLY
#define MCUBOOT_OVERWRITE_ONLY
#define MCUBOOT_OVERWRITE_ONLY_FAST
@@ -109,6 +113,11 @@
#define MCUBOOT_ENCRYPT_EC256
#endif
+#ifdef CONFIG_BOOT_SERIAL_ENCRYPT_EC256
+#define MCUBOOT_ENC_IMAGES
+#define MCUBOOT_ENCRYPT_EC256
+#endif
+
#ifdef CONFIG_BOOT_ENCRYPT_X25519
#define MCUBOOT_ENC_IMAGES
#define MCUBOOT_ENCRYPT_X25519
@@ -164,10 +173,18 @@
#define MCUBOOT_MGMT_CUSTOM_IMG_LIST
#endif
+#ifdef CONFIG_BOOT_MGMT_ECHO
+#define MCUBOOT_BOOT_MGMT_ECHO
+#endif
+
#ifdef CONFIG_BOOT_IMAGE_ACCESS_HOOKS
#define MCUBOOT_IMAGE_ACCESS_HOOKS
#endif
+#ifdef CONFIG_MCUBOOT_VERIFY_IMG_ADDRESS
+#define MCUBOOT_VERIFY_IMG_ADDRESS
+#endif
+
/*
* The configuration option enables direct image upload with the
* serial recovery.
@@ -176,6 +193,10 @@
#define MCUBOOT_SERIAL_DIRECT_IMAGE_UPLOAD
#endif
+#ifdef CONFIG_BOOT_SERIAL_WAIT_FOR_DFU
+#define MCUBOOT_SERIAL_WAIT_FOR_DFU
+#endif
+
/*
* The option enables code, currently in boot_serial, that attempts
* to erase flash progressively, as update fragments are received,
@@ -185,7 +206,7 @@
* for the time needed to erase large chunk of flash.
*/
#ifdef CONFIG_BOOT_ERASE_PROGRESSIVELY
-#define MCBOOT_ERASE_PROGRESSIVELY
+#define MCUBOOT_ERASE_PROGRESSIVELY
#endif
/*
@@ -240,13 +261,24 @@
#error "No NRFX WDT instances enabled"
#endif /* defined(CONFIG_NRFX_WDT0) && defined(CONFIG_NRFX_WDT1) */
-#else /* CONFIG_NRFX_WDT */
+#elif CONFIG_IWDG_STM32 /* CONFIG_NRFX_WDT */
+#include <drivers/watchdog.h>
+
+#define MCUBOOT_WATCHDOG_FEED() \
+ do { \
+ const struct device* wdt = \
+ device_get_binding( \
+ DT_LABEL(DT_INST(0, st_stm32_watchdog))); \
+ wdt_feed(wdt, 0); \
+ } while (0)
+
+#else /* CONFIG_IWDG_STM32 */
#warning "MCUBOOT_WATCHDOG_FEED() is no-op"
/* No vendor implementation, no-op for historical reasons */
#define MCUBOOT_WATCHDOG_FEED() \
do { \
} while (0)
-#endif /* CONFIG_NRFX_WDT */
+#endif
#else /* CONFIG_BOOT_WATCHDOG_FEED */
/* Not enabled, no feed activity */
#define MCUBOOT_WATCHDOG_FEED() \
diff --git a/boot/zephyr/include/single_loader.h b/boot/zephyr/include/single_loader.h
new file mode 100644
index 0000000..e762d15
--- /dev/null
+++ b/boot/zephyr/include/single_loader.h
@@ -0,0 +1,20 @@
+/*
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Copyright (c) 2021-2021 Crodeon Technologies
+ *
+ */
+
+#ifndef H_SINGLE_LOADER_
+#define H_SINGLE_LOADER_
+#include "bootutil/fault_injection_hardening.h"
+
+/**
+ * Handle an encrypted firmware in the main flash.
+ * This will decrypt the image inplace
+ */
+int boot_handle_enc_fw();
+
+fih_int boot_image_validate(const struct flash_area *fa_p,
+ struct image_header *hdr);
+#endif