forked from nrfconnect/sdk-mcuboot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Kconfig
241 lines (198 loc) · 6.22 KB
/
Kconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
# Copyright (c) 2017 Linaro Limited
#
# SPDX-License-Identifier: Apache-2.0
#
mainmenu "MCUboot configuration"
comment "MCUboot-specific configuration options"
# Hidden option to mark a project as MCUboot
config MCUBOOT
default y
bool
select MPU_ALLOW_FLASH_WRITE if ARM_MPU
if BOARD_HAS_NRF5_BOOTLOADER
# When compiling MCUBoot, the image will be linked to the boot partition.
# Override .text offset to make sure it is set to zero.
# This is necessary when other bootloaders set a different default for
# application images which are not bootloaders.
config TEXT_SECTION_OFFSET
default 0x00
endif # BOARD_HAS_NRF5_BOOTLOADER
config BOOT_USE_MBEDTLS
bool
# Hidden option
default n
help
Use mbedTLS for crypto primitives.
config BOOT_USE_TINYCRYPT
bool
# Hidden option
default n
# When building for ECDSA, we use our own copy of mbedTLS, so the
# Zephyr one must not be enabled or the MBEDTLS_CONFIG_FILE macros
# will collide.
depends on ! MBEDTLS
help
Use TinyCrypt for crypto primitives.
menu "MCUBoot settings"
choice
prompt "Signature type"
default BOOT_SIGNATURE_TYPE_RSA
config BOOT_SIGNATURE_TYPE_RSA
bool "RSA signatures"
select BOOT_USE_MBEDTLS
select MBEDTLS
config BOOT_SIGNATURE_TYPE_ECDSA_P256
bool "Elliptic curve digital signatures with curve P-256"
select BOOT_USE_TINYCRYPT
endchoice
config BOOT_SIGNATURE_KEY_FILE
string "PEM key file"
default ""
help
The key file will be parsed by imgtool's getpub command and a .c source
with the public key information will be written in a format expected by
MCUboot.
config MBEDTLS_CFG_FILE
default "mcuboot-mbedtls-cfg.h"
config BOOT_VALIDATE_SLOT0
bool "Validate image slot 0 on every boot"
default y
help
If y, the bootloader attempts to validate the signature of
slot0 every boot. This adds the signature check time to
every boot, but can mitigate against some changes that are
able to modify the flash image itself.
config BOOT_UPGRADE_ONLY
bool "Overwrite image updates instead of swapping"
default n
help
If y, overwrite slot0 with the upgrade image instead of
swapping them. This prevents the fallback recovery, but
uses a much simpler code path.
config BOOT_BOOTSTRAP
bool "Boostrap erased slot0 from slot1"
default n
help
If y, enables bootstraping support. Bootstrapping allows an erased
slot0 to be initialized from a valid image in slot1.
If unsure, leave at the default value.
config BOOT_ENCRYPT_RSA
bool "Support for encrypted upgrade images"
default n
help
If y, images in slot 1 can be encrypted and are decrypted
on the fly when upgrading to slot 0, as well as encrypted
back when swapping from slot 0 to slot 1.
config BOOT_MAX_IMG_SECTORS
int "Maximum number of sectors per image slot"
default 128
help
This option controls the maximum number of sectors that each of
the two image areas can contain. Smaller values reduce MCUboot's
memory usage; larger values allow it to support larger images.
If unsure, leave at the default value.
config BOOT_ERASE_PROGRESSIVELY
bool "Erase flash progressively when receiving new firmware"
default y if SOC_NRF52840
help
If enabled, flash is erased as necessary when receiving new firmware,
instead of erasing the whole image slot at once. This is necessary
on some hardware that has long erase times, to prevent long wait
times at the beginning of the DFU process.
config ZEPHYR_TRY_MASS_ERASE
bool "Try to mass erase flash when flashing MCUboot image"
default y
help
If y, attempt to configure the Zephyr build system's "flash"
target to mass-erase the flash device before flashing the
MCUboot image. This ensures the scratch and other partitions
are in a consistent state.
This is not available for all targets.
config BOOT_HAVE_LOGGING
bool "MCUboot have logging enabled"
default y
select LOG
select LOG_IMMEDIATE
help
If y, enables logging on the serial port. The log level can
be defined by setting `CONFIG_MCUBOOT_LOG_LEVEL_*`.
If unsure, leave at the default value.
if BOOT_HAVE_LOGGING
module = MCUBOOT
module-dep = LOG
module-str = Log level for MCUBOOT application
source "subsys/logging/Kconfig.template.log_config"
endif
menuconfig MCUBOOT_SERIAL
bool "MCUboot serial recovery"
default n
select REBOOT
select GPIO
select SERIAL
select UART_INTERRUPT_DRIVEN
select BASE64
select TINYCBOR
help
If y, enables a serial-port based update mode. This allows
MCUboot itself to load update images into flash over a UART.
If unsure, leave at the default value.
if MCUBOOT_SERIAL
choice
prompt "Serial device"
default BOOT_SERIAL_UART if !BOARD_NRF52840_PCA10059
default BOOT_SERIAL_CDC_ACM if BOARD_NRF52840_PCA10059
config BOOT_SERIAL_UART
bool "UART"
# SERIAL and UART_INTERRUPT_DRIVEN already selected
config BOOT_SERIAL_CDC_ACM
bool "CDC ACM"
select USB
select USB_DEVICE_STACK
select USB_CDC_ACM
endchoice
config BOOT_MAX_LINE_INPUT_LEN
int "Maximum command line length"
default 512
help
Maximum length of commands transported over the serial port.
config BOOT_SERIAL_DETECT_PORT
string "GPIO device to trigger serial recovery mode"
default GPIO_0 if SOC_FAMILY_NRF
help
Zephyr GPIO device which contains the pin used to trigger
serial recovery mode.
config BOOT_SERIAL_DETECT_PIN
int "Pin to trigger serial recovery mode"
default 11 if BOARD_NRF52840_PCA10056
default 13 if BOARD_NRF52_PCA10040
help
Pin on the serial detect port which triggers serial recovery mode.
config BOOT_SERIAL_DETECT_PIN_VAL
int "Serial detect pin trigger value"
default 0
range 0 1
help
Logic value of the detect pin which triggers serial recovery
mode.
endif # MCUBOOT_SERIAL
endmenu
config MCUBOOT_DEVICE_SETTINGS
# Hidden selector for device-specific settings
bool
default y
# CPU options
select MCUBOOT_DEVICE_CPU_CORTEX_M0 if CPU_CORTEX_M0
# Enable flash page layout if available
select FLASH_PAGE_LAYOUT if FLASH_HAS_PAGE_LAYOUT
# Enable flash_map module as flash I/O back-end
select FLASH_MAP
config MCUBOOT_DEVICE_CPU_CORTEX_M0
# Hidden selector for Cortex-M0 settings
bool
default n
select SW_VECTOR_RELAY if !CPU_CORTEX_M0_HAS_VECTOR_TABLE_REMAP
comment "Zephyr configuration options"
config ZEPHYR_BASE
string
option env="ZEPHYR_BASE"
source "$ZEPHYR_BASE/Kconfig.zephyr"