1########################################################################### 2# Sample multi-part application Makefile 3# 4# Copyright (c) 2017 Linaro Limited 5# Copyright (c) 2017 Open Source Foundries Limited 6# 7# Licensed under the Apache License, Version 2.0 (the "License"); 8# you may not use this file except in compliance with the License. 9# You may obtain a copy of the License at 10# 11# http://www.apache.org/licenses/LICENSE-2.0 12# 13# Unless required by applicable law or agreed to in writing, software 14# distributed under the License is distributed on an "AS IS" BASIS, 15# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16# See the License for the specific language governing permissions and 17# limitations under the License. 18########################################################################### 19 20# This is an example Makefile to demonstrate how to use mcuboot to 21# deploy and upgrade images. The image building should work on any 22# supported target, however flashing will likely require changes to 23# the flash addresses, depending on the partition layout of the device 24# in question. 25# 26# running 27# 28# make BOARD=frdm_k64f all 29# 30# should generate three "*.bin" files in this directory: 31# 32# mcuboot.bin: The bootloader itself 33# signed-hello1.bin: A signed sample. 34# signed-hello2.bin: An upgrade image, signed and marked for 35# upgrade. 36# 37# "make flash_boot" should flash the bootloader into the flash, 38# erasing the rest of the device. If you examine the device at this 39# time, you should see a message about the bootloader not being able 40# to find a bootable image. 41# 42# "make flash_hello1" will then flash the first application into the 43# "primary slot". This should boot into this app, print a small message, and 44# give the zephyr console. 45# 46# "make flash_hello2" will flash hello2 into the "secondary slot". The 47# reset should upgrade and run the new image. Resetting again should 48# then revert back to the first app, since we did not mark this image 49# as good. 50 51# Extra .conf fragments to merge into the MCUboot .config, as a 52# semicolon-separated list (i.e., a CMake list). 53BOOTLOADER_EXTRA_CONF_FILE ?= 54 55BOARD ?= frdm_k64f 56SLOT_SIZE ?= 0x60000 57BOOT_ADDR ?= 0x0 58IMG0_ADDR ?= 0x20000 59IMG1_ADDR ?= 0x80000 60 61.PHONY: check boot hello1 clean_boot clean_hello1 \ 62 hello2 clean_hello2 flash_boot flash_hello1 flash_hello2 63 64# For signing, use the default RSA demo key, to match the default in 65# the mcuboot Makefile. 66SIGNING_KEY ?= ../../root-rsa-2048.pem 67 68# The header size should match that in hello1/prj.conf 69# CONFIG_TEXT_SECTION_OFFSET. This value needs to be a power of two 70# that is at least as large as the size of the vector table. The 71# value given here of 0x200 should be sufficient for any supported 72# devices, but it can be made smaller, as long as this value matches 73# that used to build the app. 74BOOT_HEADER_LEN = 0x200 75 76# For upgrades, the signing tool needs to know the device alignment. 