Infineon: Add PSoC63, PSoC61 platforms, update hw crypto acceleration, allow build on CM4 build
Release notes:
1. Added platforms PSoC63, PSoC61
2. Added possibility to build MCUBootApp for CM4 core and BlinkyApp for CM0p
3. Updated cy-mbedtls-acceleration package to support mbedtls-3.0
4. Change CY_SMIF_SYSCLK_HFCLK_DIVIDER to achieve increased SMIF clock source
5. Improved memory map configuration in json files
6. Added optional performance measurement macros
7. Improved usage of FIH types in security critical code branches
8. Updated documentation
9. Improved MISRAa nd CERT-C compliance
10. Switch to latest mtb-pdl-cat1 3.0.0
11. Fixed minor bugs
diff --git a/boot/cypress/MCUBootApp/ExternalMemory.md b/boot/cypress/MCUBootApp/ExternalMemory.md
index 70f862d..bfc8162 100644
--- a/boot/cypress/MCUBootApp/ExternalMemory.md
+++ b/boot/cypress/MCUBootApp/ExternalMemory.md
@@ -1,6 +1,6 @@
### Support of secondary slot in external memory for PSoC™ 6 devices
-* For the CYW20829 external memory support, see the [CYW20829.md](../platforms/CYW20829/CYW20829.md) file.
+* For the CYW20829 external memory support, see the [CYW20829.md](../platforms/CYW20829.md) file.
#### Description
@@ -74,19 +74,19 @@
When XIP mode is used primary slot of an image can be placed in external memory.
-This repository provides default flash map files with suffix _xip_ to be used for XIP mode in `cy_flash_pal/flash_%platform_name%/flashmap`.
+This repository provides default flash map files with suffix _xip_ to be used for XIP mode in `platforms/cy_flash_pal/flash_%platform_name%/flashmap`.
#### How to enable external memory support
External memory is enabled when `make` flag `USE_EXTERNAL_FLASH` is set to `1`. Value of this flag is set in auto-generated `flashmap.mk` files when field `"external_flash"` is present in JSON file.
-Default flash maps with suffix _smif_ are provided in `cy_flash_pal/flash_psoc6/flashmap` folder for PSoC™ 6 devices, where presense of external memory in system is optional.
+Default flash maps with suffix _smif_ are provided in `platforms/cy_flash_pal/flash_psoc6/flashmap` folder for PSoC™ 6 devices, where presense of external memory in system is optional.
Build MCUBootApp as described in the [MCUBootApp.md](MCUBootApp.md) file.
**Building an upgrade image for external memory:**
- make app APP_NAME=BlinkyApp PLATFORM=PSOC_062_2M IMG_TYPE=UPGRADE ERASED_VALUE=0xff FLASH_MAP=cy_flash_pal/flash_psoc6/flashmap/psoc62_swap_single_smif.json IMG_ID=1
+ make app APP_NAME=BlinkyApp PLATFORM=PSOC_062_2M IMG_TYPE=UPGRADE ERASED_VALUE=0xff FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_swap_single_smif.json IMG_ID=1
`ERASED_VALUE` - Defines the memory cell contents in the erased state. It is `0x00` for PSoC™ 6 internal flash and `0xff` for S25FL512S.
diff --git a/boot/cypress/MCUBootApp/MCUBootApp.md b/boot/cypress/MCUBootApp/MCUBootApp.md
index d15f667..c07cb9e 100644
--- a/boot/cypress/MCUBootApp/MCUBootApp.md
+++ b/boot/cypress/MCUBootApp/MCUBootApp.md
@@ -1,14 +1,14 @@
-## MCUBootApp - demo bootloading application to use with Cypress targets
+## MCUBootApp - demo bootloader application to use with Cypress targets
### Solution description
-This solution demonstrates operation of MCUboot on Cypress PSoC™ 6 and CYW20829 devices.
+This solution demonstrates the operation of MCUboot on Cypress PSoC™ 6 and CYW20829 devices.
* Single-/Multi-image operation modes
* Overwrite/Swap upgrade modes
* Interrupted upgrade recovery for swap upgrades
* Upgrade image confirmation
-* Reverting of bad upgrade images
+* Revert bad upgrade images
* Secondary slots located in external flash
This demo supports PSoC™ 6 chips with the 1M-, 2M-, and 512K-flash on board, and the CYW20829 chip with no internal flash.
@@ -17,25 +17,28 @@
* `CY8CKIT-062-WIFI-BT`
* `CY8CPROTO-062S3-4343W`
* `CYW920829M2EVB-01`
+* `CYBLE-416045-EVAL`
+* `CY8CPROTO-063-BLE`
+* `CY8CKIT-062-BLE`
### Platfrom specifics
-MCUBootApp can be built for different platforms. So, the main application makefile `MCUBootApp.mk` operates with common build variables and flags. Most of them can be passed to build system as a `make` command parameter and each platform defines the default value prefixed with `PLATFORM_` in the corresponding makefile - `PSOC6.mk` or `CYW20829.mk`. The build flags and variables are described in detail in the following paragraphs.
+MCUBootApp can be built for different platforms. So, the main application makefile `MCUBootApp.mk` operates with common build variables and flags. Most of them can be passed to the build system as a `make` command parameter and each platform defines the default value prefixed with `PLATFORM_` in the corresponding makefile - `PSOC6.mk` or `CYW20829.mk`. The build flags and variables are described in detail in the following paragraphs.
### Memory maps
-The MCUboot terminology names a slot from which **boot** occurs as **primary** and a slot where an **upgrade** image is placed as **secondary**. Some platforms support both internal and external flash, some only external flash.
+The MCUboot terminology names a slot from which **boot** occurs as **primary** and a slot where an **upgrade** image is placed as **secondary**. Some platforms support both internal and external flash and some only external flash.
-The flash map of bootloader is defined at compile time and cannot be changed dynamically. Flash map is prepared in the industry-accepted JSON (JavaScript Object Notation) format. It should follow the rules described in section **How to modify flash map**.
+The flash map of the bootloader is defined at compile-time and cannot be changed dynamically. Flash map is prepared in the industry-accepted JSON (JavaScript Object Notation) format. It should follow the rules described in section **How to modify the flash map**.
-`MCUBootApp` contains JSON templates for flash maps with commonly used configurations. They can be found in `cy_flash_pal/flash_%platform_name%/flashmap` The slots' sizes are defined per platform to be compatible with all supported device families.
+`MCUBootApp` contains JSON templates for flash maps with commonly used configurations. They can be found in `platforms/cy_flash_pal/flash_%platform_name%/flashmap` The slots' sizes are defined per platform to be compatible with all supported device families.
The actual addresses are provided in corresponding platform doc files:
-- [PSOC6.md](../platforms/PSOC6/PSOC6.md)
-- [CYW20289.md](../platforms/CYW20829/CYW20829.md)
+- [PSOC6.md](../platforms/PSOC6.md)
+- [CYW20289.md](../platforms/CYW20829.md)
-#### How to modify flash map
+#### How to modify the flash map
When modifying slots sizes, ensure aligning new values with the linker script files for appropriate applications.
@@ -47,33 +50,43 @@
###### Flash map format
Flash map must have the `"boot_and_upgrade"` section, define the location of `MCUBootApp` and at least one image. For instance:
+
```
{
- "boot_and_upgrade": {
- "bootloader": {
- "address": {
+ "boot_and_upgrade":
+ {
+ "bootloader":
+ {
+ "address":
+ {
"description": "Address of the bootloader",
"value": "0x10000000"
},
- "size": {
+ "size":
+ {
"description": "Size of the bootloader",
"value": "0x18000"
}
},
- "application_1": {
- "address": {
+ "application_1":
+ {
+ "address":
+ {
"description": "Address of the application primary slot",
"value": "0x10018000"
},
- "size": {
+ "size":
+ {
"description": "Size of the application primary slot",
"value": "0x10000"
},
- "upgrade_address": {
+ "upgrade_address":
+ {
"description": "Address of the application secondary slot",
"value": "0x18030200"
},
- "upgrade_size": {
+ "upgrade_size":
+ {
"description": "Size of the application secondary slot",
"value": "0x10000"
}
@@ -81,9 +94,10 @@
}
}
```
+
Here an application identifier should follow the pattern, i.e., the 2nd image in the multi-image case is `"application_2"`, the 3rd is `"application_3"`, and so on. Up to four applications are supported at this moment.
-For each image the location and size of its primary slot is given in the `"address"` and `"size"` parameters. The location and size of the secondary slot is specified in the `"upgrade_address"` and `"upgrade_size"`. All four values described above are mandatory.
+For each image, the location and size of its primary slot are given in the `"address"` and `"size"` parameters. The location and size of the secondary slot are specified in the `"upgrade_address"` and `"upgrade_size"`. All four values described above are mandatory.
There also should be a mandatory `"bootloader"` section, describing the location and size of `MCUBootApp` in the `"address"` and `"size"` parameters, respectively.
@@ -91,14 +105,18 @@
```
Misaligned application_1 (secondary slot) - suggested address 0x18030200
```
-This gives the nearest larger address that satisfy the slot location requirements. Other errors, such as overlapping flash areas, are also checked and reported.
+This gives the nearest larger address that satisfies the slot location requirements. Other errors, such as overlapping flash areas, are also checked and reported.
###### Scratch area
-If there is a scratch area, what is generally true, its location and size is given in the `"scratch_address"` and `"scratch_size"` parameters of the `"bootloader"` subsection. For example:
+The scratch area location and size are given in the `"scratch_address"` and `"scratch_size"` parameters of the `"bootloader"` subsection.
+For example:
+
```
{
- "boot_and_upgrade": {
- "bootloader": {
+ "boot_and_upgrade":
+ {
+ "bootloader":
+ {
. . .
"scratch_address": {
"description": "Address of the scratch area",
@@ -114,10 +132,13 @@
###### Swap status partition
If the desired upgrade mode is `swap scratch with status partition`, one should define the `"status_address"` and `"status_size"` parameters in the `"bootloader"` subsection, e.g.:
+
```
{
- "boot_and_upgrade": {
- "bootloader": {
+ "boot_and_upgrade":
+ {
+ "bootloader":
+ {
. . .
"status_address": {
"description": "Address of the swap status partition",
@@ -137,7 +158,8 @@
To calculate the minimal correct size of the status partition, one could specify `"value": "0"` for the `"status_size"`. After the intentional `make` failure, copy the correct size from the error message.
###### External flash
-If an external flash memory is used, one should specify its parameters. The first way is specyfing the exact model:
+If external flash memory is used, one should specify its parameters. The first way is to specify the exact model:
+
```
{
"external_flash": [
@@ -148,7 +170,8 @@
"boot_and_upgrade": {
. . .
```
-However, the supported model list is incomplete. The known models are Infineon `S25HS256T`/`S25HS512T`/`S25HS01GT` SEMPER™ NOR Flash ICs, and a couple of SPI Flash ICs from other vendors. Another way is specyfing the important parameters, like:
+However, the supported model list is incomplete. The known models are Infineon `S25HS256T`/`S25HS512T`/`S25HS01GT` SEMPER™ NOR Flash ICs, and a couple of SPI Flash ICs from other vendors. Another way is specifying the important parameters, like:
+
```
{
"external_flash": [
@@ -160,9 +183,10 @@
"boot_and_upgrade": {
. . .
```
-for a typical 8-Mbit SPI flash with uniform 4-KByte erase blocks. While JSON list syntax is used for the `"external_flash"` section, only single instance is supported at this moment.
+for a typical 8-Mbit SPI flash with uniform 4-KByte erase blocks. While JSON list syntax is used for the `"external_flash"` section, only a single instance is supported at this moment.
If the main application image is located in the external flash, `XIP` (eXecute In Place) mode should be turned on. To do so, supply the corresponding `"mode"` parameter:
+
```
{
"external_flash": [
@@ -174,8 +198,9 @@
. . .
```
###### Service RAM Application
-The CYW20829 platform has a hardware-supported security counter. For more details on rollback protection support, refer to the [CYW20289.md](../platforms/CYW20829/CYW20829.md) file.
+The CYW20829 platform has a hardware-supported security counter. For more details on rollback protection support, refer to the [CYW20289.md](../platforms/CYW20829.md) file.
The mentioned feature requires a dedicated area in the flash memory to store the Service RAM Application and other required data. The layout of these areas is defined in the `"service_app"` JSON section:
+
```
. . .
"boot_and_upgrade":
@@ -183,7 +208,8 @@
"bootloader": {
. . .
},
- "service_app": {
+ "service_app":
+ {
"address": {
"description": "Address of the service application",
"value": "0x60070000"
@@ -213,13 +239,14 @@
. . .
```
###### Shared secondary slot
-In the multi-image case, one can reduce the utilization of flash memory by placing secondary images into the same area. This area is reffered to as **Shared secondary slot**. This is especially desirable if there are more than two images.
+In the multi-image case, one can reduce the utilization of flash memory by placing secondary images in the same area. This area is referred to as **Shared secondary slot**. This is especially desirable if there are more than two images.
-Important consideration is that this option assumes updates are performed in sequential manner (consider the Swap upgrade method): place the 1st image into the shared slot, reset to MCUBoot, check the updated image and set the Image OK flag for the 1st image, reset to MCUBoot for permanent swap. Then place the 2nd image into the shared slot, reset to MCUBoot, check the updated image and set the Image OK flag for the 2nd image, reset to MCUBoot for permanent swap, etc.
+An important consideration is that this option assumes updates are performed in a sequential manner (consider the Swap upgrade method): place the 1st image into the shared slot, reset to MCUBoot, check the updated image and set the Image OK flag for the 1st image, reset to MCUBoot for permanent swap. Then place the 2nd image into the shared slot, reset to MCUBoot, check the updated image, and set the Image OK flag for the 2nd image, reset to MCUBoot for permanent swap, etc.
