David Vincze | 03368b8 | 2020-04-01 12:53:53 +0200 | [diff] [blame] | 1 | # Copyright (c) 2017-2020 Linaro Limited |
David Vincze | c308413 | 2020-02-18 14:50:47 +0100 | [diff] [blame] | 2 | # Copyright (c) 2020 Arm Limited |
Andrzej Puzdrowski | 64ad092 | 2017-09-22 11:33:41 +0200 | [diff] [blame] | 3 | # |
| 4 | # SPDX-License-Identifier: Apache-2.0 |
| 5 | # |
| 6 | |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 7 | mainmenu "MCUboot configuration" |
Andrzej Puzdrowski | 64ad092 | 2017-09-22 11:33:41 +0200 | [diff] [blame] | 8 | |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 9 | comment "MCUboot-specific configuration options" |
Andrzej Puzdrowski | 64ad092 | 2017-09-22 11:33:41 +0200 | [diff] [blame] | 10 | |
Emanuele Di Santo | 865777d | 2018-11-08 11:28:15 +0100 | [diff] [blame] | 11 | # Hidden option to mark a project as MCUboot |
| 12 | config MCUBOOT |
| 13 | default y |
| 14 | bool |
Rajavardhan Gundi | 07ba28f | 2018-12-10 15:44:48 +0530 | [diff] [blame] | 15 | select MPU_ALLOW_FLASH_WRITE if ARM_MPU |
Marcin Niestroj | c6be76a | 2020-03-22 14:39:35 +0100 | [diff] [blame] | 16 | select USE_DT_CODE_PARTITION if HAS_FLASH_LOAD_OFFSET |
Emanuele Di Santo | 865777d | 2018-11-08 11:28:15 +0100 | [diff] [blame] | 17 | |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 18 | config BOOT_USE_MBEDTLS |
| 19 | bool |
| 20 | # Hidden option |
| 21 | default n |
| 22 | help |
| 23 | Use mbedTLS for crypto primitives. |
| 24 | |
| 25 | config BOOT_USE_TINYCRYPT |
| 26 | bool |
| 27 | # Hidden option |
| 28 | default n |
Sebastian Bøe | 913a385 | 2019-01-22 13:53:12 +0100 | [diff] [blame] | 29 | # When building for ECDSA, we use our own copy of mbedTLS, so the |
| 30 | # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros |
| 31 | # will collide. |
| 32 | depends on ! MBEDTLS |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 33 | help |
| 34 | Use TinyCrypt for crypto primitives. |
| 35 | |
Sigvart Hovland | ebd0503 | 2019-03-21 10:47:32 +0100 | [diff] [blame] | 36 | config BOOT_USE_CC310 |
| 37 | bool |
| 38 | # Hidden option |
| 39 | default n |
| 40 | # When building for ECDSA, we use our own copy of mbedTLS, so the |
| 41 | # Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros |
| 42 | # will collide. |
| 43 | depends on ! MBEDTLS |
| 44 | help |
| 45 | Use cc310 for crypto primitives. |
| 46 | |
| 47 | config BOOT_USE_NRF_CC310_BL |
| 48 | bool |
| 49 | default n |
| 50 | |
| 51 | config NRFXLIB_CRYPTO |
| 52 | bool |
| 53 | default n |
| 54 | |
| 55 | config NRF_CC310_BL |
| 56 | bool |
| 57 | default n |
| 58 | |
Andrzej Puzdrowski | 9754328 | 2018-04-12 15:16:56 +0200 | [diff] [blame] | 59 | menu "MCUBoot settings" |
| 60 | |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 61 | choice |
| 62 | prompt "Signature type" |
| 63 | default BOOT_SIGNATURE_TYPE_RSA |
| 64 | |
Arvin Farahmand | fb5ec18 | 2020-05-05 11:44:12 -0400 | [diff] [blame] | 65 | config BOOT_SIGNATURE_TYPE_NONE |
| 66 | bool "No signature; use only hash check" |
| 67 | select BOOT_USE_TINYCRYPT |
| 68 | |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 69 | config BOOT_SIGNATURE_TYPE_RSA |
| 70 | bool "RSA signatures" |
| 71 | select BOOT_USE_MBEDTLS |
Marti Bolivar | a4818a5 | 2018-04-12 13:02:38 -0400 | [diff] [blame] | 72 | select MBEDTLS |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 73 | |
Fabio Utzig | 105b59a | 2019-05-13 15:08:12 -0700 | [diff] [blame] | 74 | if BOOT_SIGNATURE_TYPE_RSA |
