share/sysbuild/images/bootloader/Kconfig - third_party/github/zephyrproject-rtos/zephyr - Git at Google

 # Copyright (c) 2022 Nordic Semiconductor
 #
 # SPDX-License-Identifier: Apache-2.0

 config SUPPORT_BOOTLOADER
 	bool
 	default y

 config SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR
 	bool
 	default y

 choice BOOTLOADER
 	prompt "Bootloader support"
 	default BOOTLOADER_NONE
 	depends on SUPPORT_BOOTLOADER

 config BOOTLOADER_NONE
 	bool "None"
 	help
 	  Do not Include a bootloader in the build

 config BOOTLOADER_MCUBOOT
 	bool "MCUboot"
 	depends on SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR
 	help
 	  Include MCUboot (Zephyr port) as the bootloader to use

 endchoice

 if BOOTLOADER_MCUBOOT

 choice MCUBOOT_MODE
 	prompt "Mode of operation"
 	default MCUBOOT_MODE_SWAP_USING_MOVE
 	help
 	  The operating mode of MCUboot (which will also be propagated to the application).

 config MCUBOOT_MODE_SINGLE_APP
 	bool "Single slot"
 	help
 	  MCUboot will only boot slot0_partition placed application and does not care about other
 	  slots. In this mode application is not able to DFU its own update to secondary slot and
 	  all updates need to be performed using MCUboot serial recovery.

 config MCUBOOT_MODE_SWAP_USING_OFFSET
 	bool "Swap using offset"
 	select EXPERIMENTAL
 	help
 	  MCUboot expects slot0_partition and slot1_partition to be present in DT and application
 	  will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
 	  in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.

 config MCUBOOT_MODE_SWAP_USING_MOVE
 	bool "Swap using move"
 	help
 	  MCUboot expects slot0_partition and slot1_partition to be present in DT and application
 	  will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
 	  in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.

 config MCUBOOT_MODE_SWAP_WITHOUT_SCRATCH
 	bool "Swap without scratch (swap using move) [DEPRECATED]"
 	select DEPRECATED
 	help
 	  This Kconfig is deprecated, use MCUBOOT_MODE_SWAP_USING_MOVE instead.

 config MCUBOOT_MODE_SWAP_SCRATCH
 	bool "Swap using scratch"
 	help
 	  MCUboot expects slot0_partition, slot1_partition and scratch_partition to be present in
 	  DT, and application will boot from slot0_partition. In this mode scratch_partition is
 	  used as temporary storage when MCUboot swaps application from the secondary slot to the
 	  primary slot.
 	  MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected in main application if MCUboot
 	  has been built with MCUBOOT_DOWNGRADE_PREVENTION.

 config MCUBOOT_MODE_OVERWRITE_ONLY
 	bool "Overwrite"
 	help
 	  MCUboot will take contents of secondary slot of an image and will overwrite primary slot
 	  with it. In this mode it is not possible to revert back to previous version as it is not
 	  stored in the secondary slot.
 	  This mode supports MCUBOOT_BOOTLOADER_NO_DOWNGRADE which means that the overwrite will
 	  not happen unless the version of secondary slot is higher than the version in primary
 	  slot.

 config MCUBOOT_MODE_DIRECT_XIP
 	bool "DirectXIP"
 	help
 	  MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot
 	  can boot from either partition and will select one with higher application image version,
 	  which usually means major.minor.patch triple, unless BOOT_VERSION_CMP_USE_BUILD_NUMBER is
 	  also selected in MCUboot that enables comparison of build number.
 	  This option automatically selectes MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible
 	  to swap back to older version of application.

 config MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT
 	bool "DirectXIP with revert"
 	help
 	  MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot
 	  will boot the application with the higher version from either slot, as long as it has
 	  been marked to be boot next time for test or permanently. In case when application is
 	  marked for test it needs to confirm itself, on the first boot, or it will be removed and
 	  MCUboot will revert to booting previously approved application.
 	  This mode does not allow freely switching between application versions, as, once higher
 	  version application is approved, it is not possible to select lower version for boot.
 	  This mode selects MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible to downgrade
 	  running application, but note that MCUboot may do that if application with higher
 	  version will not get confirmed.

 config MCUBOOT_MODE_RAM_LOAD
 	bool "RAM load"
 	help
 	  MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode, MCUboot
 	  will select the image with the higher version number, copy it to RAM and begin execution
 	  from there. The image must be linked to execute from RAM, the address that it is copied
 	  to is specified using the load-addr argument when running imgtool.