77# This requirement will be going away soon. 78FLASH_ALIGNMENT = 8 79 80IMGTOOL = ../../scripts/imgtool.py 81ASSEMBLE = ../../scripts/assemble.py 82PYOCD = pyocd 83 84SOURCE_DIRECTORY := $(CURDIR) 85BUILD_DIRECTORY := $(CURDIR)/build/$(BOARD) 86BUILD_DIR_BOOT := $(BUILD_DIRECTORY)/mcuboot 87BUILD_DIR_HELLO1 := $(BUILD_DIRECTORY)/hello1 88BUILD_DIR_HELLO2 := $(BUILD_DIRECTORY)/hello2 89 90help: 91 @echo "make <target> BOARD=<board>" 92 @echo "<target>: all, boot, hello1, full.bin" 93 @echo "<board>: frdm_k64f only for now" 94 95all: boot hello1 hello2 96 97full.bin: boot hello1 hello2 98 $(ASSEMBLE) -b $(BUILD_DIR_BOOT) \ 99 -z $(ZEPHYR_BASE) \ 100 -p signed-hello1.bin \ 101 -s signed-hello2.bin \ 102 -o full.bin 103 104clean: clean_boot clean_hello1 clean_hello2 105 @rm -f signed-hello1.bin 106 @rm -f signed-hello2.bin 107 @rm -f mcuboot.bin 108 109boot: check 110 @rm -f mcuboot.bin 111 (mkdir -p $(BUILD_DIR_BOOT) && \ 112 cd $(BUILD_DIR_BOOT) && \ 113 cmake -DEXTRA_CONF_FILE=$(BOOTLOADER_EXTRA_CONF_FILE) \ 114 -G"Ninja" \ 115 -DBOARD=$(BOARD) \ 116 $(SOURCE_DIRECTORY)/../../boot/zephyr && \ 117 ninja) 118 cp $(BUILD_DIR_BOOT)/zephyr/zephyr.bin mcuboot.bin 119 120clean_boot: check 121 rm -rf $(BUILD_DIR_BOOT) 122 123# Build and sign "hello1". 124hello1: check 125 (mkdir -p $(BUILD_DIR_HELLO1) && \ 126 cd $(BUILD_DIR_HELLO1) && \ 127 cmake -DFROM_WHO=hello1 \ 128 -G"Ninja" \ 129 -DBOARD=$(BOARD) \ 130 $(SOURCE_DIRECTORY)/hello-world && \ 131 ninja) 132 $(IMGTOOL) sign \ 133 --key $(SIGNING_KEY) \ 134 --header-size $(BOOT_HEADER_LEN) \ 135 --align $(FLASH_ALIGNMENT) \ 136 --version 1.2 \ 137 --slot-size $(SLOT_SIZE) \ 138 $(BUILD_DIR_HELLO1)/zephyr/zephyr.bin \ 139 signed-hello1.bin 140 141clean_hello1: check 142 rm -rf $(BUILD_DIR_HELLO1) 143 144# Build and sign "hello2". 145# This is the same signing command as above, except that it adds the 146# "--pad" argument. This will also add the trailer that indicates 147# this image is intended to be an upgrade. It should be flashed into 148# the secondary slot instead of the primary slot. 149hello2: check 150 (mkdir -p $(BUILD_DIR_HELLO2) && \ 151 cd $(BUILD_DIR_HELLO2) && \ 152 cmake -DFROM_WHO=hello2 \ 153 -G"Ninja" \ 154 -DBOARD=$(BOARD) \ 155 $(SOURCE_DIRECTORY)/hello-world && \ 156 ninja) 157 $(IMGTOOL) sign \ 158 --key $(SIGNING_KEY) \ 159 --header-size $(BOOT_HEADER_LEN) \ 160 --align $(FLASH_ALIGNMENT) \ 161 --version 1.2 \ 162 --slot-size $(SLOT_SIZE) \ 163 --pad \ 164 $(BUILD_DIR_HELLO2)/zephyr/zephyr.bin \ 165 signed-hello2.bin 166 167clean_hello2: check 168 rm -rf $(BUILD_DIR_HELLO2) 169 170# These flash_* targets use pyocd to flash the images. The addresses 171# are hardcoded at this time. 172 173flash_boot: 174 $(PYOCD) flash -e chip -a $(BOOT_ADDR) mcuboot.bin 175 176flash_hello1: 177 $(PYOCD) flash -a $(IMG0_ADDR) signed-hello1.bin 178 179flash_hello2: 180 $(PYOCD) flash -a $(IMG1_ADDR) signed-hello2.bin 181 182flash_full: 183 $(PYOCD) flash -e chip -a $(BOOT_ADDR) full.bin 184 185# These test- targets reinvoke make with the configuration set to test 186# various configurations. This will generally be followed by using 187# the above flash targets. 188 189# Test a good image, with a good upgrade, using RSA signatures. 190# flash_boot: Unable to find bootable image 191# flash_hello1: hello1 runs 192# flash_hello2: hello2 runs 193# reset: hello1 runs 194test-good-rsa: clean 195 $(MAKE) \ 196 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-rsa.conf \ 197 all 198 199# Test a good image, with a good upgrade, using ECDSA signatures. 