1#-------------------------------------------------------------------------------
2# SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
3#
4# SPDX-License-Identifier: BSD-3-Clause
5#
6#-------------------------------------------------------------------------------
7
8menuconfig BL2
9    bool "BL2"
10    default y
11
12if BL2
13
14config DEFAULT_MCUBOOT_SECURITY_COUNTERS
15    bool "Use the default security counter configuration"
16    default y
17    help
18      Use the default security counter configuration defined by TF-M project
19
20config DEFAULT_MCUBOOT_FLASH_MAP
21    bool "Use the default flash map"
22    default y
23    help
24      Whether to use the default flash map defined by TF-M project
25
26config MCUBOOT_S_IMAGE_FLASH_AREA_NUM
27    int "ID of the flash area containing the primary Secure image"
28    default 0
29    help
30      ID of the flash area containing the primary Secure image
31
32config MCUBOOT_NS_IMAGE_FLASH_AREA_NUM
33    int "ID of the flash area containing the primary Non-Secure image"
34    default 1
35
36config MCUBOOT_IMAGE_NUMBER
37    int "Whether to combine S and NS into either 1 image, or sign each seperately"
38    default 2
39    range 1 9
40
41config MCUBOOT_EXECUTION_SLOT
42    int "Slot from which to execute the image, used for XIP mode"
43    default 1
44
45config MCUBOOT_USE_PSA_CRYPTO
46    bool "Enable cryptography through PSA Crypto APIs"
47    default n
48
49choice MCUBOOT_HW_KEY_CHOICE
50    prompt "Hardware key options for signature verification"
51    optional
52
53config MCUBOOT_HW_KEY
54    bool "Embed the entire public key"
55    default y
56    help
57      Whether to embed the entire public key in the image metadata instead of
58      the hash only
59
60config MCUBOOT_BUILTIN_KEY
61    bool "Use builtin key(s) for verification"
62    default n
63    help
64      No public key data is in the image metadata or boot code, key IDs
65      are used instead to select a builtin key for signature verification.
66endchoice
67
68choice MCUBOOT_UPGRADE_STRATEGY_CHOICE
69    prompt "Upgrade strategy for images"
70    default MCUBOOT_UPGRADE_STRATEGY_OVERWRITE_ONLY
71
72    config MCUBOOT_UPGRADE_STRATEGY_OVERWRITE_ONLY
73        bool "Overwrite only"
74
75    config MCUBOOT_UPGRADE_STRATEGY_SWAP_USING_SCRATCH
76        bool "Swap using scratch"
77        imply FWU_SUPPORT_TRIAL_STATE
78
79    config MCUBOOT_UPGRADE_STRATEGY_SWAP_USING_MOVE
80        bool "Swap using move"
81        imply FWU_SUPPORT_TRIAL_STATE
82
83    config MCUBOOT_UPGRADE_STRATEGY_DIRECT_XIP
84        bool "Direct xip"
85        depends on !TFM_PARTITION_FIRMWARE_UPDATE
86
87    config MCUBOOT_UPGRADE_STRATEGY_RAM_LOAD
88        bool "Ram load"
89        depends on !TFM_PARTITION_FIRMWARE_UPDATE
90endchoice
91
92config MCUBOOT_UPGRADE_STRATEGY
93    string "Upgrade strategy for images"
94    default "OVERWRITE_ONLY" if MCUBOOT_UPGRADE_STRATEGY_OVERWRITE_ONLY
95    default "SWAP_USING_SCRATCH" if MCUBOOT_UPGRADE_STRATEGY_SWAP_USING_SCRATCH
96    default "SWAP_USING_MOVE" if MCUBOOT_UPGRADE_STRATEGY_SWAP_USING_MOVE
97    default "DIRECT_XIP" if MCUBOOT_UPGRADE_STRATEGY_DIRECT_XIP
98    default "RAM_LOAD" if MCUBOOT_UPGRADE_STRATEGY_RAM_LOAD
99
100config BL2_HEADER_SIZE
101    hex "BL2 Header size"
102    default 0x400
103
104config BL2_TRAILER_SIZE
105    hex "BL2 Trailer size"
106    default 0x400
107
108choice MCUBOOT_ALIGN_VAL_CHOICE
109    prompt "Align option for mcuboot and build image with imgtool"
110    config MCUBOOT_ALIGN_VAL_1
111        bool "1"
112    config MCUBOOT_ALIGN_VAL_2
113        bool "2"
114    config MCUBOOT_ALIGN_VAL_4
115        bool "4"
116    config MCUBOOT_ALIGN_VAL_8
117        bool "8"
118    config MCUBOOT_ALIGN_VAL_16
119        bool "16"
120    config MCUBOOT_ALIGN_VAL_32
121        bool "32"
122endchoice
123
124config MCUBOOT_ALIGN_VAL
125    int
126    default 1 if MCUBOOT_ALIGN_VAL_1
127    default 2 if MCUBOOT_ALIGN_VAL_2
128    default 4 if MCUBOOT_ALIGN_VAL_4
129    default 8 if MCUBOOT_ALIGN_VAL_8
130    default 16 if MCUBOOT_ALIGN_VAL_16
131    default 32 if MCUBOOT_ALIGN_VAL_32
132
133config MCUBOOT_CONFIRM_IMAGE
134    bool "Whether to confirm the image if REVERT is supported in MCUboot"
135    default n
136
137config MCUBOOT_DIRECT_XIP_REVERT
138    bool "Enable the revert mechanism in direct-xip mode"
139    default y
140    depends on MCUBOOT_UPGRADE_STRATEGY_DIRECT_XIP
141
142config MCUBOOT_HW_ROLLBACK_PROT
