boot: Add ram-load upgrade mode

This patch introduces the ram-load mode in addition to the other
upgrade modes (swap strategies, overwrite-only, direct-XIP). When
ram-load is enabled with the MCUBOOT_RAM_LOAD option, mcuboot
selects the newest valid image based on the image version numbers from
the image header, thereafter the selected image loaded to the RAM and
executed from there. Load address is extracted from the image header.
Therefore the images must be linked to the RAM memory region.
The ram-load mode is very similar to the direct-XIP mode, main
difference is to load the newest image to the RAM beforehand the
authentication and execution. Similar to direct-XIP mode either
of the primary and the secondary slots can hold the active image.

Ram-load can be useful in case of a bit more powerful SoC, which
is not constrained in terms of internal RAM. It could be that image
is stored in external and therefore untrusted flash. Loading image
to internal (trusted) RAM is essential from the security point
of view the system. Furthermore execution from internal RAM is much
faster than from external flash.

This patch is based on the RAM_LOADING upgrade strategy which was
first introduced in the Trusted Firmware-M project.
Source TF-M version: TF-Mv1.0.

Change-Id: I95f02ff07c1dee51244ac372284f449c2efab362
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
9 files changed
tree: a2202d5967cf29f7cc64823f2ed8c81e883ab2fc
  1. boot/
  2. ci/
  3. docs/
  4. ext/
  5. ptest/
  6. samples/
  7. scripts/
  8. sim/
  9. testplan/
  10. zephyr/
  11. .gitignore
  12. .gitmodules
  13. .travis.yml
  14. enc-aes128kw.b64
  15. enc-ec256-priv.pem
  16. enc-ec256-pub.pem
  17. enc-rsa2048-priv.pem
  18. enc-rsa2048-pub.pem
  19. enc-x25519-priv.pem
  20. enc-x25519-pub.pem
  21. LICENSE
  22. NOTICE
  23. project.yml
  24. README.md
  25. repository.yml
  26. root-ec-p256-pkcs8.pem
  27. root-ec-p256.pem
  28. root-ed25519.pem
  29. root-rsa-2048.pem
  30. root-rsa-3072.pem
README.md

mcuboot

Coverity Scan Build Status Build/Test

This is mcuboot version 1.6.0

MCUboot is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to define a common infrastructure for the bootloader, system flash layout on microcontroller systems, and to provide a secure bootloader that enables simple software upgrades.

MCUboot is operating system and hardware independent and relies on hardware porting layers from the operating. Currently, mcuboot works with both the Apache Mynewt and Zephyr operating systems, but more ports are planned in the future. RIOT is currently supported as a boot target with a complete port planned.

Using MCUboot

Instructions for different operating systems can be found here:

Roadmap

The issues being planned and worked on are tracked using GitHub issues. To participate please visit:

MCUBoot GitHub Issues

Issues were previously tracked on MCUboot JIRA , but it is now deprecated.

Browsing

Information and documentation on the bootloader are stored within the source.

It was previously also documented on confluence: MCUBoot Confluence however, it is now deprecated and not currently maintained

For more information in the source, here are some pointers:

  • boot/bootutil: The core of the bootloader itself.
  • boot/boot_serial: Support for serial upgrade within the bootloader itself.
  • boot/zephyr: Port of the bootloader to Zephyr
  • boot/mynewt: Mynewt bootloader app
  • imgtool: A tool to securely sign firmware images for booting by mcuboot.
  • sim: A bootloader simulator for testing and regression

Joining

Developers welcome!