| 75 | config BOOT_SIGNATURE_TYPE_RSA_LEN |
| 76 | int "RSA signature length" |
| 77 | range 2048 3072 |
| 78 | default 2048 |
| 79 | endif |
| 80 | |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 81 | config BOOT_SIGNATURE_TYPE_ECDSA_P256 |
| 82 | bool "Elliptic curve digital signatures with curve P-256" |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 83 | |
Sigvart Hovland | ebd0503 | 2019-03-21 10:47:32 +0100 | [diff] [blame] | 84 | if BOOT_SIGNATURE_TYPE_ECDSA_P256 |
| 85 | choice |
| 86 | prompt "Ecdsa implementation" |
Fabio Utzig | 34e93a5 | 2020-02-03 09:59:53 -0300 | [diff] [blame] | 87 | default BOOT_ECDSA_TINYCRYPT |
| 88 | config BOOT_ECDSA_TINYCRYPT |
Sigvart Hovland | ebd0503 | 2019-03-21 10:47:32 +0100 | [diff] [blame] | 89 | bool "Use tinycrypt" |
| 90 | select BOOT_USE_TINYCRYPT |
| 91 | config BOOT_CC310 |
| 92 | bool "Use CC310" |
| 93 | select BOOT_USE_NRF_CC310_BL if HAS_HW_NRF_CC310 |
| 94 | select NRF_CC310_BL if HAS_HW_NRF_CC310 |
| 95 | select NRFXLIB_CRYPTO if SOC_FAMILY_NRF |
| 96 | select BOOT_USE_CC310 |
| 97 | endchoice |
| 98 | endif |
Fabio Utzig | 34e93a5 | 2020-02-03 09:59:53 -0300 | [diff] [blame] | 99 | |
| 100 | config BOOT_SIGNATURE_TYPE_ED25519 |
| 101 | bool "Edwards curve digital signatures using ed25519" |
| 102 | |
| 103 | if BOOT_SIGNATURE_TYPE_ED25519 |
| 104 | choice |
| 105 | prompt "Ecdsa implementation" |
| 106 | default BOOT_ED25519_TINYCRYPT |
| 107 | config BOOT_ED25519_TINYCRYPT |
| 108 | bool "Use tinycrypt" |
| 109 | select BOOT_USE_TINYCRYPT |
| 110 | config BOOT_ED25519_MBEDTLS |
| 111 | bool "Use mbedTLS" |
| 112 | select BOOT_USE_MBEDTLS |
| 113 | select MBEDTLS |
| 114 | endchoice |
| 115 | endif |
| 116 | |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 117 | endchoice |
| 118 | |
Fabio Utzig | c690c76 | 2018-04-26 10:51:09 -0300 | [diff] [blame] | 119 | config BOOT_SIGNATURE_KEY_FILE |
| 120 | string "PEM key file" |
| 121 | default "" |
| 122 | help |
| 123 | The key file will be parsed by imgtool's getpub command and a .c source |
| 124 | with the public key information will be written in a format expected by |
| 125 | MCUboot. |
| 126 | |
Andrzej Puzdrowski | 9a605b6 | 2020-03-16 13:34:30 +0100 | [diff] [blame] | 127 | config MCUBOOT_CLEANUP_ARM_CORE |
| 128 | bool "Perform core cleanup before chain-load the application" |
| 129 | depends on CPU_CORTEX_M |
| 130 | default y |
| 131 | |
Marti Bolivar | a4818a5 | 2018-04-12 13:02:38 -0400 | [diff] [blame] | 132 | config MBEDTLS_CFG_FILE |
| 133 | default "mcuboot-mbedtls-cfg.h" |
| 134 | |
David Vincze | 03368b8 | 2020-04-01 12:53:53 +0200 | [diff] [blame] | 135 | config BOOT_HW_KEY |
| 136 | bool "Use HW key for image verification" |
| 137 | default n |
| 138 | help |
| 139 | Use HW key for image verification, otherwise the public key is embedded |
| 140 | in MCUBoot. If enabled the public key is appended to the signed image |
| 141 | and requires the hash of the public key to be provisioned to the device |
| 142 | beforehand. |
| 143 | |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 144 | config BOOT_VALIDATE_SLOT0 |
David Vincze | 2d736ad | 2019-02-18 11:50:22 +0100 | [diff] [blame] | 145 | bool "Validate image in the primary slot on every boot" |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 146 | default y |
| 147 | help |
David Vincze | 2d736ad | 2019-02-18 11:50:22 +0100 | [diff] [blame] | 148 | If y, the bootloader attempts to validate the signature of the |