-Take into account that it is possible to revert only the last updated image, as its previous version resides in the Shared secondary slot. There is no way to revert changes for previous images, as their backups are gone! That is trade-off of the Shared secondary slot.
+Take into account that it is possible to revert only the last updated image, as its previous version resides in the Shared secondary slot. There is no way to revert changes for previous images, as their backups are gone! That is the trade-off of the Shared secondary slot.
-Shared secondary slot is rather a virtual concept, we still create individual flash areas for all secondary images. However, this areas are now overlapped (this is prohibited in the standard multi-image scenario). Moreover, special placing of secondary slots is required, as described below. Consider the triple-image example:
+A shared secondary slot is rather a virtual concept, we still create individual flash areas for all secondary images. However, these areas are now overlapped (this is prohibited in the standard multi-image scenario). Moreover, the special placing of secondary slots is required, as described below. Consider the triple-image example:
+
```
| |---------| |\
| | | | \
@@ -235,11 +262,12 @@
| | | Trailer | /
| | |---------|/
```
-The purpose of such layout is to allow MCUBoot to understand what image is placed in the shared secondary slot. While secondary images now can (and should) overlap, their trailers must under no circumstances share the same address!
+The purpose of such a layout is to allow MCUBoot to understand what image is placed in the shared secondary slot. While secondary images now can (and should) overlap, their trailers must under no circumstances share the same address!
-Normally image trailer occupies the whole erase block (e.g. 512 bytes for PSoC™ 62 internal Flash, or 256 kilobytes for SEMPER™ Secure NOR Flash). There is a specific case when images are placed in both memory types, refer to the [PSOC6.md](../platforms/PSOC6/PSOC6.md) file.
+Normally image trailer occupies the whole erase block (e.g. 512 bytes for PSoC™ 62 internal Flash, or 256 kilobytes for SEMPER™ Secure NOR Flash). There is a specific case when images are placed in both memory types, refer to the [PSOC6.md](../platforms/PSOC6.md) file.
One can declare all secondary slots as shared using the following JSON syntax:
+
```
"boot_and_upgrade": {
"bootloader": {
@@ -251,6 +279,7 @@
},
```
Alternatively, this can be done for each application:
+
```
"boot_and_upgrade": {
"bootloader": {
@@ -272,23 +301,56 @@
},
. . .
```
-where `true` marks the shared slot, `false` marks the normal (non-shared) secondary slot. In theory, one can use a separate secondary slot for the 1st image, and shared secondary slot for all other images.
+where `true` marks the shared slot, `false` marks the normal (non-shared) secondary slot. In theory, one can use a separate secondary slot for the 1st image and a shared secondary slot for all other images.
When the `shared_slot` flag is set, different checks are performed at the pre-build stage. For instance, the following error is reported if image trailers appear at the same address:
```
Same trailer address for application_3 (secondary slot) and application_2 (secondary slot)
```
-As mentioned above, shared secondary slot is a virtual concept, so overlapped flash areas are created for each image's secondary slot. No separate flash area is created for the shared slot itself.
+As mentioned above, a shared secondary slot is a virtual concept, so overlapped flash areas are created for each image's secondary slot. No separate flash area is created for the shared slot itself.
**Upgrade process deviations**
-Shared slot feature has some differences and limitations in the update algorithm when there is one or more invalid images in primary slots and upgrade of these images is initiated through the shared upgrade slot (so-called **bootstrap** mode of bootloader). In this case, the bootloader allows to update the image even if other images are not valid (unlike the classic multi-image case). Bootloader however does not transfer control to these images until all primary slots become valid. ImageOK flag is set by updated images only after their successful validation and start.
+The shared slot feature has some differences and limitations in the update algorithm when there are one or more invalid images in primary slots and an upgrade of these images is initiated through the shared upgrade slot (so-called **bootstrap** mode of bootloader). In this case, the bootloader allows to update the image even if other images are not valid (unlike the classic multi-image case). Bootloader however does not transfer control to these images until all primary slots become valid. ImageOK flag is set by updated images only after their successful validation and start.
-Considering above there is a certain limitation for the shared slot mode. For **swap mode**, an update of valid slots is not possible as long as there is at least one image with an invalid prime slot.
+Considering the above there is a certain limitation for the shared slot mode. For **swap mode**, an update of valid slots is not possible as long as there is at least one image with an invalid prime slot.
-Attempting to upgrade a valid primary slot of one image with an invalid primary slot of another image may run a revert procedure the next time the bootloader is started (provided that the data of shared slot has not been changed before). Therefore, for the shared slot, it is recommended to first make all invalid primary slots valid and only then update other images through the shared slot.
+Attempting to upgrade a valid primary slot of one image with an invalid primary slot of another image may run a revert procedure the next time the bootloader is started (provided that the data of the shared slot has not been changed before). Therefore, for the shared slot, it is recommended to first make all invalid primary slots valid and only then update other images through the shared slot.
+
+###### Running on the specific core
+PSoC™ 6 platform has an option to select the core (i.e., either `Cortex-M4` or `Cortex-M0+`) on which the user application should be run. This is useful for multicore firmware. Selection is done in the `"core"` JSON section:
+
+```
+{
+ "boot_and_upgrade":
+ {
+ "bootloader": {
+ . . .
+ },
+ "application_1": {
+ "core": {
+ "description": "Run app on the specific core. PSoC6: CM0P or CM4",
+ "value": "CM0P"
+ },
+ "address": {
+ "description": "Address of the application primary slot",
+ "value": "0x10018000"
+ },
+ "size": {
+ "description": "Size of the application primary slot",
+ "value": "0x10000"
+ },
+ . . .
+ }
+ }
+}
+```
+If not specified, the default `CM4` core is assumed.
+
+Note that in the multi-image case this option makes sense only for `application_1`, as MCUBoot always starts the 1st image. Specifying `core` for other images is an error.
###### JSON syntax rules
+```
| Group | Item | Description |
|--------------------|-------------------|----------------------------------------------------------|
| `external_flash` | `model` | External flash model (if supported), e.g. `S25HS256T` |
@@ -319,6 +381,7 @@
| `application_1` | `upgrade_address` | Absolute address of the Secondary Slot of the 1st image |
| `application_1` | `upgrade_size` | Size (in bytes) of the Secondary Slot of the 1st image |
| `application_1` | `shared_slot` | Marking the shared secondary slot for the 1st image |
+| `application_1` | `core` | Specify the core to run an application (only on PSoC™ 6) |
| `address` | `value` | Value of the given address (hex or decimal) |
| `scratch_address` | `value` | Value of the Scratch Area address (hex or decimal) |
| `status_address` | `value` | Value of the Status Partition address (hex or decimal) |
@@ -328,26 +391,28 @@
| `status_size` | `value` | Value of the Status Partition size (hex or decimal) |
| `upgrade_size` | `value` | Value of the Secondary Slot size (hex or decimal) |
| `shared_slot` | `value` | Set to `true` for the Shared secondary slot |
+| `core` | `value` | Either `Cortex-M4` (default) or `Cortex-M0+` |
+```
###### Flash map internals
-When the `FLASH_MAP=` option is supplied to `make`, it involves the Python script `boot/cypress/scripts/flashmap.py`. It takes the JSON file and converts flash map into the C header file `boot/cypress/MCUBootApp/cy_flash_pal/cy_flash_map.h`.
+When the `FLASH_MAP=` option is supplied to `make`, it involves the Python script `boot/cypress/scripts/flashmap.py`. It takes the JSON file and converts flash map into the C header file `boot/cypress/platforms/cy_flash_pal/cy_flash_map.h`.
At the same time it creates the `boot/cypress/MCUBootApp/flashmap.mk`, which is conditionally included from the `boot/cypress/MCUBootApp/MCUBootApp.mk`. The generated file contains various definitions derived from the flash map, such as `MCUBOOT_IMAGE_NUMBER`, `MAX_IMG_SECTORS`, `USE_EXTERNAL_FLASH`, and `USE_XIP`. So, there is no need to specify these and similar parameters manually.
-Do not edit neither `sysflash/cy_flash_map.h` nor `flashmap.mk`, as both files are overwritten on every build.
+Do not edit either `sysflash/cy_flash_map.h` or `flashmap.mk`, as both files are overwritten on every build.
#### External flash
-Some Cypress devices, for example `CYW20829`, only have external flash, so all memory areas are located in external flash.
+Some Cypress devices, for example, `CYW20829`, only have an external flash, so all memory areas are located in an external flash.
-Hoewever, PSoC™ 6 chips has internal flash and, additionally, support the external memory connection. Thus, it is possible to place secondary (upgrade) slots in the external memory module and use most of internal flash for the primary image.
+However, PSoC™ 6 chips have internal flash and, additionally, support the external memory connection. Thus, it is possible to place secondary (upgrade) slots in the external memory module and use most of the internal flash for the primary image.
For more details on External Memory usage, refer to the [ExternalMemory.md](ExternalMemory.md) file.
#### PSoC™ 6 RAM
-RAM areas in the MCUBootApp bootloading application and BlinkyApp are defined as an example pair. If your user application requires a different RAM area, ensure that it is not overlapped with the MCUBootApp RAM area. The memory (stack) corruption of the bootloading application can cause a failure if SystemCall-served operations were invoked from the user app.
+RAM areas in the MCUBootApp bootloader application and BlinkyApp are defined as an example pair. If your user application requires a different RAM area, ensure that it is not overlapped with the MCUBootApp RAM area. The memory (stack) corruption of the bootloading application can cause a failure if SystemCall-served operations were invoked from the user app.
-The MCUBootApp linker script also contains the special section `public_ram`, which serves as a shared RAM area between the CM0p and CM4 cores. When CM4 and CM0p cores perform operations with internal flash, this area is used for the interprocessor data sharing.
+The MCUBootApp linker script also contains the special section `public_ram`, which serves as a shared RAM area between the CM0p and CM4 cores. When CM4 and CM0p cores perform operations with internal flash, this area is used for interprocessor data sharing.
#### CYW20829 RAM
@@ -359,24 +424,26 @@
The CYW20289 chip has hardware acceleration of the SHA256 algorithm only, and in other cases, uses pure software implementation of the cryptography based on MbedTLS.
-To enable the hardware acceleration in `MCUBootApp`, pass flag `USE_CRYPTO_HW=1` to `make` during build.
+To enable the hardware acceleration in `MCUBootApp`, pass flag `USE_CRYPTO_HW=1` to `make` during the build.
-The hardware cryptographic acceleration is disabled for all devices at the moment. `USE_CRYPTO_HW` flag is set to 0 by default. This package will be updated in next version.
+The hardware cryptographic acceleration is disabled for all devices at the moment. `USE_CRYPTO_HW` flag is set to 0 by default. This package will be updated in the next version.
-__NOTE__: Hardware acceleration is not available in current version of mcuboot since `cy-mbedtls-acceleration` does not support `mbedTLS 3.0` yet.
+__NOTE__: Hardware acceleration is not available in the current version of mcuboot since `cy-mbedtls-acceleration` does not support `mbedTLS 3.0` yet.
+
+__NOTE__: To reduce boot time for MCUBoot in `SWAP` mode, in the case when only **Primary slot** is programmed - disable `BOOTSTRAP` functionality. This happens because `BOOTSTRAP` uses additional slot validation, and it takes more time without hardware cryptography acceleration.
### Multi-image mode
Multi-image operation considers upgrading and verification of more than one image on a device.
-Single or multi-image mode is dictated by `MCUBOOT_IMAGE_NUMBER` `make` flag. This flag's value is set in auto-generated `flashmap.mk` file per flash map used. There is no need to pass it manually.
+Single or multi-image mode is dictated by the `MCUBOOT_IMAGE_NUMBER` `make` flag. This flag's value is set in an auto-generated `flashmap.mk` file per flash map used. There is no need to pass it manually.
-In Multi-image operation up to four images are supported.
+In Multi-image operation, up to four images are supported.
-Consider MCUBootApp with 2 images supported. Operation is the following:
+Consider MCUBootApp with 2 images supported. The operation is the following:
1. Verification of the Secondary_1 and Secondary_2 images.
-2. Upgrades Secondary to Primary if valid images found.
+2. Upgrades Secondary to Primary if valid images are found.
3. Verification of the Primary_1 and Primary_2 images.
4. Boots the image from the Primary_1 slot only.
5. Boots Primary_1 only if both - Primary_1 and Primary_2 are present and valid.
@@ -385,11 +452,11 @@
### Upgrade modes
-There are two different types of the upgrade process supported by MCUBootApp. For the `overwrite only` type of upgrade - the secondary image is simply copied to the primary slot after successful validation. No way to revert upgrade if the secondary image is inoperable.
+There are two different types of upgrade processes supported by MCUBootApp. For the `overwrite only` type of upgrade - the secondary image is simply copied to the primary slot after successful validation. No way to revert the upgrade if the secondary image is inoperable.
-For `swap` upgrade mode - images in the primary and secondary slots are swapped. Upgrade can be reverted if the secondary image did not confirm its operation.
+For `swap` upgrade mode - images in the primary and secondary slots are swapped. The upgrade can be reverted if the secondary image did not confirm its operation.
-Upgrade mode is the same for all images in Multi-image mode.
+Upgrade mode is the same for all images in the Multi-image mode.
#### Overwrite only
@@ -397,23 +464,23 @@
`#define MCUBOOT_OVERWRITE_ONLY 1`
-This flag's value is set in auto-generated `flashmap.mk` file per flash map used. There is no need to pass it manually.
+This flag's value is set in an auto-generated `flashmap.mk` file per flash map used. There is no need to pass it manually.