143    bool "Enable security counter validation against non-volatile HW counters"
144    default y
145
146config MCUBOOT_ENC_IMAGES
147    bool "Enable encrypted image upgrade support"
148    default n
149
150config MCUBOOT_BOOTSTRAP
151    bool "Support initial state with empty primary slot and images installed from secondary slots"
152    default n
153
154config MCUBOOT_ENCRYPT_RSA
155    bool "Use RSA for encrypted image upgrade support"
156    default n
157
158choice MCUBOOT_FIH_PROFILE_CHOICE
159    prompt "Fault injection hardening profile"
160    default MCUBOOT_FIH_PROFILE_OFF
161
162    config MCUBOOT_FIH_PROFILE_OFF
163        bool "OFF"
164
165    config MCUBOOT_FIH_PROFILE_LOW
166        bool "LOW"
167
168    config MCUBOOT_FIH_PROFILE_MEDIUM
169        bool "MEDIUM"
170
171    config MCUBOOT_FIH_PROFILE_HIGH
172        bool "HIGH"
173endchoice
174
175config MCUBOOT_FIH_PROFILE
176    string
177    default "OFF" if MCUBOOT_FIH_PROFILE_OFF
178    default "LOW" if MCUBOOT_FIH_PROFILE_LOW
179    default "MEDIUM" if MCUBOOT_FIH_PROFILE_MEDIUM
180    default "HIGH" if MCUBOOT_FIH_PROFILE_HIGH
181
182config MCUBOOT_SIGNATURE_TYPE
183    string "Algorithm to use for signature validation [RSA-2048, RSA-3072, EC-P256, EC-P384]"
184    default "RSA-3072"
185    help
186      Note - If either SIGNATURE_TYPE or KEY_LEN are changed, the entries for KEY_S
187      and KEY_NS will either have to be updated manually or removed from the cache.
188      `cmake .. -UMCUBOOT_KEY_S -UMCUBOOT_KEY_NS`. Once removed from the cache it
189      will be set to default again.
190
191config MCUBOOT_GENERATE_SIGNING_KEYPAIR
192    bool "Generate new keypair or use MCUBOOT_KEY_S and MCUBOOT_KEY_NS for signing"
193    default n
194
195config MCUBOOT_KEY_S
196    string "Path to key with which to sign secure binary"
197    default "$(TFM_SOURCE_DIR)/bl2/ext/mcuboot/root-${MCUBOOT_SIGNATURE_TYPE}.pem"
198
199config MCUBOOT_KEY_NS
200    string "Path to key with which to sign non-secure binary"
201    default "$(TFM_SOURCE_DIR)/bl2/ext/mcuboot/root-${MCUBOOT_SIGNATURE_TYPE}_1.pem"
202
203config MCUBOOT_IMAGE_VERSION_S
204    string "Version number of S image"
205    default "${TFM_VERSION}"
206
207config MCUBOOT_IMAGE_VERSION_NS
208    string "Version number of NS image"
209    default "0.0.0"
210
211config MCUBOOT_SECURITY_COUNTER_S
212    int "Security counter for S image. auto sets it to IMAGE_VERSION_S"
213    default 1
214
215config MCUBOOT_SECURITY_COUNTER_NS
216    int "Security counter for NS image. auto sets it to IMAGE_VERSION_NS"
217    default 1
218
219config MCUBOOT_S_IMAGE_MIN_VER
220    string "Minimum version of secure image"
221    default "0.0.0+0"
222    help
223      Minimum version of secure image required by the non-secure image for
224      upgrade to this non-secure image. If MCUBOOT_IMAGE_NUMBER == 1 this
225      option has no effect
226
227config MCUBOOT_NS_IMAGE_MIN_VER
228    string "Minimum version of non-secure image"
229    default "0.0.0+0"
230    help
231      Minimum version of non-secure image required by the secure image for
232      upgrade to this secure image. If MCUBOOT_IMAGE_NUMBER == 1 this option
233      has no effect
234
235config MCUBOOT_ENC_KEY_LEN
236    int "Length of the AES key for encrypting images"
237    default 128
238
239config MCUBOOT_MBEDCRYPTO_CONFIG_FILEPATH
240    string "Mbed TLS config file to use with MCUboot"
241    default "$(TFM_SOURCE_DIR)/bl2/ext/mcuboot/config/mcuboot-mbedtls-cfg.h"
242
243config MCUBOOT_PSA_CRYPTO_CONFIG_FILEPATH
244    string "Mbed TLS PSA Crypto config file to use with MCUboot"
245    default "$(TFM_SOURCE_DIR)/bl2/ext/mcuboot/config/mcuboot_crypto_config.h"
246
247choice BL2_LOG_LEVEL
248    prompt "TFM BL2 Log Level"
249    default LOG_LEVEL_INFO
250
251    config LOG_LEVEL_VERBOSE
252        bool "Verbose"
253
254    config LOG_LEVEL_INFO
255        bool "Info"
256
257    config LOG_LEVEL_WARNING
258        bool "Warning"
259
260    config LOG_LEVEL_NOTICE
261        bool "Notice"
262
263    config LOG_LEVEL_ERROR
264        bool "Error"
265
266    config LOG_LEVEL_NONE
267        bool "None"
268endchoice
269
270config TFM_BL2_LOG_LEVEL
271    int
272    default 50 if LOG_LEVEL_VERBOSE
273    default 40 if LOG_LEVEL_INFO
274    default 30 if LOG_LEVEL_WARN
275    default 20 if LOG_LEVEL_NOTICE
276    default 10 if LOG_LEVEL_ERROR
277    default 0 if LOG_LEVEL_NONE
278endif
279