| 149 | primary slot every boot. This adds the signature check time to |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 150 | every boot, but can mitigate against some changes that are |
| 151 | able to modify the flash image itself. |
| 152 | |
| 153 | config BOOT_UPGRADE_ONLY |
| 154 | bool "Overwrite image updates instead of swapping" |
| 155 | default n |
| 156 | help |
David Vincze | 2d736ad | 2019-02-18 11:50:22 +0100 | [diff] [blame] | 157 | If y, overwrite the primary slot with the upgrade image instead |
| 158 | of swapping them. This prevents the fallback recovery, but |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 159 | uses a much simpler code path. |
| 160 | |
Fabio Utzig | c58842e | 2019-11-28 10:30:01 -0300 | [diff] [blame] | 161 | config BOOT_SWAP_USING_MOVE |
Fabio Utzig | dd2b680 | 2020-01-06 09:10:45 -0300 | [diff] [blame] | 162 | bool "Swap mode that can run without a scratch partition" |
Håkon Øye Amundsen | 09be783 | 2020-01-24 14:34:49 +0000 | [diff] [blame] | 163 | default y if SOC_FAMILY_NRF |
Fabio Utzig | c58842e | 2019-11-28 10:30:01 -0300 | [diff] [blame] | 164 | default n |
| 165 | help |
| 166 | If y, the swap upgrade is done in two steps, where first every |
| 167 | sector of the primary slot is moved up one sector, then for |
| 168 | each sector X in the secondary slot, it is moved to index X in |
| 169 | the primary slot, then the sector at X+1 in the primary is |
| 170 | moved to index X in the secondary. |
| 171 | This allows a swap upgrade without using a scratch partition, |
| 172 | but is currently limited to all sectors in both slots being of |
| 173 | the same size. |
| 174 | |
Fabio Utzig | d0533ed | 2018-12-19 07:56:33 -0200 | [diff] [blame] | 175 | config BOOT_BOOTSTRAP |
Sam Bristow | d0ca0ff | 2019-10-30 20:51:35 +1300 | [diff] [blame] | 176 | bool "Bootstrap erased the primary slot from the secondary slot" |
Fabio Utzig | d0533ed | 2018-12-19 07:56:33 -0200 | [diff] [blame] | 177 | default n |
| 178 | help |
| 179 | If y, enables bootstraping support. Bootstrapping allows an erased |
David Vincze | 2d736ad | 2019-02-18 11:50:22 +0100 | [diff] [blame] | 180 | primary slot to be initialized from a valid image in the secondary slot. |
Fabio Utzig | d0533ed | 2018-12-19 07:56:33 -0200 | [diff] [blame] | 181 | If unsure, leave at the default value. |
| 182 | |
Fabio Utzig | ca8ead2 | 2019-12-20 07:06:04 -0300 | [diff] [blame] | 183 | config BOOT_SWAP_SAVE_ENCTLV |
| 184 | bool "Save encrypted key TLVs instead of plaintext keys in swap metadata" |
| 185 | default n |
| 186 | help |
| 187 | If y, instead of saving the encrypted image keys in plaintext in the |
| 188 | swap resume metadata, save the encrypted image TLVs. This should be used |
| 189 | when there is no security mechanism protecting the data in the primary |
| 190 | slot from being dumped. If n is selected (default), the keys are written |
| 191 | after being decrypted from the image TLVs and could be read by an |
| 192 | attacker who has access to the flash contents of the primary slot (eg |
| 193 | JTAG/SWD or primary slot in external flash). |
| 194 | If unsure, leave at the default value. |
| 195 | |
Fabio Utzig | 5fe874c | 2018-08-31 07:41:50 -0300 | [diff] [blame] | 196 | config BOOT_ENCRYPT_RSA |
Fabio Utzig | 42cc29a | 2019-11-05 07:54:41 -0300 | [diff] [blame] | 197 | bool "Support for encrypted upgrade images using RSA" |
