diff --git a/README.md b/README.md index 650a2f415e..a272d026a9 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ [travis]: https://travis-ci.org/mcu-tools/mcuboot [license]: https://github.com/mcu-tools/mcuboot/blob/main/LICENSE -This is MCUboot version 2.3.0-dev +This is MCUboot version 2.3.0-rc1 MCUboot is a secure bootloader for 32-bits microcontrollers. It defines a common infrastructure for the bootloader and the system flash layout on diff --git a/docs/release-notes.d/add-cortex-r-support-00-basic.md b/docs/release-notes.d/add-cortex-r-support-00-basic.md deleted file mode 100644 index a7005af5cd..0000000000 --- a/docs/release-notes.d/add-cortex-r-support-00-basic.md +++ /dev/null @@ -1 +0,0 @@ -- Added support for booting Cortex-R5 images diff --git a/docs/release-notes.d/add-cortex-r-support-01-cleanup-core.md b/docs/release-notes.d/add-cortex-r-support-01-cleanup-core.md deleted file mode 100644 index 27b5039d05..0000000000 --- a/docs/release-notes.d/add-cortex-r-support-01-cleanup-core.md +++ /dev/null @@ -1 +0,0 @@ -- Add support for cleaning up the Cortex-R core before final jumping diff --git a/docs/release-notes.d/align-security-policy.md b/docs/release-notes.d/align-security-policy.md deleted file mode 100644 index 46c0dac7fb..0000000000 --- a/docs/release-notes.d/align-security-policy.md +++ /dev/null @@ -1,2 +0,0 @@ -- Aligned the project security policy with the [TrustedFirmware.org security -policy](https://www.trustedfirmware.org/.well-known/security.txt). diff --git a/docs/release-notes.d/click.md b/docs/release-notes.d/click.md deleted file mode 100644 index 820e94afae..0000000000 --- a/docs/release-notes.d/click.md +++ /dev/null @@ -1 +0,0 @@ - - Fixed imgtool dependency on click package version. diff --git a/docs/release-notes.d/enable-ram-load-revert.md b/docs/release-notes.d/enable-ram-load-revert.md deleted file mode 100644 index 117dd66c29..0000000000 --- a/docs/release-notes.d/enable-ram-load-revert.md +++ /dev/null @@ -1,2 +0,0 @@ -- Enabled support for ram-load revert mode, which functions using the same - logic as direct-xip revert mode but loads the executable image to ram. diff --git a/docs/release-notes.d/espressif-fix-fw-update-with-hw-flash-encryption-enabled b/docs/release-notes.d/espressif-fix-fw-update-with-hw-flash-encryption-enabled deleted file mode 100644 index 91c96074d2..0000000000 --- a/docs/release-notes.d/espressif-fix-fw-update-with-hw-flash-encryption-enabled +++ /dev/null @@ -1,6 +0,0 @@ -- Add cache flush after write/erase operations to avoid getting invalid - data when these are followed by read operation. -- Fix image wrong state after swap-scratch when hardware flash encryption - is enabled. When hardware flash encryption is enabled, force expected - erased value (0xFF) into flash when erasing a region, and also always - do a real erase before writing data into flash. diff --git a/docs/release-notes.d/espressif-move-virtual-efuse-offset-config.md b/docs/release-notes.d/espressif-move-virtual-efuse-offset-config.md deleted file mode 100644 index 1d46816d09..0000000000 --- a/docs/release-notes.d/espressif-move-virtual-efuse-offset-config.md +++ /dev/null @@ -1 +0,0 @@ -- Move the Virtual eFuse offset in flash configuration from hardcoded value to .conf file. diff --git a/docs/release-notes.d/fix-boot-scramble-region.md b/docs/release-notes.d/fix-boot-scramble-region.md deleted file mode 100644 index 55042de872..0000000000 --- a/docs/release-notes.d/fix-boot-scramble-region.md +++ /dev/null @@ -1,3 +0,0 @@ - - Fixed issue in boot_scramble_regions, where incorrect boundary - check would cause function to attempt to write pass a designated - flash area. diff --git a/docs/release-notes.d/fix-direct-hash-base-address.md b/docs/release-notes.d/fix-direct-hash-base-address.md deleted file mode 100644 index 041a451348..0000000000 --- a/docs/release-notes.d/fix-direct-hash-base-address.md +++ /dev/null @@ -1,2 +0,0 @@ - - Fixed issue in image_validate when `MCUBOOT_HASH_STORAGE_DIRECTLY` is enabled - for platforms with NVM memory that does not start at 0x00. diff --git a/docs/release-notes.d/fix-pure-eddsa-base-address.md b/docs/release-notes.d/fix-pure-eddsa-base-address.md deleted file mode 100644 index 4fe226792a..0000000000 --- a/docs/release-notes.d/fix-pure-eddsa-base-address.md +++ /dev/null @@ -1,2 +0,0 @@ - - Fixed issue in image_validate when `BOOT_SIGNATURE_TYPE_PURE` is enabled - for platforms with NVM memory that