In Overwrite-only mode, MCUBootApp first checks if any upgrade image is present in the secondary slot(s), then validates the digital signature of the upgrade image in the secondary slot(s). If validation is successful, MCUBootApp starts copying the secondary slot content to the primary slot. After the copy is done, MCUBootApp starts the upgrade image execution from the primary slot.
-If the upgraded application does not work - there is no way to revert back to the previous working version. Only the new upgrade firmware can fix the previous broken upgrade.
+If the upgraded application does not work - there is no way to revert to the previous working version. Only the new upgrade firmware can fix the previously broken upgrade.
#### Swap mode
-For devices with a large minimum-erase size like PSoC™ 6 with 512 bytes and also for configurations, which use external flash with an even bigger minimum-erase size, there is an additional option in MCUBoot to use the dedicated `status partition` for robust storage of swap-related information.
+For devices with large minimum-erase size like PSoC™ 6 with 512 bytes and also for configurations, which use an external flash with an even bigger minimum-erase size, there is an additional option in MCUBoot to use the dedicated `status partition` for robust storage of swap-related information.
##### Why use swap with status partition
-Originally, the MCUboot library has been designed with a consideration that the minimum write/erase size of flash is always 8 bytes or less. This value is critical, because the swap algorithms use it to align portions of data that contain the swap operation status of each flash sector in a slot before writing to flash. Data alignment is also performed before writes of special-purpose data to the image trailer.
+Originally, the MCUboot library has been designed with the consideration that the minimum write/erase size of the flash is always 8 bytes or less. This value is critical because the swap algorithms use it to align portions of data that contain the swap operation status of each flash sector in a slot before writing to flash. Data alignment is also performed before the writing of special-purpose data to the image trailer.
Writing of the flash sector status or image trailer data will be the `single cycle` operation to ensure that the power loss and unpredicted resets robustness of bootloading applications. This requirement eliminates the usage of the `read-modify-write` type of operations with flash.
-`Swap with status partition` is implemented specifically to address devices with a large write/erase size. It is based on existing MCUboot swap algorithms, but does not have restriction of the 8-byte alignment. Instead, the minimum write/erase size can be specified by the user and the algorithm will calculate sizes of the status partition considering this value. All write/erase operations are aligned to this minimum write/erase size as well.
+`Swap with status partition` is implemented specifically to address devices with a large write/erase size. It is based on existing MCUboot swap algorithms but does not have restrictions on the 8-byte alignment. Instead, the minimum write/erase size can be specified by the user and the algorithm will calculate the sizes of the status partition considering this value. All write/erase operations are aligned to this minimum write/erase size as well.
##### Swap status partition description
@@ -433,7 +500,7 @@
* Image ok
* Boot image magic
-The principal diagram of the status partition:
+The principle diagram of the status partition:
```
+-+-+-+-+-+-+ +-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
@@ -475,7 +542,7 @@
**Scheme legend:**
`PRIMARY` and `SECONDARY` are areas in the status partition to contain data regarding a corresponding slot in MCUboot.
-`D0`, `D1`, and `Dx` are duplicates of data described on the left. At least 2 duplicates are present in the system. This duplication is used to eliminate flash wear. Each of `Dx` contains valid data for `current swap step - 1`. Each swap operation for the flash sector updates the status for this sector in the current `Dx` and the value on `CNT` increases. The next operation checks the least value of `CNT` in the available `Dx`s, copies the data from `Dx` with `CNT+1` and updates the status of the current sector. This continues until all sectors in the slot are moved and then swapped.
+`D0`, `D1`, and `Dx` are duplicates of data described on the left. At least 2 duplicates are present in the system. This duplication is used to eliminate flash wear. Each of `Dx` contains valid data for `current swap step - 1`. Each swap operation for the flash sector updates the status for this sector in the current `Dx` and the value on `CNT` increases. The next operation checks the least value of `CNT` in the available `Dx`s, copies the data from `Dx` with `CNT+1`, and updates the status of the current sector. This continues until all sectors in the slot are moved and then swapped.
`CRC` - A 4-byte value - the checksum of data contained in the area.
`CNT` - A 4-byte value.
`swap_status_0`, `swap_status_1` - 1-byte values that contain the status for a corresponding image sector.
@@ -494,7 +561,7 @@
One slice of the `min write/erase` size can store data for the maximum number of 500 sectors: 512 - 4 (CRC) - 4 (CNT) - 4 (area magic) = 500. BOOT_MAX_IMG_SECTORS is 640, so 2 slices of `min write/erase` are allocated. The total size is 1024 bytes.
Image trailer data fits in 64 bytes, so one slice of the `min write/erase` size is allocated. The total size is 1024 + 512 = 1536 bytes.
-The number of duplicates 2. The total size is 1536 * 2 = 3072 bytes.
+The number of duplicates is 2. The total size is 1536 * 2 = 3072 bytes.
2 slots are used in the particular case PRIMARY and SECONDARY, each needs 3072 bytes to store swap status data. The total is 3072 * 2 = 6144 bytes.
The swap status partition occupies 6144 bytes of the flash area.
@@ -506,15 +573,15 @@
`Empty` - A fully-erased device.
`Ready` - `Empty` -The device is programmed with the MCUboot-based bootloading application - MCUBootApp in this case.
`Flashed` - Initial version v1.0 of the user application, BlinkyApp in this case, is flashed to the primary (BOOT) slot.
-`Upgraded` - The updated firmware image of the user application is delivered to the secondary slot (UPGRADE) and the bootloading application performs upgrade.
+`Upgraded` - The updated firmware image of the user application is delivered to the secondary slot (UPGRADE) and the bootloading application performs an upgrade.
It is expected that the product stays in the `Upgraded` state until the end of its lifecycle.
-If there is a need to wipe out product and flash new firmware directly to the primary (BOOT) slot, the device is transferred to the `Empty` or `Ready` state and then walks through all the states again.
+If there is a need to wipe out the product and flash new firmware directly to the primary (BOOT) slot, the device is transferred to the `Empty` or `Ready` state and then walks through all the states again.
### Hardware limitations
-This application is created to demonstrate the MCUboot library features and not as a reference examples. So, some considerations are taken.
+This application is created to demonstrate the MCUboot library features and not as a reference example. So, some considerations are taken.
1. `SCB5` is used to configure a serial port for debug prints. This is the most commonly used Serial Communication Block number among available Cypress PSoC™ 6 kits. To use custom hardware with this application, set custom `SCB*` and pins in the `cypress/MCUBootApp/custom_debug_uart_cfg.h` file and pass the `USE_CUSTOM_DEBUG_UART=1` parameter to the `make` command upon MCUBootApp build.
@@ -527,9 +594,10 @@
`CUSTOM_UART_RX_PIN` - Sets the pin number in the GPIO port used as RX of the debug serial port.
`CUSTOM_UART_TX_PIN` - Sets the pin number in the GPIO port used as TX of the debug serial port.
-The above-described applies only to the `PSoC™ 062` platform.
+The above-described applies to `PSoC™ 62` and `PSoC™ 63` platforms.
2. `CY_SMIF_SLAVE_SELECT_0` is used to define the chip select for the SMIF driver. This configuration is used on the evaluation kit for this example CY8CPROTO-062-4343W. To use custom hardware with this application, change the value of `smif_id` in `main.c` of MCUBootApp to a value that corresponds to your design.
+__NOTE__: SMIF driver not supported with `PSoC™ 063` based kits.
### Downloading solution assets
@@ -548,69 +616,113 @@
1. Choose Upgrade mode and number of images.
-`cy_flash_pal/flash_%platform_name%/flashmap` folder contains a set of predefined flash map JSON files with suffixes _overwrite_ or _swap_ for upgrade methods and _single_ or _multi_ for images number in its names. Depending on the file chosen upgrade method and images number is configured:
+`platforms/cy_flash_pal/flash_%platform_name%/flashmap` folder contains a set of predefined flash map JSON files with suffixes _overwrite_ or _swap_ for upgrade methods and _single_ or _multi_ for images number in its names. Depending on the file chosen upgrade method and images number are configured:
`USE_OVERWRITE` `make` flag is set to 1 or 0 for `overwrite` or `swap` mode;
-`MCUBOOT_IMAGE_NUMBER` flag is set to number of corresponding `application_#` sections in flash map file.
+`MCUBOOT_IMAGE_NUMBER` flag is set to a number of corresponding `application_#` sections in the flash map file.
-These flags values are set in auto-generated `flashmap.mk` file per flash map used. There is no need to pass them manually.
+These flag values are set in an auto-generated `flashmap.mk` file per flash map used. There is no need to pass them manually.
+
+__NOTE__: Do not use flash map JSON files with suffixes xip or smif for `PSoC™ 063` kits.
2. Enable the hardware acceleration of the cryptography on devices that support this feature.
Pass `USE_CRYPTO_HW=1` to the `make` command. This option is temporarily disabled by default - see paragraph **Hardware cryptography acceleration**.
-Additionally user can configure hardware rollback protection on the supported platforms. To do this flash map file from `cy_flash_pal/flash_%platform_name%/flashmap/hw_rollback_prot` folder should be used.
+Additionally, users can configure hardware rollback protection on the supported platforms. To do this flash map file from `platforms/cy_flash_pal/flash_%platform_name%/flashmap/hw_rollback_prot` folder should be used.
`USE_HW_ROLLBACK_PROT` `make` flag is set to 1 in auto-generated `flashmap.mk`.
-Rollback protection feature is currently supported on CYW20829 devices in Secure mode only.
+The rollback protection feature is currently supported on CYW20829 devices in Secure mode only.
### Building solution
Folder `boot/cypress` contains make-files infrastructure for building MCUBootApp bootloader applications. Example build commands are provided later in this document for different build configurations.
+Toolchain is set by default in `toolchains.mk` file, depending on `COMPILER` makefile variable. MCUBoot is currently support only `GCC_ARM` as compiler. Toolchain path can be redefined, by setting `TOOLCHAIN_PATH` build flag to desired toolchain path. Below is an example on how to set toolchain path from **ModusToolbox™ IDE 3.0**:
+
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_062_2M BUILDCFG=Debug FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_swap_single.json TOOLCHAIN_PATH=c:/Users/$(USERNAME)/ModusToolbox/tools_3.0/gcc
+
* Build MCUBootApp in the `Debug` configuration for Single-image mode with swap upgrade.
- make app APP_NAME=MCUBootApp PLATFORM=PSOC_062_2M BUILDCFG=Debug FLASH_MAP=cy_flash_pal/flash_psoc6/flashmap/psoc62_swap_single.json
+ `PSoC™ 062`
-* Build MCUBootApp in `Release` configuration for Multi-image mode with overwrite update.
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_062_2M BUILDCFG=Debug FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_swap_single.json
- make app APP_NAME=MCUBootApp PLATFORM=PSOC_062_2M BUILDCFG=Release FLASH_MAP=cy_flash_pal/flash_psoc6/flashmap/psoc62_overwrite_multi.json
+ `PSoC™ 063`
-The root directory for build is `boot/cypress`.
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_063_1M BUILDCFG=Debug FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_swap_single.json
+
+* Build MCUBootApp in `Release` configuration for Multi-image mode with overwriting update.
+
+ `PSoC™ 062`
+
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_062_2M BUILDCFG=Release FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_overwrite_multi.json
+
+ `PSoC™ 063`
+
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_063_1M BUILDCFG=Release FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_overwrite_multi.json
+
+* Build MCUBootApp in `Debug` configuration for Single-image mode with swap upgrade and in `smif` mode.
+
+ `PSoC™ 062`
+
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_062_2M BUILDCFG=Debug FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_swap_single_smif.json
+
+ `PSoC™ 063`
+
+ Supported only for `PLATFORM=PSOC_063_1M DEVICE=CY8C6347BZI-BLD53`
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_062_1M DEVICE=CY8C6347BZI-BLD53 BUILDCFG=Debug FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_swap_single_smif.json
+ `NOTE:` PSOC_062_1M platform is used here since kit, where particular MPN is installed is called CY8CKIT-062-BLE
+
+* Build MCUBootApp in `Debug` configuration for Single-image mode with swap upgrade and in `xip` mode.
+
+ `PSoC™ 062`
+
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_062_2M BUILDCFG=Debug FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_xip_swap.json
+
+ `PSoC™ 063`
+
+ make clean app APP_NAME=MCUBootApp PLATFORM=PSOC_062_1M DEVICE=CY8C6347BZI-BLD53 BUILDCFG=Debug FLASH_MAP=platforms/cy_flash_pal/flash_psoc6/flashmap/psoc6_xip_swap.json
+ `NOTE:` PSOC_062_1M platform is used here since kit, where particular MPN is installed is called CY8CKIT-062-BLE
+
+The root directory for the build is `boot/cypress`.
### Encrypted image support
-To protect firmware content from read, plain binary data can be encrypted. MCUBootApp supports the encrypted image in some implementations, depending on the platform.
+To protect firmware content from reading, plain binary data can be encrypted. MCUBootApp supports the encrypted image in some implementations, depending on the platform.
-On PSoC™ 6, an upgrade image can be encrypted and then programmed to corresponding Secondary slot of MCUBootApp. It is then decrypted and transferred to the primary slot using the preferred upgrade method. For more details on the encrypted image implementation, refer to the [PSOC6.md](../platforms/PSOC6/PSOC6.md) file.
+On PSoC™ 6, an upgrade image can be encrypted and then programmed to the corresponding Secondary slot of MCUBootApp. It is then decrypted and transferred to the primary slot using the preferred upgrade method. For more details on the encrypted image implementation, refer to the [PSOC6.md](../platforms/PSOC6.md) file.
-On CYW20829, an encrypted image is supported in both slots. The firmware here is located in external memory, so, the chip's SMIF block encrypted eXecution In Place (XIP) feature is used. Encrypted firmware is placed directly in the primary slot and is decrypted on the fly. The encrypted upgrade image is first validated by MCUBootApp in the secondary slot and then transferred to the primary slot as it is. For more details on the encrypted image implementation, refer to the [CYW20289.md](../platforms/CYW20829/CYW20829.md) file.
