1 /* 2 * Copyright (c) 2018 Open Source Foundries Limited 3 * Copyright (c) 2019-2024 Arm Limited 4 * 5 * SPDX-License-Identifier: Apache-2.0 6 */ 7 8 #ifndef __MCUBOOT_CONFIG_H__ 9 #define __MCUBOOT_CONFIG_H__ 10 11 /* 12 * Template configuration file for MCUboot. 13 * 14 * When porting MCUboot to a new target, copy it somewhere that your 15 * include path can find it as mcuboot_config/mcuboot_config.h, and 16 * make adjustments to suit your platform. 17 * 18 * For examples, see: 19 * 20 * boot/zephyr/include/mcuboot_config/mcuboot_config.h 21 * boot/mynewt/mcuboot_config/include/mcuboot_config/mcuboot_config.h 22 */ 23 24 /* 25 * Signature types 26 * 27 * You must choose exactly one signature type. 28 */ 29 30 /* Uncomment for RSA signature support */ 31 /* #define MCUBOOT_SIGN_RSA */ 32 33 /* Uncomment for ECDSA signatures using curve P-256. */ 34 /* #define MCUBOOT_SIGN_EC256 */ 35 36 /* 37 * Public key handling 38 * 39 * Choose one or none from the different public key handling options. 40 */ 41 42 /* Uncomment to use key hash(es) instead of incorporating 43 * the public key into the code. */ 44 /* #define MCUBOOT_HW_KEY */ 45 /* Uncomment to use builtin key(s) instead of incorporating 46 * the public key into the code. */ 47 /* #define MCUBOOT_BUILTIN_KEY */ 48 49 /* 50 * Upgrade mode 51 * 52 * The default is to support A/B image swapping with rollback. Other modes 53 * with simpler code path, which only supports overwriting the existing image 54 * with the update image or running the newest image directly from its flash 55 * partition, are also available. 56 * 57 * You can enable only one mode at a time from the list below to override 58 * the default upgrade mode. 59 */ 60 61 /* Uncomment to enable the overwrite-only code path. */ 62 /* #define MCUBOOT_OVERWRITE_ONLY */ 63 64 #ifdef MCUBOOT_OVERWRITE_ONLY 65 /* Uncomment to only erase and overwrite those primary slot sectors needed 66 * to install the new image, rather than the entire image slot. */ 67 /* #define MCUBOOT_OVERWRITE_ONLY_FAST */ 68 #endif 69 70 /* Uncomment to enable the direct-xip code path. */ 71 /* #define MCUBOOT_DIRECT_XIP */ 72 /* Uncomment to enable the revert mechanism in direct-xip mode. */ 73 /* #define MCUBOOT_DIRECT_XIP_REVERT */ 74 75 /* Uncomment to enable the ram-load code path. */ 76 /* #define MCUBOOT_RAM_LOAD */ 77 78 /* 79 * Cryptographic settings 80 * 81 * You must choose between mbedTLS and Tinycrypt as source of 82 * cryptographic primitives. Other cryptographic settings are also 83 * available. 84 */ 85 86 /* Uncomment to use ARM's mbedTLS cryptographic primitives */ 87 /* #define MCUBOOT_USE_MBED_TLS */ 88 /* Uncomment to use Tinycrypt's. */ 89 /* #define MCUBOOT_USE_TINYCRYPT */ 90 91 /* 92 * Encrypted images 93 * 94 * Uncomment one of the below options (MCUBOOT_ENCRYPT_x) to enable 95 * encrypted image upgrades. 96 */ 97 98 /* Uncomment to use RSA-OAEP for key encryption */ 99 /* #define MCUBOOT_ENCRYPT_RSA */ 100 /* Uncomment to use AES-KW for key encryption */ 101 /* #define MCUBOOT_ENCRYPT_KW */ 102 /* Uncomment to use ECIES-P256 for key encryption */ 103 /* #define MCUBOOT_ENCRYPT_EC256 */ 104 /* Uncomment to use ECIES-X25519 for key encryption */ 105 /* #define MCUBOOT_ENCRYPT_X25519 */ 106 107 /* Uncomment to use a builtin key-encryption key (retrieved from a trusted 108 * source - if implemented) instead of a key embedded in the bootloader. */ 109 /* #define MCUBOOT_ENC_BUILTIN_KEY */ 110 111 #if defined(MCUBOOT_ENCRYPT_RSA) || \ 112 defined(MCUBOOT_ENCRYPT_KW) || \ 113 defined(MCUBOOT_ENCRYPT_EC256) || \ 114 defined(MCUBOOT_ENCRYPT_X25519) 115 #define MCUBOOT_ENC_IMAGES 116 #endif 117 118 /* 119 * Always check the signature of the image in the primary slot before booting, 120 * even if no upgrade was performed. This is recommended if the boot 121 * time penalty is acceptable. 122 */ 123 #define MCUBOOT_VALIDATE_PRIMARY_SLOT 124 125 /* 126 * Flash abstraction 127 */ 128 129 /* Uncomment if your flash map API supports flash_area_get_sectors(). 130 * See the flash APIs for more details. */ 131 /* #define MCUBOOT_USE_FLASH_AREA_GET_SECTORS */ 132 133 /* Default maximum number of flash sectors per image slot; change 134 * as desirable. */ 135 #define MCUBOOT_MAX_IMG_SECTORS 128 136 137 /* Default number of separately updateable images; change in case of 138 * multiple images. */ 139 #define MCUBOOT_IMAGE_NUMBER 1 140 141 /* 142 * Logging 143 */ 144 145 /* 146 * If logging is enabled the following functions must be defined by the 147 * platform: 148 * 149 * MCUBOOT_LOG_MODULE_REGISTER(domain) 150 * Register a new log module and add the current C file to it. 151 * 152 * MCUBOOT_LOG_MODULE_DECLARE(domain) 153 * Add the current C file to an existing log module. 154 * 155 * MCUBOOT_LOG_ERR(...) 156 * MCUBOOT_LOG_WRN(...) 157 * MCUBOOT_LOG_INF(...) 158 * MCUBOOT_LOG_DBG(...) 159 * 160 * The function priority is: 161 * 162 * MCUBOOT_LOG_ERR > MCUBOOT_LOG_WRN > MCUBOOT_LOG_INF > MCUBOOT_LOG_DBG 163 */ 164 #define MCUBOOT_HAVE_LOGGING 1 165 166 /* 167 * Assertions 168 */ 169 170 /* Uncomment if your platform has its own mcuboot_config/mcuboot_assert.h. 171 * If so, it must provide an ASSERT macro for use by bootutil. Otherwise, 172 * "assert" is used. */ 173 /* #define MCUBOOT_HAVE_ASSERT_H */ 174 175 /* 176 * Watchdog feeding 177 */ 178 179 /* This macro might be implemented if the OS / HW watchdog is enabled while 180 * doing a swap upgrade and the time it takes for a swapping is long enough 181 * to cause an unwanted reset. If implementing this, the OS main.c must also 182 * enable the watchdog (if required)! 183 * 184 * #define MCUBOOT_WATCHDOG_FEED() 185 * do { do watchdog feeding here! } while (0) 186 */ 187 188 /* If a OS ports support single thread mode or is bare-metal then: 189 * This macro implements call that switches CPU to an idle state, from which 190 * the CPU may be woken up by, for example, UART transmission event. 191 * 192 * Otherwise this macro should be no-op. 193 */ 194 #define MCUBOOT_CPU_IDLE() \ 195 do { \ 196 } while (0) 197 198 #endif /* __MCUBOOT_CONFIG_H__ */ 199