 	  Note: RAM must be assigned to the bootloader that is not used by the application in this
 	  mode so that the bootloader is able to function until the application has booted.

 config MCUBOOT_MODE_FIRMWARE_UPDATER
 	bool "Firmware updater"
 	help
 	  MCUboot will only boot slot0_partition for the main application but has an entrance
 	  mechanism defined for entering the slot1_partition which is a dedicated firmware updater
 	  application used to update the slot0_partition application.

 endchoice

 config SIGNATURE_TYPE
 	string
 	default "NONE" if BOOT_SIGNATURE_TYPE_NONE
 	default "RSA" if BOOT_SIGNATURE_TYPE_RSA
 	default "ECDSA_P256" if BOOT_SIGNATURE_TYPE_ECDSA_P256
 	default "ED25519" if BOOT_SIGNATURE_TYPE_ED25519

 choice BOOT_SIGNATURE_TYPE
 	prompt "Signature type"
 	default BOOT_SIGNATURE_TYPE_RSA

 config BOOT_SIGNATURE_TYPE_NONE
 	bool "No signature; use only hash check"

 config BOOT_SIGNATURE_TYPE_RSA
 	bool "RSA signatures"

 config BOOT_SIGNATURE_TYPE_ECDSA_P256
 	bool "Elliptic curve digital signatures with curve P-256"

 config BOOT_SIGNATURE_TYPE_ED25519
 	bool "Edwards curve digital signatures using ed25519"

 endchoice

 config BOOT_SIGNATURE_KEY_FILE
 	string "Signing PEM key file" if !BOOT_SIGNATURE_TYPE_NONE
 	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
 	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519
 	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA
 	default ""
 	help
 	  Absolute path to signing key file to use with MCUBoot.

 config SUPPORT_BOOT_ENCRYPTION
 	bool
 	depends on !BOOT_SIGNATURE_TYPE_NONE && !MCUBOOT_MODE_DIRECT_XIP && !MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT && !MCUBOOT_MODE_FIRMWARE_UPDATER
 	default y

 config BOOT_ENCRYPTION
 	bool "Encrypted image support"
 	depends on SUPPORT_BOOT_ENCRYPTION
 	help
 	  Support encrypted images.

 config BOOT_ENCRYPTION_KEY_FILE
 	string "Encryption PEM key file"
 	depends on BOOT_ENCRYPTION
 	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-ec256-priv.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
 	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-x25519-priv.pem" if BOOT_SIGNATURE_TYPE_ED25519
 	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-rsa2048-priv.pem" if BOOT_SIGNATURE_TYPE_RSA
 	default ""
 	help
 	  Absolute path to encryption key file to use with MCUBoot.

 endif
	# Copyright (c) 2022 Nordic Semiconductor
	#
	# SPDX-License-Identifier: Apache-2.0

	config SUPPORT_BOOTLOADER
	bool
	default y

	config SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR
	bool
	default y

	choice BOOTLOADER
	prompt "Bootloader support"
	default BOOTLOADER_NONE
	depends on SUPPORT_BOOTLOADER

	config BOOTLOADER_NONE
	bool "None"
	help
	Do not Include a bootloader in the build

	config BOOTLOADER_MCUBOOT
	bool "MCUboot"
	depends on SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR
	help
	Include MCUboot (Zephyr port) as the bootloader to use

	endchoice

	if BOOTLOADER_MCUBOOT

	choice MCUBOOT_MODE
	prompt "Mode of operation"
	default MCUBOOT_MODE_SWAP_USING_MOVE
	help
	The operating mode of MCUboot (which will also be propagated to the application).

	config MCUBOOT_MODE_SINGLE_APP
	bool "Single slot"
	help
	MCUboot will only boot slot0_partition placed application and does not care about other
	slots. In this mode application is not able to DFU its own update to secondary slot and
	all updates need to be performed using MCUboot serial recovery.

	config MCUBOOT_MODE_SWAP_USING_OFFSET
	bool "Swap using offset"
	select EXPERIMENTAL
	help
	MCUboot expects slot0_partition and slot1_partition to be present in DT and application
	will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
	in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.

	config MCUBOOT_MODE_SWAP_USING_MOVE
	bool "Swap using move"
	help
	MCUboot expects slot0_partition and slot1_partition to be present in DT and application
	will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
	in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.

	config MCUBOOT_MODE_SWAP_WITHOUT_SCRATCH
	bool "Swap without scratch (swap using move) [DEPRECATED]"
	select DEPRECATED
	help
	This Kconfig is deprecated, use MCUBOOT_MODE_SWAP_USING_MOVE instead.

	config MCUBOOT_MODE_SWAP_SCRATCH
	bool "Swap using scratch"
	help
	MCUboot expects slot0_partition, slot1_partition and scratch_partition to be present in
	DT, and application will boot from slot0_partition. In this mode scratch_partition is
	used as temporary storage when MCUboot swaps application from the secondary slot to the
	primary slot.
	MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected in main application if MCUboot
	has been built with MCUBOOT_DOWNGRADE_PREVENTION.