+On CYW20829, an encrypted image is supported in both slots. The firmware here is located in external memory, so, the chip's SMIF block encrypted eXecution In Place (XIP) feature is used. Encrypted firmware is placed directly in the primary slot and is decrypted on the fly. The encrypted upgrade image is first validated by MCUBootApp in the secondary slot and then transferred to the primary slot as it is. For more details on the encrypted image implementation, refer to the [CYW20289.md](../platforms/CYW20829.md) file.
### Rollback protection
MCUboot supports the security counter implementation to provide downgrade prevention. This mechanism allows the user to explicitly restrict the possibility to execute/upgrade images whose security counters are less than the current firmware counter. So, it can be guaranteed, that obsolete firmware with possible vulnerabilities can not be executed on the device.
**Currently, only the CYW20829 platform supports the hardware rollback counter protection.**
-For more details on the implementation, refer to the [CYW20289.md](../platforms/CYW20829/CYW20829.md) file.
+For more details on the implementation, refer to the [CYW20289.md](../platforms/CYW20829.md) file.
### Complete build flags and parameters description
Can be passed to `make` or set in makefiles.
-`MCUBOOT_LOG_LEVEL` - Can be set at `MCUBOOT_LOG_LEVEL_DEBUG` to enable the verbose output of MCUBootApp.
-`ENC_IMG` - When set to `1`, enables the encrypted image support in MCUBootApp.
-`APP_DEFAULT_POLICY` - The path to a policy file to use for signing MCUBootApp and user application (BlinkyApp) on the CYW20829 platform.
-`USE_BOOTSTRAP` - When set to `1` and Swap mode is enabled, the application in the secondary slot will overwrite the primary slot, if the primary slot application is invalid.
-`USE_CRYPTO_HW` - When set to `1`, uses the hardware accelerated cryptography on the PSoC™ 6 platform, and SHA-256 HW acceleration for the CYW20289 platform.
-`LSC` - The lifecycle state of the chip. Possible options are `SECURE` and `NORMAL_NO_SECURE` (effective on CYW20829 chip only).
+`MCUBOOT_LOG_LEVEL` - Can be set at `MCUBOOT_LOG_LEVEL_DEBUG` to enable the verbose output of MCUBootApp.
+`ENC_IMG` - When set to `1`, it enables the encrypted image support in MCUBootApp.
+`APP_DEFAULT_POLICY` - The path to a policy file to use for signing MCUBootApp and user application (BlinkyApp) on the CYW20829 platform.
+`USE_BOOTSTRAP` - When set to `1` and Swap mode is enabled, the application in the secondary slot will overwrite the primary slot if the primary slot application is invalid.
+`USE_CRYPTO_HW` - When set to `1`, uses the hardware-accelerated cryptography on the PSoC™ 6 platform, and SHA-256 HW acceleration for the CYW20289 platform.
+`LSC` - The lifecycle state of the chip. Possible options are `SECURE` and `NORMAL_NO_SECURE` (effective on CYW20829 chip only).
+`DEVICE` - is used to set a particular MPN for a platform since multiple MPNs are associated with one platform, for example:
+`PLATFORM=PSOC_062_1M DEVICE=CY8C6347BZI-BLD53`
-Set by script in auto-generated makefile file.
+The next flags will be set by script in auto-generated makefile 'flashmap.mk':
+`MCUBOOT_IMAGE_NUMBER` - The number of images to be supported by the current build of MCUBootApp.
+`USE_OVERWRITE` - `0` - Use swap with Scratch upgrade mode, `1` - use Overwrite only upgrade.
+`USE_EXTERNAL_FLASH` - When set to `1`, it enables the external memory support on the PSoC™ 6 platform. This value is always set to `1` on CYW20829.
+`USE_HW_ROLLBACK_PROT` - When set to `1`, it enables the hardware rollback protection on the CYW20829 platform with Secure mode enabled.
-`MCUBOOT_IMAGE_NUMBER` - The number of images to be supported by the current build of MCUBootApp.
-`USE_OVERWRITE` - `0` - Use swap with Scratch upgrade mode, `1` - use Overwrite only upgrade.
-`USE_EXTERNAL_FLASH` - When set to `1`, enables the external memory support on the PSoC™ 6 platform. This value is always set to `1` on CYW20829.
-`USE_HW_ROLLBACK_PROT` - When set to `1`, enables the hardware rollback protection on the CYW20829 platform with Secure mode enabled.
+Adding `clean` to `make` will clean the build folder, and files boot/cypress/MCUBootApp/flashmap.mk and boot/cypress/platforms/cy_flash_pal/cy_flash_map.h will be removed and re-generated.
### Programming solution
@@ -618,7 +730,7 @@
1. The direct usage of OpenOCD.
-The OpenOCD package is supplied with ModusToolbox™ IDE and can be found in installation folder `ModusToolbox/tools_2.4/openocd`.
+The OpenOCD package is supplied with ModusToolbox™ IDE and can be found in the installation folder `ModusToolbox/tools_2.4/openocd`.
Set environment variable `OPENOCD` to the path to the openocd folder in ModusToolbox™. Exact commands for programming images are provided in the corresponding platform readme files.
@@ -650,4 +762,4 @@
*Python/Python3* - ensure that you have the correct path referenced in `PATH`.
-*Msys2* - To use the systems path, navigate to the msys2 folder, open `msys2_shell.cmd`, uncomment set `MSYS2_PATH_TYPE=inherit`, restart the MSYS2 shell. This will inherit the system's path and find `python` installed in the regular way as well as `imgtool` and its dependencies.
+*Msys2* - To use the systems path, navigate to the msys2 folder, open `msys2_shell.cmd`, uncomment set `MSYS2_PATH_TYPE=inherit`, and restart the MSYS2 shell. This will inherit the system's path and find `python` installed in the regular way as well as `imgtool` and its dependencies.
diff --git a/boot/cypress/MCUBootApp/MCUBootApp.mk b/boot/cypress/MCUBootApp/MCUBootApp.mk
index e6ed9ed..e2dae9f 100644
--- a/boot/cypress/MCUBootApp/MCUBootApp.mk
+++ b/boot/cypress/MCUBootApp/MCUBootApp.mk
@@ -35,7 +35,7 @@
ifneq ($(FLASH_MAP), )
$(CUR_APP_PATH)/flashmap.mk:
- $(PYTHON_PATH) scripts/flashmap.py -p $(PLATFORM) -i $(FLASH_MAP) -o $(PRJ_DIR)/cy_flash_pal/cy_flash_map.h > $(CUR_APP_PATH)/flashmap.mk
+ $(PYTHON_PATH) scripts/flashmap.py -p $(PLATFORM) -m -i $(FLASH_MAP) -o $(PRJ_DIR)/platforms/cy_flash_pal/cy_flash_map.h > $(CUR_APP_PATH)/flashmap.mk
include $(CUR_APP_PATH)/flashmap.mk
DEFINES_APP := -DCY_FLASH_MAP_JSON
endif
@@ -69,14 +69,13 @@
DEFINES_APP += -DMBEDTLS_CONFIG_FILE="\"mcuboot_crypto_config.h\""
DEFINES_APP += -DECC256_KEY_FILE="\"keys/$(SIGN_KEY_FILE).pub\""
DEFINES_APP += -D$(CORE)
+DEFINES_APP += -DAPP_$(APP_CORE)
DEFINES_APP += -DMCUBOOT_IMAGE_NUMBER=$(MCUBOOT_IMAGE_NUMBER)
DEFINES_APP += -DUSE_SHARED_SLOT=$(USE_SHARED_SLOT)
# Define MCUboot size and pass it to linker script
-BOOTLOADER_SIZE ?= $(PLATFORM_BOOTLOADER_SIZE)
LDFLAGS_DEFSYM += -Wl,--defsym,BOOTLOADER_SIZE=$(BOOTLOADER_SIZE)
-
APP_DEFAULT_POLICY ?= $(PLATFORM_APP_DEFAULT_POLICY)
ifeq ($(USE_EXTERNAL_FLASH), 1)
@@ -110,11 +109,26 @@
# Service RAM app size
DEFINES_APP += -DSERVICE_APP_SIZE=$(PLATFORM_SERVICE_APP_SIZE)
endif
-# Hardrware acceleration support
+# Hardware acceleration support
ifeq ($(USE_CRYPTO_HW), 1)
DEFINES_APP += -DMBEDTLS_USER_CONFIG_FILE="\"mcuboot_crypto_acc_config.h\""
DEFINES_APP += -DCY_CRYPTO_HAL_DISABLE
DEFINES_APP += -DCY_MBEDTLS_HW_ACCELERATION
+
+INCLUDE_DIRS_MBEDTLS_MXCRYPTO := $(CY_LIBS_PATH)/cy-mbedtls-acceleration
+INCLUDE_DIRS_MBEDTLS_MXCRYPTO += $(CY_LIBS_PATH)/cy-mbedtls-acceleration/COMPONENT_CAT1/include
+
+ifeq ($(PLATFORM), CYW20829)
+INCLUDE_DIRS_MBEDTLS_MXCRYPTO += $(CY_LIBS_PATH)/cy-mbedtls-acceleration/COMPONENT_CAT1/mbedtls_$(CRYPTO_ACC_TYPE)
+SOURCES_MBEDTLS_MXCRYPTO := $(wildcard $(CY_LIBS_PATH)/cy-mbedtls-acceleration/COMPONENT_CAT1/mbedtls_$(CRYPTO_ACC_TYPE)/*.c)
+DEFINES_APP += -Dcy_stc_cryptolite_context_sha256_t=cy_stc_cryptolite_context_sha_t
+else
+INCLUDE_DIRS_MBEDTLS_MXCRYPTO += $(CY_LIBS_PATH)/cy-mbedtls-acceleration/COMPONENT_CAT1/mbedtls_$(CRYPTO_ACC_TYPE)
+SOURCES_MBEDTLS_MXCRYPTO := $(wildcard $(CY_LIBS_PATH)/cy-mbedtls-acceleration/COMPONENT_CAT1/mbedtls_$(CRYPTO_ACC_TYPE)/*.c)
+endif
+
+INCLUDE_DIRS_LIBS += $(addprefix -I,$(INCLUDE_DIRS_MBEDTLS_MXCRYPTO))
+SOURCES_LIBS += $(SOURCES_MBEDTLS_MXCRYPTO)
endif
# Compile with user redefined values for UART HW, port, pins
@@ -122,6 +136,11 @@
DEFINES_APP += -DUSE_CUSTOM_DEBUG_UART=1
endif
+# Log timestamp information
+ifeq ($(USE_LOG_TIMESTAMP), 1)
+DEFINES_APP += -DUSE_LOG_TIMESTAMP
+endif
+
# Encrypted image support
ifeq ($(ENC_IMG), 1)
DEFINES_APP += -DENC_IMG=1
@@ -139,11 +158,34 @@
endif
endif
+ifeq ($(USE_MEASURED_BOOT), 1)
+DEFINES_APP += -DMCUBOOT_MEASURED_BOOT
+DEFINES_APP += -DMAX_BOOT_RECORD_SZ=512
+DEFINES_APP += -DMCUBOOT_SHARED_DATA_BASE=0x08000800
+DEFINES_APP += -DMCUBOOT_SHARED_DATA_SIZE=0x200
+endif
+
+ifeq ($(USE_DATA_SHARING), 1)
+DEFINES_APP += -DMCUBOOT_DATA_SHARING
+DEFINES_APP += -DMAX_BOOT_RECORD_SZ=512
+DEFINES_APP += -DMCUBOOT_SHARED_DATA_BASE=0x08000800
+DEFINES_APP += -DMCUBOOT_SHARED_DATA_SIZE=0x200
+endif
+
+ifeq ($(BOOT_RECORD_SW_TYPE), )
+BOOT_RECORD := --boot-record MCUBootApp
+else
+BOOT_RECORD := --boot-record $(BOOT_RECORD_SW_TYPE)
+endif
# Collect MCUBoot sourses
SOURCES_MCUBOOT := $(wildcard $(PRJ_DIR)/../bootutil/src/*.c)
# Collect MCUBoot Application sources
-SOURCES_APP_SRC := main.c cy_security_cnt.c keys.c
+SOURCES_APP_SRC := main.c keys.c
+ifeq ($(USE_EXEC_TIME_CHECK), 1)
+DEFINES_APP += -DUSE_EXEC_TIME_CHECK=1
+SOURCES_APP_SRC += misc/timebase_us.c
+endif
# Collect Flash Layer sources and header files dirs
INCLUDE_DIRS_FLASH := $(PLATFORM_INCLUDE_DIRS_FLASH)
@@ -182,28 +224,29 @@
# Print debug information about all settings used and/or set in this file
ifeq ($(VERBOSE), 1)
$(info #### MCUBootApp.mk ####)
+$(info APP_CORE <-- $(APP_CORE))
$(info APP_DEFAULT_POLICY --> $(APP_DEFAULT_POLICY))
$(info APP_NAME <-> $(APP_NAME))
$(info ASM_FILES_APP --> $(ASM_FILES_APP))
$(info ASM_FILES_STARTUP <-- $(ASM_FILES_STARTUP))
-$(info BOOTLOADER_SIZE <-> $(BOOTLOADER_SIZE))
+$(info BOOTLOADER_SIZE <-- $(BOOTLOADER_SIZE))