Fabio Utzig | 5fe874c | 2018-08-31 07:41:50 -0300 | [diff] [blame] | 198 | default n |
| 199 | help |
David Vincze | 2d736ad | 2019-02-18 11:50:22 +0100 | [diff] [blame] | 200 | If y, images in the secondary slot can be encrypted and are decrypted |
| 201 | on the fly when upgrading to the primary slot, as well as encrypted |
Fabio Utzig | 42cc29a | 2019-11-05 07:54:41 -0300 | [diff] [blame] | 202 | back when swapping from the primary slot to the secondary slot. The |
| 203 | encryption mechanism used in this case is RSA-OAEP (2048 bits). |
| 204 | |
| 205 | config BOOT_ENCRYPT_EC256 |
| 206 | bool "Support for encrypted upgrade images using ECIES-P256" |
| 207 | default n |
| 208 | help |
| 209 | If y, images in the secondary slot can be encrypted and are decrypted |
| 210 | on the fly when upgrading to the primary slot, as well as encrypted |
| 211 | back when swapping from the primary slot to the secondary slot. The |
| 212 | encryption mechanism used in this case is ECIES using primitives |
| 213 | described under "ECIES-P256 encryption" in docs/encrypted_images.md. |
Fabio Utzig | 5fe874c | 2018-08-31 07:41:50 -0300 | [diff] [blame] | 214 | |
Fabio Utzig | b6f014c | 2020-04-02 13:25:01 -0300 | [diff] [blame] | 215 | config BOOT_ENCRYPT_X25519 |
| 216 | bool "Support for encrypted upgrade images using ECIES-X25519" |
| 217 | default n |
| 218 | help |
| 219 | If y, images in the secondary slot can be encrypted and are decrypted |
| 220 | on the fly when upgrading to the primary slot, as well as encrypted |
| 221 | back when swapping from the primary slot to the secondary slot. The |
| 222 | encryption mechanism used in this case is ECIES using primitives |
| 223 | described under "ECIES-X25519 encryption" in docs/encrypted_images.md. |
| 224 | |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 225 | config BOOT_MAX_IMG_SECTORS |
| 226 | int "Maximum number of sectors per image slot" |
| 227 | default 128 |
| 228 | help |
| 229 | This option controls the maximum number of sectors that each of |
| 230 | the two image areas can contain. Smaller values reduce MCUboot's |
| 231 | memory usage; larger values allow it to support larger images. |
| 232 | If unsure, leave at the default value. |
| 233 | |
Emanuele Di Santo | 205c8c6 | 2018-07-20 11:42:31 +0200 | [diff] [blame] | 234 | config BOOT_ERASE_PROGRESSIVELY |
| 235 | bool "Erase flash progressively when receiving new firmware" |
| 236 | default y if SOC_NRF52840 |
| 237 | help |
| 238 | If enabled, flash is erased as necessary when receiving new firmware, |
| 239 | instead of erasing the whole image slot at once. This is necessary |
| 240 | on some hardware that has long erase times, to prevent long wait |
| 241 | times at the beginning of the DFU process. |
| 242 | |
David Vincze | 1cf11b5 | 2020-03-24 07:51:09 +0100 | [diff] [blame] | 243 | config MEASURED_BOOT |
| 244 | bool "Store the boot state/measurements in shared memory" |
| 245 | default n |
| 246 | help |
| 247 | If enabled, the bootloader will store certain boot measurements such as |
| 248 | the hash of the firmware image in a shared memory area. This data can |
| 249 | be used later by runtime services (e.g. by a device attestation service). |
| 250 | |
| 251 | config BOOT_SHARE_DATA |
| 252 | bool "Save application specific data in shared memory area" |
| 253 | default n |
| 254 | |
Rajavardhan Gundi | 51c9d70 | 2019-02-20 14:08:52 +0530 | [diff] [blame] | 255 | config BOOT_WAIT_FOR_USB_DFU |