does not start at 0x00. diff --git a/docs/release-notes.d/fix-serial-recovery-progressive-erase.md b/docs/release-notes.d/fix-serial-recovery-progressive-erase.md deleted file mode 100644 index ea44f0bdbc..0000000000 --- a/docs/release-notes.d/fix-serial-recovery-progressive-erase.md +++ /dev/null @@ -1,4 +0,0 @@ -- Fixed serial recovery with progressive erase for MCUboot modes of single - updatable slot (`MCUBOOT_SINGLE_APPLICATION_SLOT`, `MCUBOOT_FIRMWARE_LOADER`, - `MCUBOOT_SINGLE_APPLICATION_SLOT_RAM_LOAD`) which was previously failing due - to attempting to access non-existent image status fields. diff --git a/docs/release-notes.d/imgtool-compression-header-fix.md b/docs/release-notes.d/imgtool-compression-header-fix.md deleted file mode 100644 index e9a7bda6b8..0000000000 --- a/docs/release-notes.d/imgtool-compression-header-fix.md +++ /dev/null @@ -1,2 +0,0 @@ - - Fixed issue with imgtool when trying to compress images with - no header padding requested. diff --git a/docs/release-notes.d/minimal-erase-swap-offset.md b/docs/release-notes.d/minimal-erase-swap-offset.md deleted file mode 100644 index 71c6aa3d8b..0000000000 --- a/docs/release-notes.d/minimal-erase-swap-offset.md +++ /dev/null @@ -1,3 +0,0 @@ -- Fixed issue with swap using offset when mininmal erase was - enabled that did not offset the erase to the second sector and - wrongly used the (empty) first sector of the secondary slot. diff --git a/docs/release-notes.d/picolibc.md b/docs/release-notes.d/picolibc.md deleted file mode 100644 index 5a54a7a8b0..0000000000 --- a/docs/release-notes.d/picolibc.md +++ /dev/null @@ -1 +0,0 @@ - - Switched to picolibc as the default C library in Zephyr. diff --git a/docs/release-notes.d/single-slot-fixes.md b/docs/release-notes.d/single-slot-fixes.md deleted file mode 100644 index 92666b813d..0000000000 --- a/docs/release-notes.d/single-slot-fixes.md +++ /dev/null @@ -1,5 +0,0 @@ - - Fixed wrong define specifying 2 slots in single loader mode - instead of just 1 - - Fixed wrong slot ID in hook calls from serial recovery. - - Fixed issues with serial recovery not building/not - working/faulting. diff --git a/docs/release-notes.d/swap-offset.md b/docs/release-notes.d/swap-offset.md deleted file mode 100644 index c32b32e494..0000000000 --- a/docs/release-notes.d/swap-offset.md +++ /dev/null @@ -1,3 +0,0 @@ -- Swap using offset now includes the size of the unprotected TLV - area which was wrongly missing before, this requires extra space - in the swap status as the data is not part of the image header diff --git a/docs/release-notes.d/tlv-allow-list.md b/docs/release-notes.d/tlv-allow-list.md deleted file mode 100644 index 295b5f076f..0000000000 --- a/docs/release-notes.d/tlv-allow-list.md +++ /dev/null @@ -1,2 +0,0 @@ - - Control over compilation of unprotected TLV allow list has been exposed - using MCUBOOT_USE_TLV_ALLOW_LIST mcuboot configuration identifier. diff --git a/docs/release-notes.d/trailer-fixes.md b/docs/release-notes.d/trailer-fixes.md deleted file mode 100644 index 6c708e0f7b..0000000000 --- a/docs/release-notes.d/trailer-fixes.md +++ /dev/null @@ -1,6 +0,0 @@ - - Fixed issue with platforms that have - MCUBOOT_SUPPORT_DEV_WITHOUT_ERASE set that did not scramble - (delete) data sections from the trailer that should have been - deleted. - - Fixed issue with boot_scramble_region escaping flash area due - to error in the range check. diff --git a/docs/release-notes.d/vscode.md b/docs/release-notes.d/vscode.md deleted file mode 100644 index df4fea82d8..0000000000 --- a/docs/release-notes.d/vscode.md +++ /dev/null @@ -1,2 +0,0 @@ -- A few changes to make vscode nicer, including a default package to build at - the top level, and ignoring some of the cache files from vscode. diff --git a/docs/release-notes.d/zephyr-bootutil-max-align.md b/docs/release-notes.d/zephyr-bootutil-max-align.md deleted file mode 100644 index bac3d3cf5f..0000000000 --- a/docs/release-notes.d/zephyr-bootutil-max-align.md +++ /dev/null @@ -1,2 +0,0 @@ -- Zephyr builds are now using Kconfig CONFIG_MCUBOOT_BOOT_MAX_ALIGN - to set the MCUBOOT_BOOT_MAX_ALIGN. diff --git a/docs/release-notes.d/zephyr-pinreset-trigger.md b/docs/release-notes.d/zephyr-pinreset-trigger.md deleted file mode 100644 index af93f8b802..0000000000 --- a/docs/release-notes.d/zephyr-pinreset-trigger.md +++ /dev/null @@ -1,2 +0,0 @@ -- Fixed issue with checking pin reset not checking for single - flag in Zephyr. diff --git