+$(info BOOT_RECORD --> $(BOOT_RECORD))
+$(info BOOT_RECORD_SW_TYPE <-- $(BOOT_RECORD_SW_TYPE))
$(info BUILDCFG <-- $(BUILDCFG))
$(info CFLAGS_OPTIMIZATION --> $(CFLAGS_OPTIMIZATION))
$(info COMPILER <-> $(COMPILER))
$(info CORE <-- $(CORE))
$(info CUR_APP_PATH <-- $(CUR_APP_PATH))
+$(info CY_LIBS_PATH <-- $(CY_LIBS_PATH))
$(info DEFINES_APP --> $(DEFINES_APP))
$(info ENC_IMG <-> $(ENC_IMG))
-$(info EXTERNAL_FLASH_PRIMARY_2_OFFSET <-> $(EXTERNAL_FLASH_PRIMARY_2_OFFSET))
-$(info EXTERNAL_FLASH_SCRATCH_OFFSET <-> $(EXTERNAL_FLASH_SCRATCH_OFFSET))
-$(info EXTERNAL_FLASH_SECONDARY_1_OFFSET <-> $(EXTERNAL_FLASH_SECONDARY_1_OFFSET))
-$(info EXTERNAL_FLASH_SECONDARY_2_OFFSET <-> $(EXTERNAL_FLASH_SECONDARY_2_OFFSET))
$(info FLASH_MAP <-- $(FLASH_MAP))
-$(info IMAGE_1_SLOT_SIZE <-> $(IMAGE_1_SLOT_SIZE))
-$(info IMAGE_2_SLOT_SIZE <-> $(IMAGE_2_SLOT_SIZE))
$(info INCLUDE_DIRS_APP --> $(INCLUDE_DIRS_APP))
$(info INCLUDE_DIRS_FLASH <-> $(INCLUDE_DIRS_FLASH))
+$(info INCLUDE_DIRS_LIBS --> $(INCLUDE_DIRS_LIBS))
+$(info INCLUDE_DIRS_MBEDTLS_MXCRYPTO <-> $(INCLUDE_DIRS_MBEDTLS_MXCRYPTO))
$(info INCLUDE_DIRS_MCUBOOT --> $(INCLUDE_DIRS_MCUBOOT))
+$(info INCLUDE_DIRS_UTILS <-> $(INCLUDE_DIRS_UTILS))
$(info LDFLAGS --> $(LDFLAGS))
$(info LDFLAGS_DEFSYM <-> $(LDFLAGS_DEFSYM))
$(info LINKER_SCRIPT --> $(LINKER_SCRIPT))
@@ -216,39 +259,35 @@
$(info PLATFORM <-- $(PLATFORM))
$(info PLATFORM_APP_DEFAULT_POLICY <-- $(PLATFORM_APP_DEFAULT_POLICY))
$(info PLATFORM_APP_SOURCES <-- $(PLATFORM_APP_SOURCES))
-$(info PLATFORM_BOOTLOADER_SIZE <-- $(PLATFORM_BOOTLOADER_SIZE))
-$(info PLATFORM_CHUNK_SIZE <-- $(PLATFORM_CHUNK_SIZE))
$(info PLATFORM_CY_MAX_EXT_FLASH_ERASE_SIZE <-- $(PLATFORM_CY_MAX_EXT_FLASH_ERASE_SIZE))
-$(info PLATFORM_EXTERNAL_FLASH_PRIMARY_2_OFFSET <-- $(PLATFORM_EXTERNAL_FLASH_PRIMARY_2_OFFSET))
-$(info PLATFORM_EXTERNAL_FLASH_SCRATCH_OFFSET <-- $(PLATFORM_EXTERNAL_FLASH_SCRATCH_OFFSET))
-$(info PLATFORM_EXTERNAL_FLASH_SECONDARY_1_OFFSET <-- $(PLATFORM_EXTERNAL_FLASH_SECONDARY_1_OFFSET))
-$(info PLATFORM_EXTERNAL_FLASH_SECONDARY_2_OFFSET <-- $(PLATFORM_EXTERNAL_FLASH_SECONDARY_2_OFFSET))
-$(info PLATFORM_IMAGE_1_SLOT_SIZE <-- $(PLATFORM_IMAGE_1_SLOT_SIZE))
-$(info PLATFORM_IMAGE_2_SLOT_SIZE <-- $(PLATFORM_IMAGE_2_SLOT_SIZE))
$(info PLATFORM_INCLUDE_DIRS_FLASH <-- $(PLATFORM_INCLUDE_DIRS_FLASH))
+$(info PLATFORM_INCLUDE_DIRS_UTILS <-- $(PLATFORM_INCLUDE_DIRS_UTILS))
$(info PLATFORM_MAX_IMG_SECTORS <-- $(PLATFORM_MAX_IMG_SECTORS))
-$(info PLATFORM_SCRATCH_SIZE <-- $(PLATFORM_SCRATCH_SIZE))
$(info PLATFORM_SERVICE_APP_DESC_OFFSET <-- $(PLATFORM_SERVICE_APP_DESC_OFFSET))
$(info PLATFORM_SERVICE_APP_INPUT_PARAMS_OFFSET <-- $(PLATFORM_SERVICE_APP_INPUT_PARAMS_OFFSET))
$(info PLATFORM_SERVICE_APP_OFFSET <-- $(PLATFORM_SERVICE_APP_OFFSET))
$(info PLATFORM_SERVICE_APP_SIZE <-- $(PLATFORM_SERVICE_APP_SIZE))
$(info PLATFORM_SOURCES_FLASH <-- $(PLATFORM_SOURCES_FLASH))
-$(info PLATFORM_STATUS_PARTITION_OFFSET <-- $(PLATFORM_STATUS_PARTITION_OFFSET))
$(info PRJ_DIR <-- $(PRJ_DIR))
$(info PYTHON_PATH <-- $(PYTHON_PATH))
-$(info SCRATCH_SIZE <-> $(SCRATCH_SIZE))
$(info SIGN_KEY_FILE <-- $(SIGN_KEY_FILE))
$(info SOURCES_APP --> $(SOURCES_APP))
$(info SOURCES_APP_SRC <-> $(SOURCES_APP_SRC))
$(info SOURCES_FLASH <-> $(SOURCES_FLASH))
+$(info SOURCES_LIBS --> $(SOURCES_LIBS))
+$(info SOURCES_MBEDTLS_MXCRYPTO <-> $(SOURCES_MBEDTLS_MXCRYPTO))
$(info SOURCES_MCUBOOT <-> $(SOURCES_MCUBOOT))
-$(info STATUS_PARTITION_OFFSET <-> $(STATUS_PARTITION_OFFSET))
$(info USE_BOOTSTRAP <-> $(USE_BOOTSTRAP))
$(info USE_CRYPTO_HW <-- $(USE_CRYPTO_HW))
$(info USE_CUSTOM_DEBUG_UART <-- $(USE_CUSTOM_DEBUG_UART))
-$(info USE_CUSTOM_MEMORY_MAP <-- $(USE_CUSTOM_MEMORY_MAP))
+$(info USE_DATA_SHARING <-- $(USE_DATA_SHARING))
+$(info USE_EXEC_TIME_CHECK <-- $(USE_EXEC_TIME_CHECK))
$(info USE_EXTERNAL_FLASH <-- $(USE_EXTERNAL_FLASH))
$(info USE_HW_ROLLBACK_PROT <-- $(USE_HW_ROLLBACK_PROT))
+$(info USE_LOG_TIMESTAMP <-- $(USE_LOG_TIMESTAMP))
+$(info USE_MEASURED_BOOT <-- $(USE_MEASURED_BOOT))
$(info USE_OVERWRITE <-- $(USE_OVERWRITE))
+$(info USE_SHARED_SLOT <-> $(USE_SHARED_SLOT))
+$(info USE_SW_DOWNGRADE_PREV <-- $(USE_SW_DOWNGRADE_PREV))
$(info USE_XIP <-- $(USE_XIP))
endif
diff --git a/boot/cypress/MCUBootApp/MCUBootApp_CM0P.ld b/boot/cypress/MCUBootApp/MCUBootApp_CM0P.ld
index 9d9a32d..d721274 100644
--- a/boot/cypress/MCUBootApp/MCUBootApp_CM0P.ld
+++ b/boot/cypress/MCUBootApp/MCUBootApp_CM0P.ld
@@ -63,9 +63,9 @@
* Your changes must be aligned with the corresponding memory regions for the CM4 core in 'xx_cm4_dual.ld',
* where 'xx' is the device group; for example, 'cy8c6xx7_cm4_dual.ld'.
*/
- ram (rwx) : ORIGIN = 0x08000800, LENGTH = 0x1F800
+ ram (rwx) : ORIGIN = 0x08000A00, LENGTH = 0x1F600
flash (rx) : ORIGIN = 0x10000000, LENGTH = 0x17E90
- smif_struct (rx) : ORIGIN = 0x10017E90, LENGTH = 0x170
+ smif_struct (rx) : ORIGIN = 0x10017E90, LENGTH = 0x170
/* This is an unprotected public RAM region, with the placed .cy_sharedmem.
* This region is used to place objects that require full access from both cores.
@@ -74,6 +74,11 @@
*/
public_ram (rw) : ORIGIN = 0x08000000, LENGTH = 0x800
+ /* Shared data ram region.
+ * Used to store boot immage information in TLV format
+ */
+ shared_data_ram (rw) : ORIGIN = 0x08000800, LENGTH = 0x200
+
/* This is a 32K flash region used for EEPROM emulation. This region can also be used as the general purpose flash.
* You can assign sections to this memory region for only one of the cores.
* Note some middleware (e.g. BLE, Emulated EEPROM) can place their data into this memory region.
@@ -336,6 +341,15 @@
} > public_ram
*/
+ .shared_ram (NOLOAD):
+ {
+ . = ALIGN(4);
+ __shared_ram_start__ = .;
+ KEEP(*(.shared_ram))
+ . = ALIGN(4);
+ __shared_ram_end__ = .;
+ } > shared_data_ram
+
/* .stack_dummy section doesn't contains any symbols. It is only
* used for linker to calculate size of stack sections, and assign
* values to stack symbols later */
diff --git a/boot/cypress/MCUBootApp/MCUBootApp_CM4.ld b/boot/cypress/MCUBootApp/MCUBootApp_CM4.ld
new file mode 100644
index 0000000..95b4b19
--- /dev/null
+++ b/boot/cypress/MCUBootApp/MCUBootApp_CM4.ld
@@ -0,0 +1,421 @@
+/***************************************************************************//**
+* \file cy8c6xx6_cm4.ld
+* \version 2.91
+*
+* Linker file for the GNU C compiler.
+*
+* The main purpose of the linker script is to describe how the sections in the
+* input files should be mapped into the output file, and to control the memory
+* layout of the output file.
+*
+* \note The entry point location is fixed and starts at 0x10000000. The valid
+* application image should be placed there.
+*
+* \note The linker files included with the PDL template projects must be generic
+* and handle all common use cases. Your project may not use every section
+* defined in the linker files. In that case you may see warnings during the
+* build process. In your project, you can simply comment out or remove the
+* relevant code in the linker file.
+*
+********************************************************************************
+* \copyright
+* Copyright 2016-2021 Cypress Semiconductor Corporation
+* SPDX-License-Identifier: Apache-2.0
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*******************************************************************************/
+
+OUTPUT_FORMAT ("elf32-littlearm", "elf32-bigarm", "elf32-littlearm")
+SEARCH_DIR(.)
+GROUP(-lgcc -lc -lnosys)
+ENTRY(Reset_Handler)
+
+/* The size of the stack section at the end of CM4 SRAM */
+STACK_SIZE = 0x1000;
+
+/* Force symbol to be entered in the output file as an undefined symbol. Doing
+* this may, for example, trigger linking of additional modules from standard
+* libraries. You may list several symbols for each EXTERN, and you may use
+* EXTERN multiple times. This command has the same effect as the -u command-line
+* option.
+*/
+EXTERN(Reset_Handler)
+
+/* The MEMORY section below describes the location and size of blocks of memory in the target.
+* Use this section to specify the memory regions available for allocation.
+*/
+MEMORY
+{
+ /* The ram and flash regions control RAM and flash memory allocation for the CM4 core.
+ * Note that 2176 bytes of RAM (at the end of the SRAM) are reserved for system use.
+ * Using this memory region for other purposes will lead to unexpected behavior.
+ */
+ ram (rwx) : ORIGIN = 0x08000000, LENGTH = 0x1F780
+ flash (rx) : ORIGIN = 0x10000000, LENGTH = 0x80000
+
+ /* This is a 32K flash region used for EEPROM emulation. This region can also be used as the general purpose flash.
+ * You can assign sections to this memory region for only one of the cores.
+ * Note some middleware (e.g. BLE, Emulated EEPROM) can place their data into this memory region.
+ * Therefore, repurposing this memory region will prevent such middleware from operation.
+ */
+ em_eeprom (rx) : ORIGIN = 0x14000000, LENGTH = 0x8000 /* 32 KB */
+
+ /* The following regions define device specific memory regions and must not be changed. */
+ sflash_user_data (rx) : ORIGIN = 0x16000800, LENGTH = 0x800 /* Supervisory flash: User data */
+ sflash_nar (rx) : ORIGIN = 0x16001A00, LENGTH = 0x200 /* Supervisory flash: Normal Access Restrictions (NAR) */
+ sflash_public_key (rx) : ORIGIN = 0x16005A00, LENGTH = 0xC00 /* Supervisory flash: Public Key */
+ sflash_toc_2 (rx) : ORIGIN = 0x16007C00, LENGTH = 0x200 /* Supervisory flash: Table of Content # 2 */
+ sflash_rtoc_2 (rx) : ORIGIN = 0x16007E00, LENGTH = 0x200 /* Supervisory flash: Table of Content # 2 Copy */
+ xip (rx) : ORIGIN = 0x18000000, LENGTH = 0x8000000 /* 128 MB */
+ efuse (r) : ORIGIN = 0x90700000, LENGTH = 0x100000 /* 1 MB */
+}
+
+/* Library configurations */
+GROUP(libgcc.a libc.a libm.a libnosys.a)
+
+/* Linker script to place sections and symbol values. Should be used together
+ * with other linker script that defines memory regions FLASH and RAM.