	config MCUBOOT_MODE_OVERWRITE_ONLY
	bool "Overwrite"
	help
	MCUboot will take contents of secondary slot of an image and will overwrite primary slot
	with it. In this mode it is not possible to revert back to previous version as it is not
	stored in the secondary slot.
	This mode supports MCUBOOT_BOOTLOADER_NO_DOWNGRADE which means that the overwrite will
	not happen unless the version of secondary slot is higher than the version in primary
	slot.

	config MCUBOOT_MODE_DIRECT_XIP
	bool "DirectXIP"
	help
	MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot
	can boot from either partition and will select one with higher application image version,
	which usually means major.minor.patch triple, unless BOOT_VERSION_CMP_USE_BUILD_NUMBER is
	also selected in MCUboot that enables comparison of build number.
	This option automatically selectes MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible
	to swap back to older version of application.

	config MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT
	bool "DirectXIP with revert"
	help
	MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot
	will boot the application with the higher version from either slot, as long as it has
	been marked to be boot next time for test or permanently. In case when application is
	marked for test it needs to confirm itself, on the first boot, or it will be removed and
	MCUboot will revert to booting previously approved application.
	This mode does not allow freely switching between application versions, as, once higher
	version application is approved, it is not possible to select lower version for boot.
	This mode selects MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible to downgrade
	running application, but note that MCUboot may do that if application with higher
	version will not get confirmed.

	config MCUBOOT_MODE_RAM_LOAD
	bool "RAM load"
	help
	MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode, MCUboot
	will select the image with the higher version number, copy it to RAM and begin execution
	from there. The image must be linked to execute from RAM, the address that it is copied
	to is specified using the load-addr argument when running imgtool.

	Note: RAM must be assigned to the bootloader that is not used by the application in this
	mode so that the bootloader is able to function until the application has booted.

	config MCUBOOT_MODE_FIRMWARE_UPDATER
	bool "Firmware updater"
	help
	MCUboot will only boot slot0_partition for the main application but has an entrance
	mechanism defined for entering the slot1_partition which is a dedicated firmware updater
	application used to update the slot0_partition application.

	endchoice

	config SIGNATURE_TYPE
	string
	default "NONE" if BOOT_SIGNATURE_TYPE_NONE
	default "RSA" if BOOT_SIGNATURE_TYPE_RSA
	default "ECDSA_P256" if BOOT_SIGNATURE_TYPE_ECDSA_P256
	default "ED25519" if BOOT_SIGNATURE_TYPE_ED25519

	choice BOOT_SIGNATURE_TYPE
	prompt "Signature type"
	default BOOT_SIGNATURE_TYPE_RSA

	config BOOT_SIGNATURE_TYPE_NONE
	bool "No signature; use only hash check"

	config BOOT_SIGNATURE_TYPE_RSA
	bool "RSA signatures"

	config BOOT_SIGNATURE_TYPE_ECDSA_P256
	bool "Elliptic curve digital signatures with curve P-256"

	config BOOT_SIGNATURE_TYPE_ED25519
	bool "Edwards curve digital signatures using ed25519"

	endchoice

	config BOOT_SIGNATURE_KEY_FILE
	string "Signing PEM key file" if !BOOT_SIGNATURE_TYPE_NONE
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ec-p256.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ed25519.pem" if BOOT_SIGNATURE_TYPE_ED25519
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-rsa-2048.pem" if BOOT_SIGNATURE_TYPE_RSA
	default ""
	help
	Absolute path to signing key file to use with MCUBoot.

	config SUPPORT_BOOT_ENCRYPTION
	bool
	depends on !BOOT_SIGNATURE_TYPE_NONE && !MCUBOOT_MODE_DIRECT_XIP && !MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT && !MCUBOOT_MODE_FIRMWARE_UPDATER
	default y

	config BOOT_ENCRYPTION
	bool "Encrypted image support"
	depends on SUPPORT_BOOT_ENCRYPTION
	help
	Support encrypted images.

	config BOOT_ENCRYPTION_KEY_FILE
	string "Encryption PEM key file"
	depends on BOOT_ENCRYPTION
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-ec256-priv.pem" if BOOT_SIGNATURE_TYPE_ECDSA_P256
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-x25519-priv.pem" if BOOT_SIGNATURE_TYPE_ED25519
	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/enc-rsa2048-priv.pem" if BOOT_SIGNATURE_TYPE_RSA
	default ""
	help
	Absolute path to encryption key file to use with MCUBoot.

	endif