200# flash_boot: Unable to find bootable image 201# flash_hello1: hello1 runs 202# flash_hello2: hello2 runs 203# reset: hello1 runs 204test-good-ecdsa: clean 205 $(MAKE) \ 206 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-ecdsa-p256.conf \ 207 SIGNING_KEY=../../root-ec-p256.pem \ 208 all 209 210# Test (with RSA) that overwrite-only works. This should boot, 211# upgrade correctly, but not revert once the upgrade has been done. 212# flash_boot: Unable to find bootable image 213# flash_hello1: hello1 runs 214# flash_hello2: hello2 runs 215# reset: hello2 runs 216test-overwrite: clean 217 $(MAKE) \ 218 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-upgrade-only.conf \ 219 all 220 221# Test that when configured for RSA, a wrong signature in the upgrade 222# image will fail to upgrade. 223# flash_boot: Unable to find bootable image 224# flash_hello1: hello1 runs 225# flash_hello2: hello1 runs 226# reset: hello1 runs 227test-bad-rsa-upgrade: clean 228 $(MAKE) \ 229 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-rsa.conf \ 230 boot hello1 231 $(MAKE) \ 232 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-rsa.conf \ 233 SIGNING_KEY=../../root-ec-p256.pem \ 234 hello2 235 236# Test that when configured for ECDSA, a wrong signature in the upgrade 237# image will fail to upgrade. 238# flash_boot: Unable to find bootable image 239# flash_hello1: hello1 runs 240# flash_hello2: hello1 runs 241# reset: hello1 runs 242test-bad-ecdsa-upgrade: clean 243 $(MAKE) \ 244 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-ecdsa-p256.conf \ 245 SIGNING_KEY=../../root-ec-p256.pem \ 246 boot hello1 247 $(MAKE) \ 248 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-ecdsa-p256.conf \ 249 SIGNING_KEY=../../root-rsa-2048.pem \ 250 hello2 251 252# Test that when configured to not validate the primary slot, we still boot, but 253# don't upgrade. 254# flash_boot: tries to boot and resets 255# flash_hello1: hello1 runs 256# flash_hello2: hello1 runs 257# reset: hello1 runs 258test-no-bootcheck: clean 259 $(MAKE) \ 260 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-skip-primary-slot-validate.conf \ 261 SIGNING_KEY=../../root-ec-p256.pem \ 262 all 263 264# Test a good image, with a wrong-signature upgrade, using RSA signatures. 265# flash_boot: Unable to find bootable image 266# flash_hello1: hello1 runs 267# flash_hello2: hello1 runs 268# reset: hello1 runs 269test-wrong-rsa: clean 270 $(MAKE) \ 271 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-rsa.conf \ 272 boot hello1 273 $(MAKE) \ 274 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-rsa.conf \ 275 SIGNING_KEY=bad-keys/bad-rsa-2048.pem \ 276 hello2 277 278# Test a good image, with a wrong-signature upgrade, using ECDSA signatures. 279# flash_boot: Unable to find bootable image 280# flash_hello1: hello1 runs 281# flash_hello2: hello1 runs 282# reset: hello1 runs 283test-wrong-ecdsa: clean 284 $(MAKE) \ 285 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-ecdsa-p256.conf \ 286 SIGNING_KEY=../../root-ec-p256.pem \ 287 boot hello1 288 $(MAKE) \ 289 BOOTLOADER_EXTRA_CONF_FILE=$(PWD)/overlay-ecdsa-p256.conf \ 290 SIGNING_KEY=bad-keys/bad-ec-p256.pem \ 291 hello2 292 293check: 294 @if [ -z "$$ZEPHYR_BASE" ]; then echo "Zephyr environment not set up"; false; fi 295 @if [ -z "$(BOARD)" ]; then echo "You must specify BOARD=<board>"; false; fi 296
