|
2 | 2 |
|
3 | 3 | # Copyright (c) 2014-2015 Wind River Systems, Inc. |
4 | 4 | # Copyright (c) 2016 Intel Corporation |
| 5 | +# Copyright (c) 2023 Nordic Semiconductor ASA |
5 | 6 | # SPDX-License-Identifier: Apache-2.0 |
6 | 7 |
|
7 | 8 |
|
@@ -783,129 +784,7 @@ config BOOTLOADER_SRAM_SIZE |
783 | 784 | - Zephyr is a !XIP image, which implicitly assumes existence of a |
784 | 785 | bootloader that loads the Zephyr !XIP image onto SRAM. |
785 | 786 |
|
786 | | -config MCUBOOT |
787 | | - bool |
788 | | - help |
789 | | - Hidden option used to indicate that the current image is MCUBoot |
790 | | - |
791 | | -config BOOTLOADER_MCUBOOT |
792 | | - bool "MCUboot bootloader support" |
793 | | - select USE_DT_CODE_PARTITION |
794 | | - imply INIT_ARCH_HW_AT_BOOT if ARCH_SUPPORTS_ARCH_HW_INIT |
795 | | - depends on !MCUBOOT |
796 | | - help |
797 | | - This option signifies that the target uses MCUboot as a bootloader, |
798 | | - or in other words that the image is to be chain-loaded by MCUboot. |
799 | | - This sets several required build system and Device Tree options in |
800 | | - order for the image generated to be bootable using the MCUboot open |
801 | | - source bootloader. Currently this includes: |
802 | | - |
803 | | - * Setting ROM_START_OFFSET to a default value that allows space |
804 | | - for the MCUboot image header |
805 | | - * Activating SW_VECTOR_RELAY_CLIENT on Cortex-M0 |
806 | | - (or Armv8-M baseline) targets with no built-in vector relocation |
807 | | - mechanisms |
808 | | - |
809 | | - By default, this option instructs Zephyr to initialize the core |
810 | | - architecture HW registers during boot, when this is supported by |
811 | | - the application. This removes the need by MCUboot to reset |
812 | | - the core registers' state itself. |
813 | | - |
814 | | -if BOOTLOADER_MCUBOOT |
815 | | - |
816 | | -config MCUBOOT_CMAKE_WEST_SIGN_PARAMS |
817 | | - string "Extra parameters to west sign" |
818 | | - default "--quiet" |
819 | | - help |
820 | | - Parameters that are passed by cmake to west sign, just after |
821 | | - the command, before all other parameters needed for image |
822 | | - signing. |
823 | | - By default this is set to "--quiet" to prevent extra, non-error, |
824 | | - diagnostic messages from west sign. This does not affect signing |
825 | | - tool for which extra parameters are passed with |
826 | | - MCUBOOT_EXTRA_IMGTOOL_ARGS. |
827 | | - |
828 | | -config MCUBOOT_SIGNATURE_KEY_FILE |
829 | | - string "Path to the mcuboot signing key file" |
830 | | - default "" |
831 | | - depends on !MCUBOOT_GENERATE_UNSIGNED_IMAGE |
832 | | - help |
833 | | - The file contains a key pair whose public half is verified |
834 | | - by your target's MCUboot image. The file is in PEM format. |
835 | | - |
836 | | - If set to a non-empty value, the build system tries to |
837 | | - sign the final binaries using a 'west sign -t imgtool' command. |
838 | | - The signed binaries are placed in the build directory |
839 | | - at zephyr/zephyr.signed.bin and zephyr/zephyr.signed.hex. |
840 | | - |
841 | | - The file names can be customized with CONFIG_KERNEL_BIN_NAME. |
842 | | - The existence of bin and hex files depends on CONFIG_BUILD_OUTPUT_BIN |
843 | | - and CONFIG_BUILD_OUTPUT_HEX. |
844 | | - |
845 | | - This option should contain a path to the same file as the |