| 256 | bool "Wait for a prescribed duration to see if USB DFU is invoked" |
| 257 | default n |
| 258 | select USB |
| 259 | select USB_DFU_CLASS |
| 260 | select IMG_MANAGER |
| 261 | help |
| 262 | If y, MCUboot waits for a prescribed duration of time to allow |
| 263 | for USB DFU to be invoked. Please note DFU always updates the |
| 264 | slot1 image. |
| 265 | |
Marti Bolivar | bc2fa4e | 2018-04-12 12:18:32 -0400 | [diff] [blame] | 266 | config ZEPHYR_TRY_MASS_ERASE |
| 267 | bool "Try to mass erase flash when flashing MCUboot image" |
| 268 | default y |
| 269 | help |
| 270 | If y, attempt to configure the Zephyr build system's "flash" |
| 271 | target to mass-erase the flash device before flashing the |
| 272 | MCUboot image. This ensures the scratch and other partitions |
| 273 | are in a consistent state. |
| 274 | |
| 275 | This is not available for all targets. |
| 276 | |
David Brown | f6d14c2 | 2019-12-10 15:36:36 -0700 | [diff] [blame] | 277 | config BOOT_USE_BENCH |
| 278 | bool "Enable benchmark code" |
| 279 | default n |
| 280 | help |
| 281 | If y, adds support for simple benchmarking that can record |
| 282 | time intervals between two calls. The time printed depends |
| 283 | on the particular Zephyr target, and is generally ticks of a |
| 284 | specific board-specific timer. |
| 285 | |
Michael Scott | 74ceae5 | 2019-02-01 14:01:09 -0800 | [diff] [blame] | 286 | module = MCUBOOT |
Piotr Mienkowski | 15aa6ef | 2019-04-08 22:48:15 +0200 | [diff] [blame] | 287 | module-str = MCUBoot bootloader |
Michael Scott | 74ceae5 | 2019-02-01 14:01:09 -0800 | [diff] [blame] | 288 | source "subsys/logging/Kconfig.template.log_config" |
Michael Scott | 74ceae5 | 2019-02-01 14:01:09 -0800 | [diff] [blame] | 289 | |
Andrzej Puzdrowski | af14853 | 2020-02-25 12:51:26 +0100 | [diff] [blame] | 290 | config MCUBOOT_LOG_THREAD_STACK_SIZE |
| 291 | int "Stack size for the MCUBoot log processing thread" |
| 292 | depends on LOG && !LOG_IMMEDIATE |
| 293 | default 2048 if COVERAGE_GCOV |
| 294 | default 1024 if NO_OPTIMIZATIONS |
| 295 | default 1024 if XTENSA |
| 296 | default 4096 if (X86 && X86_64) |
| 297 | default 4096 if ARM64 |
| 298 | default 768 |
| 299 | help |
| 300 | Set the internal stack size for MCUBoot log processing thread. |
| 301 | |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 302 | menuconfig MCUBOOT_SERIAL |
| 303 | bool "MCUboot serial recovery" |
| 304 | default n |
| 305 | select REBOOT |
Emanuele Di Santo | 30a9265 | 2019-01-16 14:01:08 +0100 | [diff] [blame] | 306 | select GPIO |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 307 | select SERIAL |
Emanuele Di Santo | 30a9265 | 2019-01-16 14:01:08 +0100 | [diff] [blame] | 308 | select UART_INTERRUPT_DRIVEN |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 309 | select BASE64 |
| 310 | select TINYCBOR |
| 311 | help |
| 312 | If y, enables a serial-port based update mode. This allows |
| 313 | MCUboot itself to load update images into flash over a UART. |
| 314 | If unsure, leave at the default value. |
| 315 | |
| 316 | if MCUBOOT_SERIAL |
| 317 | |
Emanuele Di Santo | c4bf780 | 2018-07-20 11:39:57 +0200 | [diff] [blame] | 318 | choice |
| 319 | prompt "Serial device" |
Andrzej Puzdrowski | f4a9a9d | 2020-04-24 12:31:51 +0200 | [diff] [blame] | 320 | default BOOT_SERIAL_UART if !BOARD_NRF52840DONGLE_NRF52840 |
| 321 | default BOOT_SERIAL_CDC_ACM if BOARD_NRF52840DONGLE_NRF52840 |