+ * It references following symbols, which must be defined in code:
+ * Reset_Handler : Entry of reset handler
+ *
+ * It defines following symbols, which code can use without definition:
+ * __exidx_start
+ * __exidx_end
+ * __copy_table_start__
+ * __copy_table_end__
+ * __zero_table_start__
+ * __zero_table_end__
+ * __etext
+ * __data_start__
+ * __preinit_array_start
+ * __preinit_array_end
+ * __init_array_start
+ * __init_array_end
+ * __fini_array_start
+ * __fini_array_end
+ * __data_end__
+ * __bss_start__
+ * __bss_end__
+ * __end__
+ * end
+ * __HeapLimit
+ * __StackLimit
+ * __StackTop
+ * __stack
+ * __Vectors_End
+ * __Vectors_Size
+ */
+
+
+SECTIONS
+{
+ /* Cortex-M4 application flash area */
+ .text :
+ {
+ /* Cortex-M4 flash vector table */
+ __Vectors = . ;
+ KEEP(*(.vectors))
+ . = ALIGN(4);
+ __Vectors_End = .;
+ __Vectors_Size = __Vectors_End - __Vectors;
+ __end__ = .;
+
+ . = ALIGN(4);
+ *(.text*)
+
+ KEEP(*(.init))
+ KEEP(*(.fini))
+
+ /* .ctors */
+ *crtbegin.o(.ctors)
+ *crtbegin?.o(.ctors)
+ *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors)
+ *(SORT(.ctors.*))
+ *(.ctors)
+
+ /* .dtors */
+ *crtbegin.o(.dtors)
+ *crtbegin?.o(.dtors)
+ *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors)
+ *(SORT(.dtors.*))
+ *(.dtors)
+
+ /* Read-only code (constants). */
+ *(.rodata .rodata.* .constdata .constdata.* .conststring .conststring.*)
+
+ KEEP(*(.eh_frame*))
+ } > flash
+
+
+ .ARM.extab :
+ {
+ *(.ARM.extab* .gnu.linkonce.armextab.*)
+ } > flash
+
+ __exidx_start = .;
+
+ .ARM.exidx :
+ {
+ *(.ARM.exidx* .gnu.linkonce.armexidx.*)
+ } > flash
+ __exidx_end = .;
+
+
+ /* To copy multiple ROM to RAM sections,
+ * uncomment .copy.table section and,
+ * define __STARTUP_COPY_MULTIPLE in startup_psoc6_01_cm4.S */
+ .copy.table :
+ {
+ . = ALIGN(4);
+ __copy_table_start__ = .;
+
+ /* Copy interrupt vectors from flash to RAM */
+ LONG (__Vectors) /* From */
+ LONG (__ram_vectors_start__) /* To */
+ LONG (__Vectors_End - __Vectors) /* Size */
+
+ /* Copy data section to RAM */
+ LONG (__etext) /* From */
+ LONG (__data_start__) /* To */
+ LONG (__data_end__ - __data_start__) /* Size */
+
+ __copy_table_end__ = .;
+ } > flash
+
+
+ /* To clear multiple BSS sections,
+ * uncomment .zero.table section and,
+ * define __STARTUP_CLEAR_BSS_MULTIPLE in startup_psoc6_01_cm4.S */
+ .zero.table :
+ {
+ . = ALIGN(4);
+ __zero_table_start__ = .;
+ LONG (__bss_start__)
+ LONG (__bss_end__ - __bss_start__)
+ __zero_table_end__ = .;
+ } > flash
+
+ __etext = . ;
+
+
+ .ramVectors (NOLOAD) : ALIGN(8)
+ {
+ __ram_vectors_start__ = .;
+ KEEP(*(.ram_vectors))
+ __ram_vectors_end__ = .;
+ } > ram
+
+
+ .data __ram_vectors_end__ :
+ {
+ . = ALIGN(4);
+ __data_start__ = .;
+
+ *(vtable)
+ *(.data*)
+
+ . = ALIGN(4);
+ /* preinit data */
+ PROVIDE_HIDDEN (__preinit_array_start = .);
+ KEEP(*(.preinit_array))
+ PROVIDE_HIDDEN (__preinit_array_end = .);
+
+ . = ALIGN(4);
+ /* init data */
+ PROVIDE_HIDDEN (__init_array_start = .);
+ KEEP(*(SORT(.init_array.*)))
+ KEEP(*(.init_array))
+ PROVIDE_HIDDEN (__init_array_end = .);
+
+ . = ALIGN(4);
+ /* finit data */
+ PROVIDE_HIDDEN (__fini_array_start = .);
+ KEEP(*(SORT(.fini_array.*)))
+ KEEP(*(.fini_array))
+ PROVIDE_HIDDEN (__fini_array_end = .);
+
+ KEEP(*(.jcr*))
+ . = ALIGN(4);
+
+ KEEP(*(.cy_ramfunc*))
+ . = ALIGN(4);
+
+ __data_end__ = .;
+
+ } > ram AT>flash
+
+
+ /* Place variables in the section that should not be initialized during the
+ * device startup.
+ */
+ .noinit (NOLOAD) : ALIGN(8)
+ {
+ KEEP(*(.noinit))
+ } > ram
+
+
+ /* The uninitialized global or static variables are placed in this section.
+ *
+ * The NOLOAD attribute tells linker that .bss section does not consume
+ * any space in the image. The NOLOAD attribute changes the .bss type to
+ * NOBITS, and that makes linker to A) not allocate section in memory, and
+ * A) put information to clear the section with all zeros during application
+ * loading.
+ *
+ * Without the NOLOAD attribute, the .bss section might get PROGBITS type.
+ * This makes linker to A) allocate zeroed section in memory, and B) copy
+ * this section to RAM during application loading.
+ */
+ .bss (NOLOAD):
+ {
+ . = ALIGN(4);
+ __bss_start__ = .;
+ *(.bss*)
+ *(COMMON)
+ . = ALIGN(4);
+ __bss_end__ = .;
+ } > ram
+
+
+ .heap (NOLOAD):
+ {
+ __HeapBase = .;
+ __end__ = .;
+ end = __end__;
+ KEEP(*(.heap*))
+ . = ORIGIN(ram) + LENGTH(ram) - STACK_SIZE;
+ __HeapLimit = .;
+ } > ram
+
+
+ /* .stack_dummy section doesn't contains any symbols. It is only
+ * used for linker to calculate size of stack sections, and assign
+ * values to stack symbols later */
+ .stack_dummy (NOLOAD):
+ {
+ KEEP(*(.stack*))
+ } > ram
+
+
+ /* Set stack top to end of RAM, and stack limit move down by
+ * size of stack_dummy section */
+ __StackTop = ORIGIN(ram) + LENGTH(ram);
+ __StackLimit = __StackTop - SIZEOF(.stack_dummy);
+ PROVIDE(__stack = __StackTop);
+
+ /* Check if data + heap + stack exceeds RAM limit */
+ ASSERT(__StackLimit >= __HeapLimit, "region RAM overflowed with stack")
+
+
+ /* Used for the digital signature of the secure application and the Bootloader SDK application.
+ * The size of the section depends on the required data size. */
+ .cy_app_signature ORIGIN(flash) + LENGTH(flash) - 256 :
+ {
+ KEEP(*(.cy_app_signature))
+ } > flash
+
+
+ /* Emulated EEPROM Flash area */
+ .cy_em_eeprom :
+ {
+ KEEP(*(.cy_em_eeprom))
+ } > em_eeprom
+
+
+ /* Supervisory Flash: User data */
+ .cy_sflash_user_data :
+ {
+ KEEP(*(.cy_sflash_user_data))
+ } > sflash_user_data
+
+
+ /* Supervisory Flash: Normal Access Restrictions (NAR) */
+ .cy_sflash_nar :
+ {
+ KEEP(*(.cy_sflash_nar))
+ } > sflash_nar
+
+
+ /* Supervisory Flash: Public Key */
+ .cy_sflash_public_key :
+ {
+ KEEP(*(.cy_sflash_public_key))
+ } > sflash_public_key
+
+
+ /* Supervisory Flash: Table of Content # 2 */
+ .cy_toc_part2 :
+ {
+ KEEP(*(.cy_toc_part2))
+ } > sflash_toc_2
+
+
+ /* Supervisory Flash: Table of Content # 2 Copy */
+ .cy_rtoc_part2 :
+ {
+ KEEP(*(.cy_rtoc_part2))
+ } > sflash_rtoc_2
+
+
+ /* Places the code in the Execute in Place (XIP) section. See the smif driver
+ * documentation for details.
+ */
+ cy_xip :
+ {
+ __cy_xip_start = .;
+ KEEP(*(.cy_xip))
+ __cy_xip_end = .;
+ } > xip
+
+
+ /* eFuse */
+ .cy_efuse :
+ {
+ KEEP(*(.cy_efuse))
+ } > efuse
+
+
+ /* These sections are used for additional metadata (silicon revision,
+ * Silicon/JTAG ID, etc.) storage.
+ */
+ .cymeta 0x90500000 : { KEEP(*(.cymeta)) } :NONE
+}
+
+
+/* The following symbols used by the cymcuelftool. */
+/* Flash */
+__cy_memory_0_start = 0x10000000;
+__cy_memory_0_length = 0x00080000;
+__cy_memory_0_row_size = 0x200;
+
+/* Emulated EEPROM Flash area */
+__cy_memory_1_start = 0x14000000;
+__cy_memory_1_length = 0x8000;
+__cy_memory_1_row_size = 0x200;
+
+/* Supervisory Flash */
+__cy_memory_2_start = 0x16000000;
+__cy_memory_2_length = 0x8000;
+__cy_memory_2_row_size = 0x200;
+
+/* XIP */
+__cy_memory_3_start = 0x18000000;
+__cy_memory_3_length = 0x08000000;
+__cy_memory_3_row_size = 0x200;
+
+/* eFuse */
+__cy_memory_4_start = 0x90700000;
+__cy_memory_4_length = 0x100000;
+__cy_memory_4_row_size = 1;
+
+/* EOF */
diff --git a/boot/cypress/MCUBootApp/MCUBootApp_CYW20829_Debug.launch b/boot/cypress/MCUBootApp/MCUBootApp_CYW20829_Debug.launch
deleted file mode 100644
index 3b3300a..0000000
--- a/boot/cypress/MCUBootApp/MCUBootApp_CYW20829_Debug.launch
+++ /dev/null
@@ -1,59 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<launchConfiguration type="ilg.gnumcueclipse.debug.gdbjtag.openocd.launchConfigurationType">
- <stringAttribute key="com.cypress.studio.launch.mode" value="debug"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.doContinue" value="true"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.doDebugInRam" value="false"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.doFirstReset" value="false"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.doGdbServerAllocateConsole" value="true"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.doGdbServerAllocateTelnetConsole" value="false"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.doSecondReset" value="true"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.doStartGdbCLient" value="true"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.doStartGdbServer" value="true"/>
- <booleanAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.enableSemihosting" value="true"/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.firstResetType" value="init"/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbClientOtherCommands" value="set mem inaccessible-by-default off"/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbClientOtherOptions" value=""/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbServerConnectionAddress" value=""/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbServerExecutable" value="/Users/rnok/Downloads/ASSETS/cyopenocd/openocd_4.3_1445/bin/openocd"/>
- <intAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbServerGdbPortNumber" value="3333"/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbServerLog" value=""/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbServerOther" value="-s "/Users/rnok/Downloads/ASSETS/cyopenocd/openocd_4.3_1445/scripts" -s "./libs/TARGET_PSVP-CYW20829/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource" -c "set SMIF_LOADER /Users/rnok/repos/cyw20829/AnyCloud_CYW20829_Blinky_App/./libs/TARGET_PSVP-CYW20829/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/CYW208xx_SMIF.FLM" -c "source [find interface/kitprog3.cfg]" -c "puts stderr {Started by GNU MCU Eclipse}" -c "source [find target/cyw208xx.cfg]" -c "cyw208xx.cm33 configure -rtos auto -rtos-wipe-on-reset-halt 1" -c "gdb_breakpoint_override hard" -c "init; reset init""/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbServerTclPortNumber" value="6666"/>
- <intAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.gdbServerTelnetPortNumber" value="4444"/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.otherInitCommands" value=""/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.otherRunCommands" value="flushregs"/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.openocd.secondResetType" value="init"/>
- <stringAttribute key="ilg.gnumcueclipse.debug.gdbjtag.svdPath" value=""/>
- <stringAttribute key="org.eclipse.cdt.debug.gdbjtag.core.imageFileName" value="${cy_prj_path}/build/PSVP-CYW20829/Debug/mtb-example-anycloud-blinky.bin"/>
- <stringAttribute key="org.eclipse.cdt.debug.gdbjtag.core.imageOffset" value=""/>
- <stringAttribute key="org.eclipse.cdt.debug.gdbjtag.core.ipAddress" value="localhost"/>
- <stringAttribute key="org.eclipse.cdt.debug.gdbjtag.core.jtagDevice" value="GNU MCU OpenOCD"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.loadImage" value="false"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.loadSymbols" value="true"/>
- <stringAttribute key="org.eclipse.cdt.debug.gdbjtag.core.pcRegister" value=""/>
- <intAttribute key="org.eclipse.cdt.debug.gdbjtag.core.portNumber" value="3333"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.setPcRegister" value="false"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.setResume" value="false"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.setStopAt" value="true"/>
- <stringAttribute key="org.eclipse.cdt.debug.gdbjtag.core.stopAt" value="main"/>
- <stringAttribute key="org.eclipse.cdt.debug.gdbjtag.core.symbolsFileName" value="/Users/rnok/repos/cyw20829/cy_mcuboot/boot/cypress/MCUBootApp/out/CYW20829/Debug/MCUBootApp.elf"/>
- <stringAttribute key="org.eclipse.cdt.debug.gdbjtag.core.symbolsOffset" value=""/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.useFileForImage" value="true"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.useFileForSymbols" value="true"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.useProjBinaryForImage" value="false"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.useProjBinaryForSymbols" value="false"/>
- <booleanAttribute key="org.eclipse.cdt.debug.gdbjtag.core.useRemoteTarget" value="true"/>
- <stringAttribute key="org.eclipse.cdt.dsf.gdb.DEBUG_NAME" value="${cy_tools_path:CY_TOOL_arm-none-eabi-gdb_EXE}"/>
- <booleanAttribute key="org.eclipse.cdt.dsf.gdb.UPDATE_THREADLIST_ON_SUSPEND" value="false"/>
- <intAttribute key="org.eclipse.cdt.launch.ATTR_BUILD_BEFORE_LAUNCH_ATTR" value="0"/>
- <stringAttribute key="org.eclipse.cdt.launch.COREFILE_PATH" value=""/>
- <stringAttribute key="org.eclipse.cdt.launch.PROGRAM_NAME" value="/Users/rnok/repos/cyw20829/cy_mcuboot/boot/cypress/MCUBootApp/out/CYW20829/Debug/MCUBootApp.elf"/>
- <stringAttribute key="org.eclipse.cdt.launch.PROJECT_ATTR" value="MCUBootApp_CYW20829_Debug"/>
- <booleanAttribute key="org.eclipse.cdt.launch.PROJECT_BUILD_CONFIG_AUTO_ATTR" value="false"/>
- <stringAttribute key="org.eclipse.cdt.launch.PROJECT_BUILD_CONFIG_ID_ATTR" value=""/>
- <listAttribute key="org.eclipse.debug.ui.favoriteGroups">
- <listEntry value="org.eclipse.debug.ui.launchGroup.debug"/>
- </listAttribute>
- <stringAttribute key="org.eclipse.dsf.launch.MEMORY_BLOCKS" value="<?xml version="1.0" encoding="UTF-8" standalone="no"?> <memoryBlockExpressionList context="Context string"/> "/>
- <stringAttribute key="process_factory_id" value="org.eclipse.cdt.dsf.gdb.GdbProcessFactory"/>
-</launchConfiguration>
diff --git a/boot/cypress/MCUBootApp/config/mcuboot_config/mcuboot_logging.h b/boot/cypress/MCUBootApp/config/mcuboot_config/mcuboot_logging.h
index 9869e33..c2d97d8 100644
--- a/boot/cypress/MCUBootApp/config/mcuboot_config/mcuboot_logging.h
+++ b/boot/cypress/MCUBootApp/config/mcuboot_config/mcuboot_logging.h
@@ -30,6 +30,26 @@
#include <stdbool.h>
#include <stdio.h>
+#include <stdarg.h>
+#include <inttypes.h>
+#include "timestamp.h"
+
+static inline void print_msg(char const *format, ...)