846 | | - BOOT_SIGNATURE_KEY_FILE option in your MCUboot .config. The path |
847 | | - may be absolute or relative to the west workspace topdir. (The MCUboot |
848 | | - config option is used for the MCUboot bootloader image; this option is |
849 | | - for your application which is to be loaded by MCUboot. The MCUboot |
850 | | - config option can be a relative path from the MCUboot repository |
851 | | - root.) |
852 | | - |
853 | | - If left empty, you must sign the Zephyr binaries manually. |
854 | | - |
855 | | -config MCUBOOT_ENCRYPTION_KEY_FILE |
856 | | - string "Path to the mcuboot encryption key file" |
857 | | - default "" |
858 | | - depends on MCUBOOT_SIGNATURE_KEY_FILE != "" |
859 | | - help |
860 | | - The file contains the public key that is used to encrypt the |
861 | | - ephemeral key that encrypts the image. The corresponding |
862 | | - private key is hard coded in the MCUboot source code and is |
863 | | - used to decrypt the ephemeral key that is embedded in the |
864 | | - image. The file is in PEM format. |
865 | | - |
866 | | - If set to a non-empty value, the build system tries to |
867 | | - sign and encrypt the final binaries using a 'west sign -t imgtool' |
868 | | - command. The binaries are placed in the build directory at |
869 | | - zephyr/zephyr.signed.encrypted.bin and |
870 | | - zephyr/zephyr.signed.encrypted.hex. |
871 | | - |
872 | | - The file names can be customized with CONFIG_KERNEL_BIN_NAME. |
873 | | - The existence of bin and hex files depends on CONFIG_BUILD_OUTPUT_BIN |
874 | | - and CONFIG_BUILD_OUTPUT_HEX. |
875 | | - |
876 | | - This option should either be an absolute path or a path relative to |
877 | | - the west workspace topdir. |
878 | | - Example: './bootloader/mcuboot/enc-rsa2048-pub.pem' |
879 | | - |
880 | | - If left empty, you must encrypt the Zephyr binaries manually. |
881 | | - |
882 | | -config MCUBOOT_EXTRA_IMGTOOL_ARGS |
883 | | - string "Extra arguments to pass to imgtool when signing" |
884 | | - default "" |
885 | | - help |
886 | | - When signing (CONFIG_MCUBOOT_SIGNATURE_KEY_FILE is a non-empty |
887 | | - string) you can use this option to pass extra options to |
888 | | - imgtool. For example, you could set this to "--version 1.2". |
889 | | - |
890 | | -config MCUBOOT_GENERATE_UNSIGNED_IMAGE |
891 | | - bool "Generate unsigned binary image bootable with MCUboot" |
892 | | - help |
893 | | - Enabling this configuration allows automatic unsigned binary image |
894 | | - generation when MCUboot signing key is not provided, |
895 | | - i.e., MCUBOOT_SIGNATURE_KEY_FILE is left empty. |
896 | | - |
897 | | -config MCUBOOT_GENERATE_CONFIRMED_IMAGE |
898 | | - bool "Also generate a padded, confirmed image" |
899 | | - help |
900 | | - The signed, padded, and confirmed binaries are placed in the build |
901 | | - directory at zephyr/zephyr.signed.confirmed.bin and |
902 | | - zephyr/zephyr.signed.confirmed.hex. |
903 | | - |
904 | | - The file names can be customized with CONFIG_KERNEL_BIN_NAME. |
905 | | - The existence of bin and hex files depends on CONFIG_BUILD_OUTPUT_BIN |
906 | | - and CONFIG_BUILD_OUTPUT_HEX. |
907 | | - |
908 | | -endif # BOOTLOADER_MCUBOOT |
| 787 | +source "Kconfig.mcuboot" |
909 | 788 |
|
910 | 789 | config BOOTLOADER_ESP_IDF |
911 | 790 | bool "ESP-IDF bootloader support" |
|
0 commit comments