Progress on adding NXP QorIQ P1021 support.

Author: dgarske

INSTALL.md

@@ -19,45 +19,65 @@ https://github.com/wolfSSL/wolfssl/archive/master.zip
 
 1. Extract wolfBoot
 2. `cd wolfBoot/lib`
-3. Extact wolfSSL (should be named `lib/wolfssl`)
+3. Extract wolfSSL (should be named `lib/wolfssl`)
 
 Directory should look like:
 
 ```
 wolfBoot
  -> config
- -> docs
- -> hal
+   -> examples (sample configurations)
+ -> docs (markdown docs)
+ -> hal (Hardware target abstractions)
+   -> spi
+   -> uart
  -> IDE
  -> include
- -> lib
+ -> lib (wolfSSL and wolfTPM submodules)
    -> wolfssl
      -> src
      -> wolfcrypt/src
  -> src
- -> test-app
- -> tools
+   -> image.c (crypto verify/hash)
+   -> loader.c (main)
+   -> libwolfboot.c (User application API’s)
+   -> update_*.c (flash/ram wolfBoot_start)
+-> test-app (example applications)
+-> tools
+  -> keytools (signing and key generation tools)
 ```
 
 ## Configuration
 
 Use `make config` to walk-through setting up the platform, architecture and partition settings.
 OR
-Use the `config/examples` as a template to wolfBoot root as `.config`. 
+Use the `config/examples` as a template to wolfBoot root as `.config`.
 Example: `cp ./config/examples/zynqmp.config .config`
 
 ## Setup the Key
 
-Use the key generation tool in `tools/keytool` or get existing keys. 
-Copy `rsa4096.der` to wolfBoot root
-Copy `rsa4096_pub_key.c` to `./src`
+Build the key tools: `make keytools`
+
+The key generation is handled the first time you use `make`, however we do provide some tools to help use existing keys.
+See tools in `tools/keytool`. Public key(s) are populated into the `src/keystore.c`.
+The signing key used goes into wolfBoot root (example `rsa4096.der`).
 
 ## Building
 
 ```sh
 make
 ```
 
+The “make [target]”
+* `keytools`: Build the C version of the key tools
+* `wolfboot.bin`: Build the .elf and .bin version of the bootloader only
+* `test-app/image.bin`: Builds the test application
+* `test-app/image_v1_signed.bin`: Builds the test application signed with version 1
+* `factory.bin`: Builds bootloader and test application signed and appended together
+
+Note: Default is “factory.bin”
+
+
 ## Building with Cross Compile
 
 QNX Example:

README.md

@@ -1,4 +1,5 @@
 # wolfBoot
+
 wolfSSL Secure Bootloader ([Home page](https://www.wolfssl.com/products/wolfboot/))
 
 wolfBoot is a portable, OS-agnostic, secure bootloader solution for 32-bit microcontrollers,
@@ -8,7 +9,6 @@ Due to the minimalist design of the bootloader and the tiny HAL API, wolfBoot is
 from any OS or bare-metal application, and can be easily ported and integrated in existing embedded software
 projects to provide a secure firmware update mechanism.
 
-
 ## Features
    - Multi-slot partitioning of the flash device
    - Integrity verification of the firmware image(s)
@@ -93,16 +93,19 @@ For more detailed information about firmware update implementation, see [Firmwar
 
 ### Makefile
 
-To build using the Makefile, create a `.config` file with your build specifications in the wolfBoot root directory. You can find a 
+To build using the Makefile, create a `.config` file with your build specifications in the wolfBoot root directory. You can find a
 number of examples that you can use inside [config/examples](config/examples). Then run `make keytools` to generate the signing
-and key generation tools. If you have wolfCrypt-py installed and would like to use it, you can skip this step. 
+and key generation tools. If you have wolfCrypt-py installed and would like to use it, you can skip this step.
+
+Documentation for the flash configuration options used in `.config` can be found in [docs/compile.md](docs/compile.md).
 