+{
+ va_list args;
+ va_start(args, format);
+
+#ifdef USE_LOG_TIMESTAMP
+ (void)fprintf(stderr, "[%03" PRIu32 "s"
+ ".%03" PRIu32 "ms]",
+ log_timestamp_get()/1000U,
+ log_timestamp_get()%1000U);
+#endif
+
+ (void)vfprintf(stderr, format, args);
+
+ va_end(args);
+}
#define MCUBOOT_LOG_LEVEL_OFF 0
#define MCUBOOT_LOG_LEVEL_ERROR 1
@@ -58,44 +78,44 @@
#if MCUBOOT_LOG_LEVEL >= MCUBOOT_LOG_LEVEL_ERROR
-#define MCUBOOT_LOG_ERR(_fmt, ...) \
- do { \
- if (sim_log_enabled(MCUBOOT_LOG_LEVEL_ERROR) != 0) { \
- (void)fprintf(stderr, "[ERR] " _fmt "\n\r", ##__VA_ARGS__); \
- } \
+#define MCUBOOT_LOG_ERR(_fmt, ...) \
+ do { \
+ if (sim_log_enabled(MCUBOOT_LOG_LEVEL_ERROR) != 0) { \
+ print_msg("[ERR] " _fmt "\n\r", ##__VA_ARGS__); \
+ } \
} while ((bool)0)
#else
#define MCUBOOT_LOG_ERR(...) IGNORE(__VA_ARGS__)
#endif
#if MCUBOOT_LOG_LEVEL >= MCUBOOT_LOG_LEVEL_WARNING
-#define MCUBOOT_LOG_WRN(_fmt, ...) \
- do { \
- if (sim_log_enabled(MCUBOOT_LOG_LEVEL_WARNING) != 0) { \
- (void)fprintf(stderr, "[WRN] " _fmt "\n\r", ##__VA_ARGS__); \
- } \
+#define MCUBOOT_LOG_WRN(_fmt, ...) \
+ do { \
+ if (sim_log_enabled(MCUBOOT_LOG_LEVEL_WARNING) != 0) { \
+ print_msg("[WRN] " _fmt "\n\r", ##__VA_ARGS__); \
+ } \
} while ((bool)0)
#else
#define MCUBOOT_LOG_WRN(...) IGNORE(__VA_ARGS__)
#endif
#if MCUBOOT_LOG_LEVEL >= MCUBOOT_LOG_LEVEL_INFO
-#define MCUBOOT_LOG_INF(_fmt, ...) \
- do { \
- if (sim_log_enabled(MCUBOOT_LOG_LEVEL_INFO) != 0) { \
- (void)fprintf(stderr, "[INF] " _fmt "\n\r", ##__VA_ARGS__); \
- } \
+#define MCUBOOT_LOG_INF(_fmt, ...) \
+ do { \
+ if (sim_log_enabled(MCUBOOT_LOG_LEVEL_INFO) != 0) { \
+ print_msg("[INF] " _fmt "\n\r", ##__VA_ARGS__); \
+ } \
} while ((bool)0)
#else
#define MCUBOOT_LOG_INF(...) IGNORE(__VA_ARGS__)
#endif
#if MCUBOOT_LOG_LEVEL >= MCUBOOT_LOG_LEVEL_DEBUG
-#define MCUBOOT_LOG_DBG(_fmt, ...) \
- do { \
- if (sim_log_enabled(MCUBOOT_LOG_LEVEL_DEBUG) != 0) { \
- (void)fprintf(stderr, "[DBG] " _fmt "\n\r", ##__VA_ARGS__); \
- } \
+#define MCUBOOT_LOG_DBG(_fmt, ...) \
+ do { \
+ if (sim_log_enabled(MCUBOOT_LOG_LEVEL_DEBUG) != 0) { \
+ print_msg("[DBG] " _fmt "\n\r", ##__VA_ARGS__); \
+ } \
} while ((bool)0)
#else
#define MCUBOOT_LOG_DBG(...) IGNORE(__VA_ARGS__)
diff --git a/boot/cypress/MCUBootApp/cy_security_cnt.c b/boot/cypress/MCUBootApp/cy_security_cnt.c
deleted file mode 100644
index d658345..0000000
--- a/boot/cypress/MCUBootApp/cy_security_cnt.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (c) 2020 Arm Limited.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#if defined MCUBootApp && defined MCUBOOT_HW_ROLLBACK_PROT
-
-#include <stdint.h>
-#include <string.h>
-#include "bootutil/security_cnt.h"
-#include "cy_security_cnt_platform.h"
-
-fih_int
-boot_nv_security_counter_init(void)
-{
- /* Do nothing. */
- return 0;
-}
-
-fih_int
-boot_nv_security_counter_get(uint32_t image_id, fih_uint *security_cnt)
-{
- (void)image_id;
- fih_int fih_ret = FIH_FAILURE;
-
- if (NULL != security_cnt) {
- FIH_CALL(platform_security_counter_get, fih_ret, security_cnt);
- }
-
- FIH_RET(fih_ret);
-}
-
-int32_t
-boot_nv_security_counter_update(uint32_t image_id, uint32_t img_security_cnt, void * custom_data)
-{
- (void)image_id;
-
- int32_t rc = platform_security_counter_update(img_security_cnt, (uint8_t *)custom_data);
-
- /* Do nothing. */
- return rc;
-}
-
-#endif /* defined MCUBootApp && defined MCUBOOT_HW_ROLLBACK_PROT */
diff --git a/boot/cypress/MCUBootApp/libs.mk b/boot/cypress/MCUBootApp/libs.mk
index da58c88..24bd642 100644
--- a/boot/cypress/MCUBootApp/libs.mk
+++ b/boot/cypress/MCUBootApp/libs.mk
@@ -62,6 +62,12 @@
INCLUDE_DIRS_WATCHDOG := $(THIS_APP_PATH)/watchdog
# MbedTLS related include directories
+ifeq ($(USE_CRYPTO_HW), 1)
+ifeq ($(PLATFORM), CYW20829)
+# Override mbedtls/compat-2.x.h for Cryptolite CBUS workaround
+INCLUDE_DIRS_MBEDTLS += $(PRJ_DIR)/platforms/crypto/CYW20829
+endif
+endif
INCLUDE_DIRS_MBEDTLS += $(MBEDTLS_PATH)/mbedtls/include
INCLUDE_DIRS_MBEDTLS += $(MBEDTLS_PATH)/mbedtls/include/mbedtls
INCLUDE_DIRS_MBEDTLS += $(MBEDTLS_PATH)/mbedtls/include/psa
@@ -85,6 +91,7 @@
$(info INCLUDE_DIRS_WATCHDOG <-> $(INCLUDE_DIRS_WATCHDOG))
$(info INCLUDE_RETARGET_IO_PDL <-> $(INCLUDE_RETARGET_IO_PDL))
$(info MBEDTLS_PATH <-- $(MBEDTLS_PATH))
+$(info PLATFORM <-- $(PLATFORM))
$(info PLATFORM_INCLUDE_DIRS_HAL_MCUB <-- $(PLATFORM_INCLUDE_DIRS_HAL_MCUB))
$(info PLATFORM_INCLUDE_RETARGET_IO_PDL <-- $(PLATFORM_INCLUDE_RETARGET_IO_PDL))
$(info PLATFORM_SOURCES_HAL_MCUB <-- $(PLATFORM_SOURCES_HAL_MCUB))
@@ -96,4 +103,5 @@
$(info SOURCES_RETARGET_IO_PDL <-> $(SOURCES_RETARGET_IO_PDL))
$(info SOURCES_WATCHDOG <-> $(SOURCES_WATCHDOG))
$(info THIS_APP_PATH <-- $(THIS_APP_PATH))
+$(info USE_CRYPTO_HW <-- $(USE_CRYPTO_HW))
endif
diff --git a/boot/cypress/MCUBootApp/main.c b/boot/cypress/MCUBootApp/main.c
index 6097173..b54e7e5 100644
--- a/boot/cypress/MCUBootApp/main.c
+++ b/boot/cypress/MCUBootApp/main.c
@@ -27,15 +27,20 @@
#include "cy_retarget_io.h"
#include "cybsp.h"
#include "cyhal_wdt.h"
-#include "cyw_20829_utils.h"
+#include "cyw_platform_utils.h"
#include "cy_service_app.h"
#else
#include "cy_retarget_io_pdl.h"
#include "cycfg_clocks.h"
#include "cycfg_peripherals.h"
-#endif /* CYW20829 */
+#if defined APP_CM0P || defined CM4
+#include "cyw_platform_utils.h"
+#endif /* defined APP_CM0P || defined CM4 */
+#endif /* defined CYW20829 || defined EXPLORER */
+#if defined(CY_BOOT_USE_EXTERNAL_FLASH) || defined(CYW20829)
#include "flash_qspi.h"
+#endif /* defined(CY_BOOT_USE_EXTERNAL_FLASH) || defined(CYW20829) */
#include "cycfg_pins.h"
#include "cy_result.h"
@@ -52,6 +57,15 @@
#include "watchdog.h"
+#ifdef USE_EXEC_TIME_CHECK
+#include "misc/timebase_us.h"
+#include "misc/exec_time_check.h"
+#endif /* USE_EXEC_TIME_CHECK */
+
+#ifdef USE_LOG_TIMESTAMP
+#include "timestamp.h"
+#endif /* USE_LOG_TIMESTAMP */
+
#define CY_RSLT_MODULE_MCUBOOTAPP 0x500U
#define CY_RSLT_MODULE_MCUBOOTAPP_MAIN 0x51U
@@ -97,7 +111,7 @@
#if defined(CY_BOOT_USE_EXTERNAL_FLASH) && !defined(MCUBOOT_ENC_IMAGES_XIP)
qspi_deinit(SMIF_ID);
#endif /* defined(CY_BOOT_USE_EXTERNAL_FLASH) && !defined(MCUBOOT_ENC_IMAGES_XIP) */
- cyw20829_RunApp(app_addr, key, iv);
+ platform_RunNextApp(app_addr, key, iv);
}
#if defined(CY_BOOT_USE_EXTERNAL_FLASH) && !defined(MCUBOOT_ENC_IMAGES_XIP)
CY_RAMFUNC_END /* SMIF will be deinitialized in this case! */
@@ -141,22 +155,53 @@
return false;
}
#endif /* MCUBOOT_ENC_IMAGES_XIP */
+
+
+#ifdef APP_CM33
/* This function does not return */
+ BOOT_LOG_INF("Launching app on CM33 core");
BOOT_LOG_INF(BOOT_MSG_FINISH);
hw_deinit();
cyw20829_launch_app(app_addr, key, iv);
#else
- /* This function turns on CM4 and returns */
- BOOT_LOG_INF(BOOT_MSG_FINISH);
+#error "Application should run on Cortex-M33"
+#endif /* APP_CM33 */
- hw_deinit();
+#else /* defined CYW20829 || defined EXPLORER */
+
#ifdef USE_XIP
BOOT_LOG_DBG("XIP: Switch to SMIF XIP mode");
qspi_set_mode(CY_SMIF_MEMORY);
-#endif
+#endif /* USE_XIP */
+
+#ifdef APP_CM4
+ /* This function turns on CM4 and returns */
+ BOOT_LOG_INF("Launching app on CM4 core");
+ BOOT_LOG_INF(BOOT_MSG_FINISH);
+ hw_deinit();
+#ifdef CM0P
Cy_SysEnableCM4(fih_uint_decode(app_addr));
return true;
-#endif /* CYW20829 */
+#else
+ psoc6_launch_cm4_app(app_addr);
+#endif /* CM0P */
+
+#elif defined APP_CM0P
+#ifdef CM0P
+ /* This function does not return */
+ BOOT_LOG_INF("Launching app on CM0P core");
+ BOOT_LOG_INF(BOOT_MSG_FINISH);
+ hw_deinit();
+ psoc6_launch_cm0p_app(app_addr);
+#else
+#error "Application should run on Cortex-M4"
+#endif /* CM0P */
+
+#else
+#error "Application should run on either Cortex-M0+ or Cortex-M4"
+#endif /* APP_CM4 */
+
+#endif /* defined CYW20829 */
} else {
BOOT_LOG_ERR("Flash device ID not found");
return false;
@@ -187,6 +232,15 @@
init_cycfg_peripherals();
init_cycfg_pins();
#endif /* CYW20829 */
+
+#ifdef USE_EXEC_TIME_CHECK
+ timebase_us_init();
+#endif /* USE_EXEC_TIME_CHECK */
+
+#ifdef USE_LOG_TIMESTAMP
+ log_timestamp_init();
+#endif /* USE_LOG_TIMESTAMP */
+
/* enable interrupts */
__enable_irq();
@@ -197,13 +251,12 @@
* to keep CM4 disabled. Note that debugging of CM4 is not supported when it
* is disabled.