Emanuele Di Santo | c4bf780 | 2018-07-20 11:39:57 +0200 | [diff] [blame] | 322 | |
| 323 | config BOOT_SERIAL_UART |
| 324 | bool "UART" |
| 325 | # SERIAL and UART_INTERRUPT_DRIVEN already selected |
| 326 | |
| 327 | config BOOT_SERIAL_CDC_ACM |
| 328 | bool "CDC ACM" |
| 329 | select USB |
| 330 | select USB_DEVICE_STACK |
| 331 | select USB_CDC_ACM |
| 332 | |
| 333 | endchoice |
| 334 | |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 335 | config BOOT_MAX_LINE_INPUT_LEN |
| 336 | int "Maximum command line length" |
| 337 | default 512 |
| 338 | help |
| 339 | Maximum length of commands transported over the serial port. |
| 340 | |
| 341 | config BOOT_SERIAL_DETECT_PORT |
| 342 | string "GPIO device to trigger serial recovery mode" |
| 343 | default GPIO_0 if SOC_FAMILY_NRF |
| 344 | help |
| 345 | Zephyr GPIO device which contains the pin used to trigger |
| 346 | serial recovery mode. |
| 347 | |
| 348 | config BOOT_SERIAL_DETECT_PIN |
| 349 | int "Pin to trigger serial recovery mode" |
Andrzej Puzdrowski | f4a9a9d | 2020-04-24 12:31:51 +0200 | [diff] [blame] | 350 | default 6 if BOARD_NRF9160DK_NRF9160 |
Andrzej Puzdrowski | fefdea2 | 2020-03-27 09:41:14 +0100 | [diff] [blame] | 351 | default 11 if BOARD_NRF52840DK_NRF52840 |
Andrzej Puzdrowski | f4a9a9d | 2020-04-24 12:31:51 +0200 | [diff] [blame] | 352 | default 13 if BOARD_NRF52DK_NRF52832 |
Håkon Øye Amundsen | 6fc2595 | 2020-01-02 15:15:42 +0000 | [diff] [blame] | 353 | default 23 if BOARD_NRF5340_DK_NRF5340_CPUAPP || BOARD_NRF5340_DK_NRF5340_CPUAPPNS |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 354 | help |
| 355 | Pin on the serial detect port which triggers serial recovery mode. |
| 356 | |
| 357 | config BOOT_SERIAL_DETECT_PIN_VAL |
| 358 | int "Serial detect pin trigger value" |
| 359 | default 0 |
| 360 | range 0 1 |
| 361 | help |
| 362 | Logic value of the detect pin which triggers serial recovery |
| 363 | mode. |
| 364 | |
Andrzej Puzdrowski | f000480 | 2019-10-01 14:13:35 +0200 | [diff] [blame] | 365 | # Workaround for not being able to have commas in macro arguments |
| 366 | DT_CHOSEN_Z_CONSOLE := zephyr,console |
| 367 | |
| 368 | config RECOVERY_UART_DEV_NAME |
| 369 | string "UART Device Name for Recovery UART" |
| 370 | default "$(dt_chosen_label,$(DT_CHOSEN_Z_CONSOLE))" if HAS_DTS |
| 371 | default "UART_0" |
| 372 | depends on BOOT_SERIAL_UART |
| 373 | help |
| 374 | This option specifies the name of UART device to be used for |
| 375 | serial recovery. |
| 376 | |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 377 | endif # MCUBOOT_SERIAL |
Andrzej Puzdrowski | 64ad092 | 2017-09-22 11:33:41 +0200 | [diff] [blame] | 378 | |
Andrzej Puzdrowski | 9754328 | 2018-04-12 15:16:56 +0200 | [diff] [blame] | 379 | endmenu |
| 380 | |
Carles Cufi | 84ede58 | 2018-01-29 15:12:00 +0100 | [diff] [blame] | 381 | config MCUBOOT_DEVICE_SETTINGS |
| 382 | # Hidden selector for device-specific settings |
| 383 | bool |
| 384 | default y |
| 385 | # CPU options |
| 386 | select MCUBOOT_DEVICE_CPU_CORTEX_M0 if CPU_CORTEX_M0 |
Carles Cufi | 67c792e | 2018-01-29 15:14:31 +0100 | [diff] [blame] | 387 | # Enable flash page layout if available |
| 388 | select FLASH_PAGE_LAYOUT if FLASH_HAS_PAGE_LAYOUT |
Andrzej Puzdrowski | b788c71 | 2018-04-12 12:42:49 +0200 | [diff] [blame] | 389 | # Enable flash_map module as flash I/O back-end |
| 390 | select FLASH_MAP |
Carles Cufi | 84ede58 | 2018-01-29 15:12:00 +0100 | [diff] [blame] | 391 | |
| 392 | config MCUBOOT_DEVICE_CPU_CORTEX_M0 |