a/docs/release-notes.md b/docs/release-notes.md index 368ecd5fb0..95a80d9b7f 100644 --- a/docs/release-notes.md +++ b/docs/release-notes.md @@ -3,6 +3,62 @@ - Table of Contents {:toc} +## Version 2.3.0 + +- Added support for booting Cortex-R5 images +- Add support for cleaning up the Cortex-R core before final jumping +- Aligned the project security policy with the [TrustedFirmware.org security + policy](https://www.trustedfirmware.org/.well-known/security.txt). +- Fixed imgtool dependency on click package version. +- Enabled support for ram-load revert mode, which functions using the same + logic as direct-xip revert mode but loads the executable image to ram. +- Add cache flush after write/erase operations to avoid getting invalid + data when these are followed by read operation. +- Fix image wrong state after swap-scratch when hardware flash encryption + is enabled. When hardware flash encryption is enabled, force expected + erased value (0xFF) into flash when erasing a region, and also always + do a real erase before writing data into flash. +- Move the Virtual eFuse offset in flash configuration from hardcoded value to .conf file. +- Fixed issue in boot_scramble_regions, where incorrect boundary + check would cause function to attempt to write pass a designated + flash area. +- Fixed issue in image_validate when `MCUBOOT_HASH_STORAGE_DIRECTLY` is enabled + for platforms with NVM memory that does not start at 0x00. +- Fixed issue in image_validate when `BOOT_SIGNATURE_TYPE_PURE` is enabled + for platforms with NVM memory that does not start at 0x00. +- Fixed serial recovery with progressive erase for MCUboot modes of single + updatable slot (`MCUBOOT_SINGLE_APPLICATION_SLOT`, `MCUBOOT_FIRMWARE_LOADER`, + `MCUBOOT_SINGLE_APPLICATION_SLOT_RAM_LOAD`) which was previously failing due + to attempting to access non-existent image status fields. +- Fixed issue with imgtool when trying to compress images with + no header padding requested. +- Fixed issue with swap using offset when mininmal erase was + enabled that did not offset the erase to the second sector and + wrongly used the (empty) first sector of the secondary slot. +- Switched to picolibc as the default C library in Zephyr. +- Fixed wrong define specifying 2 slots in single loader mode + instead of just 1 +- Fixed wrong slot ID in hook calls from serial recovery. +- Fixed issues with serial recovery not building/not + working/faulting. +- Swap using offset now includes the size of the unprotected TLV + area which was wrongly missing before, this requires extra space + in the swap status as the data is not part of the image header +- Control over compilation of unprotected TLV allow list has been exposed + using MCUBOOT_USE_TLV_ALLOW_LIST mcuboot configuration identifier. +- Fixed issue with platforms that have + MCUBOOT_SUPPORT_DEV_WITHOUT_ERASE set that did not scramble + (delete) data sections from the trailer that should have been + deleted. +- Fixed issue with boot_scramble_region escaping flash area due + to error in the range check. +- A few changes to make vscode nicer, including a default package to build at + the top level, and ignoring some of the cache files from vscode. +- Zephyr builds are now using Kconfig CONFIG_MCUBOOT_BOOT_MAX_ALIGN + to set the MCUBOOT_BOOT_MAX_ALIGN. +- Fixed issue with checking pin reset not checking for single + flag in Zephyr. + ## Version 2.2.0 - Added support for retrieving HW embedded private keys for image encryption @@ -157,7 +213,7 @@ function `boot_save_shared_data`. commit 3016d00cd765e7c09a14af55fb4dcad945e4b982 Author: Jamie McCrae Date: Tue Mar 14 12:35:51 2023 +0000 - + bootutil: Add active slot number and max app size to shared data ### About this release diff --git a/repository.yml b/repository.yml index 5878353204..36a3b89366 100644 --- a/repository.yml +++ b/repository.yml @@ -39,11 +39,12 @@ repo.versions: "2.0.0": "v2.0.0" "2.1.0": "v2.1.0" "2.2.0": "v2.2.0" + "2.3.0": "v2.3.0" "0-dev": "0.0.0" # main "0-latest": "2.2.0" # latest stable release "1-latest": "1.11.0" - "2-latest": "2.2.0" + "2-latest": "2.3.0" "1.0-latest": "1.11.0" - "2.0-latest": "2.2.0" + "2.0-latest": "2.3.0" diff --git a/scripts/imgtool/__init__.py b/scripts/imgtool/__init__.py index 83c1a2bbbb..91737d96c9 100644 --- a/scripts/imgtool/__init__.py +++ b/scripts/imgtool/__init__.py @@ -14,4 +14,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -imgtool_version = "2.2.0" +imgtool_version = "2.3.0rc1"