Commit a736efa7 authored by Daniel DeGrasse's avatar Daniel DeGrasse Committed by David Brown
Browse files

boot: zephyr: add support for revert mode with ramload 



Add support for revert mode when using ramloading. This includes the
same restrictions as revert mode with direct-xip, namely that an image
must have a valid BOOT_MAGIC value in order for mcuboot to attempt to
load it.

Signed-off-by: default avatarDaniel DeGrasse <ddegrasse@tenstorrent.com>
parent 61c5547b

boot/bootutil/src/bootutil_priv.h

+2 −1
Original line number Diff line number Diff line
@@ -285,7 +285,8 @@ struct boot_loader_state { 
        /* Image destination and size for the active slot */

        uint32_t img_dst;

        uint32_t img_sz;

#elif defined(MCUBOOT_DIRECT_XIP_REVERT)

#endif

#if defined(MCUBOOT_DIRECT_XIP_REVERT) || defined(MCUBOOT_RAM_LOAD_REVERT)

        /* Swap status for the active slot */

        struct boot_swap_state swap_state;

#endif

boot/bootutil/src/loader.c

+5 −4
Original line number Diff line number Diff line
@@ -2605,7 +2605,8 @@ print_loaded_images(struct boot_loader_state *state) 
}

#endif



#if defined(MCUBOOT_DIRECT_XIP) && defined(MCUBOOT_DIRECT_XIP_REVERT)

#if (defined(MCUBOOT_DIRECT_XIP) && defined(MCUBOOT_DIRECT_XIP_REVERT)) || \

    (defined(MCUBOOT_RAM_LOAD) && defined(MCUBOOT_RAM_LOAD_REVERT))

/**

 * Checks whether the active slot of the current image was previously selected

 * to run. Erases the image if it was selected but its execution failed,
@@ -2724,8 +2725,9 @@ boot_load_and_validate_images(struct boot_loader_state *state) 
                state->slot_usage[BOOT_CURR_IMG(state)].active_slot = NO_ACTIVE_SLOT;

                continue;

            }

#endif /* MCUBOOT_DIRECT_XIP */



#ifdef MCUBOOT_DIRECT_XIP_REVERT

#if defined(MCUBOOT_DIRECT_XIP_REVERT) || defined(MCUBOOT_RAM_LOAD_REVERT)

            rc = boot_select_or_erase(state);

            if (rc != 0) {

                /* The selected image slot has been erased. */
@@ -2733,8 +2735,7 @@ boot_load_and_validate_images(struct boot_loader_state *state) 
                state->slot_usage[BOOT_CURR_IMG(state)].active_slot = NO_ACTIVE_SLOT;

                continue;

            }

#endif /* MCUBOOT_DIRECT_XIP_REVERT */

#endif /* MCUBOOT_DIRECT_XIP */

#endif /* MCUBOOT_DIRECT_XIP_REVERT || MCUBOOT_RAM_LOAD_REVERT */



#ifdef MCUBOOT_RAM_LOAD

            /* Image is first loaded to RAM and authenticated there in order to

boot/zephyr/Kconfig

+11 −0
Original line number Diff line number Diff line
@@ -504,6 +504,17 @@ config BOOT_DIRECT_XIP_REVERT 
	  attempt to boot the previous image. The images can also be made permanent

	  (marked as confirmed in advance) just like in swap mode.



config BOOT_RAM_LOAD_REVERT

	bool "Enable the revert mechanism in ram-load mode"

	depends on BOOT_RAM_LOAD

	help

	  If y, enables the revert mechanism in ram-load similar to the one in

	  swap mode. It requires the trailer magic to be added to the signed image.

	  When a reboot happens without the image being confirmed at runtime, the

	  bootloader considers the image faulty and erases it. After this it will

	  attempt to boot the previous image. The images can also be made permanent

	  (marked as confirmed in advance) just like in swap mode.



config BOOT_BOOTSTRAP

	bool "Bootstrap erased the primary slot from the secondary slot"

	help

boot/zephyr/include/mcuboot_config/mcuboot_config.h

+4 −0
Original line number Diff line number Diff line
@@ -100,6 +100,10 @@ 
#define MCUBOOT_DIRECT_XIP_REVERT

#endif



#ifdef CONFIG_BOOT_RAM_LOAD_REVERT

#define MCUBOOT_RAM_LOAD_REVERT

#endif



#ifdef CONFIG_BOOT_RAM_LOAD

#define MCUBOOT_RAM_LOAD 1

#define IMAGE_EXECUTABLE_RAM_START CONFIG_BOOT_IMAGE_EXECUTABLE_RAM_START

CRA Git | Maintained and supported by SUSTech CRA and CCSE