| 393 | # Hidden selector for Cortex-M0 settings |
| 394 | bool |
| 395 | default n |
| 396 | select SW_VECTOR_RELAY if !CPU_CORTEX_M0_HAS_VECTOR_TABLE_REMAP |
| 397 | |
Marti Bolivar | 0e091c9 | 2018-04-12 11:23:16 -0400 | [diff] [blame] | 398 | comment "Zephyr configuration options" |
Andrzej Puzdrowski | 64ad092 | 2017-09-22 11:33:41 +0200 | [diff] [blame] | 399 | |
Marti Bolivar | f84cc4b | 2019-08-20 16:06:56 -0700 | [diff] [blame] | 400 | # Disabling MULTITHREADING provides a code size advantage, but |
| 401 | # it requires peripheral drivers (particularly a flash driver) |
| 402 | # that works properly with the option enabled. |
| 403 | # |
| 404 | # If you know for sure that your hardware will work, you can default |
| 405 | # it to n here. Otherwise, having it on by default makes the most |
| 406 | # hardware work. |
| 407 | config MULTITHREADING |
Andrzej Puzdrowski | 9a4946c | 2020-02-20 12:39:12 +0100 | [diff] [blame] | 408 | default y if BOOT_SERIAL_CDC_ACM #usb driver requires MULTITHREADING |
Marti Bolivar | f84cc4b | 2019-08-20 16:06:56 -0700 | [diff] [blame] | 409 | default n if SOC_FAMILY_NRF |
| 410 | default y |
| 411 | |
Andrzej Puzdrowski | 9a4946c | 2020-02-20 12:39:12 +0100 | [diff] [blame] | 412 | config LOG_IMMEDIATE |
| 413 | default n if MULTITHREADING |
Andrzej Puzdrowski | 3f092bd | 2020-02-17 13:25:32 +0100 | [diff] [blame] | 414 | default y |
| 415 | |
| 416 | config LOG_PROCESS_THREAD |
| 417 | default n # mcuboot has its own log processing thread |
| 418 | |
| 419 | # override USB device name |
| 420 | config USB_DEVICE_PRODUCT |
| 421 | default "MCUBOOT" |
Andrzej Puzdrowski | 9a4946c | 2020-02-20 12:39:12 +0100 | [diff] [blame] | 422 | |
Håkon Øye Amundsen | 954dd2b | 2019-09-23 09:24:13 +0000 | [diff] [blame] | 423 | config UPDATEABLE_IMAGE_NUMBER |
| 424 | int "Number of updateable images" |
| 425 | default 1 |
| 426 | help |
| 427 | Enables support of multi image update. |
| 428 | |
David Vincze | c308413 | 2020-02-18 14:50:47 +0100 | [diff] [blame] | 429 | choice |
| 430 | prompt "Downgrade prevention" |
| 431 | optional |
| 432 | |
Håkon Øye Amundsen | 2d1bac1 | 2020-01-03 13:08:09 +0000 | [diff] [blame] | 433 | config MCUBOOT_DOWNGRADE_PREVENTION |
David Vincze | c308413 | 2020-02-18 14:50:47 +0100 | [diff] [blame] | 434 | bool "SW based downgrade prevention" |
Håkon Øye Amundsen | 2d1bac1 | 2020-01-03 13:08:09 +0000 | [diff] [blame] | 435 | depends on BOOT_UPGRADE_ONLY |
| 436 | help |
| 437 | Prevent downgrades by enforcing incrementing version numbers. |
| 438 | When this option is set, any upgrade must have greater major version |
| 439 | or greater minor version with equal major version. This mechanism |
| 440 | only protects against some attacks against version downgrades (for |
| 441 | example, a JTAG could be used to write an older version). |
| 442 | |
David Vincze | c308413 | 2020-02-18 14:50:47 +0100 | [diff] [blame] | 443 | config MCUBOOT_HW_DOWNGRADE_PREVENTION |
| 444 | bool "HW based downgrade prevention" |
| 445 | help |
| 446 | Prevent undesirable/malicious software downgrades. When this option is |
| 447 | set, any upgrade must have greater or equal security counter value. |
| 448 | Because of the acceptance of equal values it allows for software |
| 449 | downgrade to some extent. |
| 450 | |
| 451 | endchoice |
| 452 | |
Robert Lubos | 1b19d2a | 2020-01-31 14:05:35 +0100 | [diff] [blame] | 453 | source "Kconfig.zephyr" |