 For example, to build using our provided `stm32h7.config`:
+
 ```
 cp config/examples/stm32h7.config .config
 make keytools
 make
-``` 
+```
 
 ### CMake
 
@@ -116,7 +119,7 @@ $ mkdir build
 $ cd build
 $ cmake -DWOLFBOOT_TARGET=stm32h7 -DBUILD_TEST_APPS=yes -DWOLFBOOT_PARTITION_BOOT_ADDRESS=0x8020000 -DWOLFBOOT_SECTOR_SIZE=0x20000 -DWOLFBOOT_PARTITION_SIZE=0xD0000 -DWOLFBOOT_PARTITION_UPDATE_ADDRESS=0x80F0000 -DWOLFBOOT_PARTITION_SWAP_ADDRESS=0x81C0000 ..
 $ make
-``` 
+```
 
 The output should look something like:
 ```
@@ -174,7 +177,7 @@ Selected cipher:      ECC256
 Selected hash  :      SHA256
 Public key:           /home/user/wolfBoot/build/wolfboot_signing_private_key.der
 Output  image:        /home/user/wolfBoot/build/test-app/image_v1_signed.bin
-Target partition id : 1 
+Target partition id : 1
 Calculating SHA256 digest...
 Signing the digest...
 Output image(s) successfully created.
@@ -206,7 +209,7 @@ Selected cipher:      ECC256
 Selected hash  :      SHA256
 Public key:           /home/user/wolfBoot/build/wolfboot_signing_private_key.der
 Output  image:        /home/user/wolfBoot/build/test-app/image_v1_signed.bin
-Target partition id : 1 
+Target partition id : 1
 Calculating SHA256 digest...
 Signing the digest...
 Output image(s) successfully created.
@@ -223,12 +226,12 @@ Signing and hashing algorithms can be specified with `-DSIGN=<alg>` and `-DHASH=
 options to configuring wolfBoot, add `-LAH` to your cmake command, along with the partition specifications.
 ```
 $ cmake -DWOLFBOOT_TARGET=stm32h7 -DWOLFBOOT_PARTITION_BOOT_ADDRESS=0x8020000 -DWOLFBOOT_SECTOR_SIZE=0x20000 -DWOLFBOOT_PARTITION_SIZE=0xD0000 -DWOLFBOOT_PARTITION_UPDATE_ADDRESS=0x80F0000 -DWOLFBOOT_PARTITION_SWAP_ADDRESS=0x81C0000 -LAH ..
-``` 
+```
 
 ##### stm32f4
 ```
 $ cmake -DWOLFBOOT_TARGET=stm32f4 -DWOLFBOOT_PARTITION_SIZE=0x20000 -DWOLFBOOT_SECTOR_SIZE=0x20000 -DWOLFBOOT_PARTITION_BOOT_ADDRESS=0x08020000 -DWOLFBOOT_PARTITION_UPDATE_ADDRESS=0x08040000 -DWOLFBOOT_PARTITION_SWAP_ADDRESS=0x08060000 ..
-``` 
+```
 
 ##### stm32u5
 ```

arch.mk

@@ -274,6 +274,22 @@ ifeq ($(TARGET),nxp_t2080)
   endif
 endif
 
+ifeq ($(TARGET),nxp_p1021)
+  # Power PC big endian
+  ARCH_FLAGS=-m32 -mhard-float -mcpu=e500mc
+  CFLAGS+=$(ARCH_FLAGS) -DBIG_ENDIAN_ORDER
+  CFLAGS+=-DMMU -DWOLFBOOT_DUALBOOT
+  CFLAGS+=-pipe # use pipes instead of temp files
+  CFLAGS+=-feliminate-unused-debug-types
+  LDFLAGS+=$(ARCH_FLAGS)
+  LDFLAGS+=-Wl,--hash-style=both # generate both sysv and gnu symbol hash table
+  LDFLAGS+=-Wl,--as-needed # remove weak functions not used
+  UPDATE_OBJS:=src/update_ram.o
+  ifeq ($(SPMATH),1)
+    MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o
+  endif
+endif
+
 ifeq ($(TARGET),ti_hercules)
   # HALCoGen Source and Include?
   CORTEX_R5=1

config/examples/nxp-p1021.config

@@ -0,0 +1,52 @@
+ARCH=PPC
+TARGET=nxp_p1021
+SIGN?=ECC384
+HASH?=SHA384
+IMAGE_HEADER_SIZE?=512
+DEBUG?=0
+DEBUG_UART?=1
+VTOR?=1
+CORTEX_M0?=0
+NO_ASM?=0
+EXT_FLASH?=0
+SPI_FLASH?=0
+NO_XIP?=0
+UART_FLASH?=0
+ALLOW_DOWNGRADE?=0
+NVM_FLASH_WRITEONCE?=0
+WOLFBOOT_VERSION?=0
+NO_MPU?=0
+SPMATH?=1
+RAM_CODE?=1
+DUALBANK_SWAP?=0
+WOLFTPM?=0
+
+# NAND Base Address
+ARCH_FLASH_OFFSET?=0xE8000000
+
+# Flash Sector Size
+WOLFBOOT_SECTOR_SIZE=0x10000
+
+# wolfBoot start address
+WOLFBOOT_ORIGIN=0xEFF40000
+# wolfBoot parition size (custom)
+BOOTLOADER_PARTITION_SIZE=0x20000
+
+# Application Partition Size
+WOLFBOOT_PARTITION_SIZE?=0xA00000
+# Location in Flash for Application Partition
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0xE8080000
+# Load Partition to RAM Address
+WOLFBOOT_LOAD_ADDRESS?=0x19000
+
+# Location in Flash for Update Partition
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0xE8A80000
+
+# Location of temporary sector used during updates
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0xE8060000
+
+# DTS (Device Tree)
+WOLFBOOT_DTS_BOOT_ADDRESS?=0xE8040000
+WOLFBOOT_DTS_UPDATE_ADDRESS?=0xE8050000
+# DTS Load to RAM Address
+WOLFBOOT_LOAD_DTS_ADDRESS?=0x40000

docs/Targets.md

@@ -10,6 +10,7 @@ This README describes configuration of supported targets.
 * [NXP LPC54xxx](#nxp-lpc54xxx)
 * [NXP iMX-RT](#nxp-imx-rt)
 * [NXP Kinetis](#nxp-kinetis)
+* [NXP P1021 PPC](#nxp-p1021-ppc)
 * [NXP T2080 PPC](#nxp-t2080-ppc)
 * [Qemu x86-64 UEFI](#qemu-x86-64-uefi)
 * [SiFive HiFive1 RISC-V](#sifive-hifive1-risc-v)