*/
-#ifndef CYW20829
-#if defined(CY_DEVICE_PSOC6ABLE2)
+#if !defined CYW20829
+#if defined(CY_DEVICE_PSOC6ABLE2) && !defined(CM4)
if (CY_SYS_CM4_STATUS_ENABLED == Cy_SysGetCM4Status()) {
Cy_SysDisableCM4();
}
-#endif /* defined(CY_DEVICE_PSOC6ABLE2) */
-
+#endif /* defined(CY_DEVICE_PSOC6ABLE2) && !defined(CM4) */
/* Initialize retarget-io to use the debug UART port (CYBSP_UART_HW) */
rc = cy_retarget_io_pdl_init(CY_RETARGET_IO_BAUDRATE);
#else
@@ -251,7 +304,17 @@
#endif /* CYW20829 && MCUBOOT_HW_ROLLBACK_PROT */
(void)memset(&rsp, 0, sizeof(rsp));
- FIH_CALL(boot_go, fih_rc, &rsp);
+#ifdef USE_EXEC_TIME_CHECK
+ {
+ uint32_t exec_time;
+ EXEC_TIME_CHECK_BEGIN(&exec_time);
+#endif /* USE_EXEC_TIME_CHECK */
+ FIH_CALL(boot_go, fih_rc, &rsp);
+#ifdef USE_EXEC_TIME_CHECK
+ EXEC_TIME_CHECK_END();
+ BOOT_LOG_INF("Exec time: %" PRIu32 " [ms]", exec_time / 1000U);
+ }
+#endif /* USE_EXEC_TIME_CHECK */
if (true == fih_eq(fih_rc, FIH_SUCCESS)) {
BOOT_LOG_INF("User Application validated successfully");
/* initialize watchdog timer. it should be updated from user app
@@ -309,4 +372,12 @@
qspi_deinit(SMIF_ID);
#endif /* defined(CY_BOOT_USE_EXTERNAL_FLASH) && !defined(MCUBOOT_ENC_IMAGES_XIP) */
#endif /* CYW20829 */
+
+#ifdef USE_EXEC_TIME_CHECK
+ timebase_us_deinit();
+#endif /* USE_EXEC_TIME_CHECK */
+
+#ifdef USE_LOG_TIMESTAMP
+ log_timestamp_deinit();
+#endif /* USE_LOG_TIMESTAMP */
}
diff --git a/boot/cypress/MCUBootApp/misc/exec_time_check.h b/boot/cypress/MCUBootApp/misc/exec_time_check.h
new file mode 100644
index 0000000..55d71f2
--- /dev/null
+++ b/boot/cypress/MCUBootApp/misc/exec_time_check.h
@@ -0,0 +1,56 @@
+/* Copyright 2022, Infineon Technologies AG. All rights reserved.
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef EXEC_TIME_CHECK_H
+#define EXEC_TIME_CHECK_H
+
+#include "timebase_us.h"
+
+/*******************************************************************************
+* Macro Definition: EXEC_TIME_CHECK_BEGIN
+* Macro Definition: EXEC_TIME_CHECK_END
+****************************************************************************//**
+*
+* \param result
+* Execution time result in micro seconds. Shall be declared as 32 bit.
+*
+* \funcusage
+* {
+* uint32_t time;
+*
+* EXEC_TIME_CHECK_BEGIN(&time);
+* CyDelayUs(1000);
+* EXEC_TIME_CHECK_END();
+*
+* printf("%"PRIu32"\n", time);
+* }
+*
+*******************************************************************************/
+#define EXEC_TIME_CHECK_BEGIN(result) \
+ do { \
+ uint32_t* const exec_check_res = (result); \
+ uint32_t exec_check_start = timebase_us_get_tick()
+
+#define EXEC_TIME_CHECK_END() \
+ *exec_check_res = timebase_us_get_tick() - exec_check_start; \
+ } while(false)
+
+
+#endif /* EXEC_TIME_CHECK_H */
\ No newline at end of file
diff --git a/boot/cypress/MCUBootApp/misc/timebase_us.c b/boot/cypress/MCUBootApp/misc/timebase_us.c
new file mode 100644
index 0000000..dfe2ffd
--- /dev/null
+++ b/boot/cypress/MCUBootApp/misc/timebase_us.c
@@ -0,0 +1,99 @@
+/* Copyright 2022, Infineon Technologies AG. All rights reserved.
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#include "timebase_us.h"
+
+#include "cy_pdl.h"
+#include "bootutil/bootutil_log.h"
+
+static const cy_stc_tcpwm_counter_config_t tcpwm_config =
+{
+ .period = 0xFFFFFFFFU,
+ .clockPrescaler = CY_TCPWM_COUNTER_PRESCALER_DIVBY_8, /* Clk_counter = Clk_input / 4 */
+ .runMode = CY_TCPWM_COUNTER_CONTINUOUS, /* Wrap around at terminal count. */
+ .countDirection = CY_TCPWM_COUNTER_COUNT_UP, /* Up counter, counting from 0 to period value. */
+ .compareOrCapture = CY_TCPWM_COUNTER_MODE_COMPARE, /* Trigger interrupt/event signal when Counter value is equal to Compare0 */
+ .compare0 = 0U,
+ .compare1 = 0U,
+ .enableCompareSwap = false,
+ .interruptSources = CY_TCPWM_INT_NONE,
+ .captureInputMode = CY_TCPWM_INPUT_RISINGEDGE, /* This input is NOT used, leave it in default state (CY_TCPWM_INPUT_RISINGEDGE = 0UL) */
+ .captureInput = CY_TCPWM_INPUT_0,
+ .reloadInputMode = CY_TCPWM_INPUT_RISINGEDGE, /* This input is NOT used, leave it in default state (CY_TCPWM_INPUT_RISINGEDGE = 0UL) */
+ .reloadInput = CY_TCPWM_INPUT_0,
+ .startInputMode = CY_TCPWM_INPUT_RISINGEDGE, /* This input is NOT used, leave it in default state (CY_TCPWM_INPUT_RISINGEDGE = 0UL) */
+ .startInput = CY_TCPWM_INPUT_0,
+ .stopInputMode = CY_TCPWM_INPUT_RISINGEDGE, /* This input is NOT used, leave it in default state (CY_TCPWM_INPUT_RISINGEDGE = 0UL) */
+ .stopInput = CY_TCPWM_INPUT_0,
+ .countInputMode = CY_TCPWM_INPUT_LEVEL, /* Set this input to LEVEL and 1 (high logic level) */
+ .countInput = CY_TCPWM_INPUT_1 /* So the counter will count input clock periods (Clk_counter, taking into account the clock prescaler) */
+};
+
+/*******************************************************************************
+* Function Name: timebase_us_init
+****************************************************************************//**
+*
+* \brief Performs initialization of the TCPWM0 block as a microsecond time source.
+*
+*/
+void timebase_us_init(void)
+{
+#ifdef CYW20829
+ (void) Cy_SysClk_PeriphAssignDivider(PCLK_TCPWM0_CLOCK_COUNTER_EN0, CY_SYSCLK_DIV_8_BIT, 0UL);
+#else
+ (void) Cy_SysClk_PeriphAssignDivider(PCLK_TCPWM0_CLOCKS0, CY_SYSCLK_DIV_8_BIT, 0UL);
+#endif
+ (void) Cy_SysClk_PeriphSetDivider(CY_SYSCLK_DIV_8_BIT, 0UL, 0UL);
+ (void) Cy_SysClk_PeriphEnableDivider(CY_SYSCLK_DIV_8_BIT, 0UL);
+
+ (void) Cy_TCPWM_Counter_Init(TCPWM0, 0, &tcpwm_config);
+ Cy_TCPWM_Counter_Enable(TCPWM0, 0);
+ Cy_TCPWM_TriggerStart_Single(TCPWM0, 0);
+}
+
+/*******************************************************************************
+* Function Name: timebase_us_deinit
+****************************************************************************//**
+*
+* \brief Performs deinitialization of the TCPWM0.
+*
+*/
+void timebase_us_deinit(void)
+{
+ (void) Cy_SysClk_PeriphDisableDivider(CY_SYSCLK_DIV_8_BIT, 0UL);
+
+ Cy_TCPWM_Counter_DeInit(TCPWM0, 0, &tcpwm_config);
+ Cy_TCPWM_Counter_Disable(TCPWM0, 0);
+ Cy_TCPWM_TriggerStopOrKill_Single(TCPWM0, 0);
+}
+
+/*******************************************************************************
+* Function Name: timebase_us_get_tick
+****************************************************************************//**
+*
+* \brief Returns current timer counter value
+*
+* \return current timer counter value as uint32_t
+*
+*/
+uint32_t timebase_us_get_tick(void)
+{
+ return Cy_TCPWM_Counter_GetCounter(TCPWM0, 0);
+}
\ No newline at end of file
diff --git a/boot/cypress/MCUBootApp/misc/timebase_us.h b/boot/cypress/MCUBootApp/misc/timebase_us.h
new file mode 100644
index 0000000..79d1482
--- /dev/null
+++ b/boot/cypress/MCUBootApp/misc/timebase_us.h
@@ -0,0 +1,30 @@
+/* Copyright 2022, Infineon Technologies AG. All rights reserved.
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef TIMEBASE_US_H
+#define TIMEBASE_US_H
+
+#include <inttypes.h>
+
+void timebase_us_init(void);
+void timebase_us_deinit(void);
+uint32_t timebase_us_get_tick(void);
+
+#endif /* TIMEBASE_US_H */
\ No newline at end of file
diff --git a/boot/cypress/MCUBootApp/timestamp.h b/boot/cypress/MCUBootApp/timestamp.h
new file mode 100644
index 0000000..afd6460
--- /dev/null
+++ b/boot/cypress/MCUBootApp/timestamp.h
@@ -0,0 +1,74 @@
+/* Copyright 2022, Infineon Technologies AG. All rights reserved.
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef TIMESTAMP_H
+#define TIMESTAMP_H
+
+#include "cy_pdl.h"
+
+#define TIMESTAMP_SOURCE CY_SYSTICK_CLOCK_SOURCE_CLK_LF
+#define TIMESTAMP_DIVIDER (CY_SYSCLK_ILO_FREQ / 1000UL)
+
+/*******************************************************************************
+* Function Name: log_timestamp_get
+****************************************************************************//**
+*
+* \brief Get current timestamp counter value.
+*
+* \return Systic counter as timestamp reference.
+*/
+static inline uint32_t log_timestamp_get(void) {
+ return ((0x1000000UL - Cy_SysTick_GetValue()) / TIMESTAMP_DIVIDER);
+}
+
+/*******************************************************************************
+* Function Name: log_timestamp_reset
+****************************************************************************//**
+*
+* \brief Reset timestamp counter.
+*/
+static inline void log_timestamp_reset(void) {
+ Cy_SysTick_Init(TIMESTAMP_SOURCE, 0xFFFFFFu);
+ Cy_SysTick_DisableInterrupt();
+}
+
+/*******************************************************************************
+* Function Name: log_timestamp_init
+****************************************************************************//**
+*
+* \brief Initializate timestamp counter and SysTick timebase.
+*/
+static inline void log_timestamp_init(void) {
+ log_timestamp_reset();
+ Cy_SysTick_Clear();
+}
+
+/*******************************************************************************
+* Function Name: log_timestamp_deinit
+****************************************************************************//**
+*
+* \brief Deinitializate timestamp counter and SysTick timebase.
+*/
+static inline void log_timestamp_deinit(void) {
+ Cy_SysTick_Disable();
+ Cy_SysTick_Clear();
+}
+
+#endif /* TIMESTAMP_H */