esp-idf/components/bootloader/Makefile.projbuild

# Bootloader component (top-level project parts)
#
# The bootloader is not a real component that gets linked into the project.
# Instead it is an entire standalone project (in subproject/) that gets
# built in the upper project's build directory. This Makefile.projbuild provides
# the glue to build the bootloader project from the original project. It
# basically runs Make in the subproject/ directory but it needs to
# zero some variables the ESP-IDF project.mk makefile exports first, to not
# let them interfere.
#
BOOTLOADER_COMPONENT_PATH := $(COMPONENT_PATH)
BOOTLOADER_BUILD_DIR=$(abspath $(BUILD_DIR_BASE)/bootloader)
BOOTLOADER_BIN=$(BOOTLOADER_BUILD_DIR)/bootloader.bin

# signing key path is resolved relative to the project directory
CONFIG_SECURE_BOOT_SIGNING_KEY ?=
SECURE_BOOT_SIGNING_KEY=$(abspath $(call dequote,$(CONFIG_SECURE_BOOT_SIGNING_KEY)))
export SECURE_BOOT_SIGNING_KEY  # used by bootloader_support component

BOOTLOADER_SIGNED_BIN ?=

# Has a matching value in bootloader_support esp_flash_partitions.h
BOOTLOADER_OFFSET := 0x1000

# Custom recursive make for bootloader sub-project
#
# NB: Some variables are cleared in the environment, not
# overriden, because they need to be re-defined in the child
# project.
BOOTLOADER_MAKE= +\
	PROJECT_PATH= \
	COMPONENT_DIRS= \
	$(MAKE) -C $(BOOTLOADER_COMPONENT_PATH)/subproject \
	V=$(V) \
	BUILD_DIR_BASE=$(BOOTLOADER_BUILD_DIR) \
	TEST_COMPONENTS= \
	TESTS_ALL= \
	EXCLUDE_COMPONENTS=

.PHONY: bootloader-clean bootloader-flash bootloader-list-components bootloader $(BOOTLOADER_BIN)

$(BOOTLOADER_BIN): $(SDKCONFIG_MAKEFILE)
	$(BOOTLOADER_MAKE) $@

clean: bootloader-clean

bootloader-list-components:
	$(BOOTLOADER_MAKE) list-components

ifndef CONFIG_SECURE_BOOT
# If secure boot disabled, bootloader flashing is integrated
# with 'make flash' and no warnings are printed.

bootloader: $(BOOTLOADER_BIN) | check_python_dependencies
	@echo $(SEPARATOR)
	@echo "Bootloader built. Default flash command is:"
	@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $^"

ESPTOOL_ALL_FLASH_ARGS += $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)
UF2_ADD_BINARIES += $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)

bootloader-flash: $(BOOTLOADER_BIN) $(call prereq_if_explicit,erase_flash) | check_python_dependencies
	$(ESPTOOLPY_WRITE_FLASH) 0x1000 $^

else ifdef CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH

# One time flashing requires user to run esptool.py command themselves,
# and warning is printed about inability to reflash.
#
# The flashing command is deliberately printed without an auto-reset
# step, so the device doesn't immediately reset to flash itself.

bootloader: $(BOOTLOADER_BIN) | check_python_dependencies
	@echo $(SEPARATOR)
	@echo "Bootloader built. One-time flash command is:"
	@echo "$(subst hard_reset,no_reset,$(ESPTOOLPY_WRITE_FLASH)) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"
	@echo $(SEPARATOR)
	@echo "* IMPORTANT: After first boot, BOOTLOADER CANNOT BE RE-FLASHED on same device"

else ifdef CONFIG_SECURE_BOOTLOADER_REFLASHABLE
# Reflashable secure bootloader
# generates a digest binary (bootloader + digest)

ifdef CONFIG_SECURE_BOOTLOADER_KEY_ENCODING_192BIT
KEY_DIGEST_LEN=192
else
KEY_DIGEST_LEN=256
endif

BOOTLOADER_DIGEST_BIN := $(BOOTLOADER_BUILD_DIR)/bootloader-reflash-digest.bin
SECURE_BOOTLOADER_KEY := $(BOOTLOADER_BUILD_DIR)/secure-bootloader-key-$(KEY_DIGEST_LEN).bin

ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
$(SECURE_BOOTLOADER_KEY): $(SECURE_BOOT_SIGNING_KEY) | check_python_dependencies
	$(ESPSECUREPY) digest_private_key --keylen $(KEY_DIGEST_LEN) -k $< $@
else
$(SECURE_BOOTLOADER_KEY):
	@echo "No pre-generated key for a reflashable secure bootloader is available, due to signing configuration."
	@echo "To generate one, you can use this command:"
	@echo "espsecure.py generate_flash_encryption_key $@"
	@echo "then re-run make."
	exit 1
endif

bootloader: $(BOOTLOADER_DIGEST_BIN)
	@echo $(SEPARATOR)
	@echo "Bootloader built and secure digest generated. First time flash command is:"
	@echo "$(ESPEFUSEPY) burn_key secure_boot_v1 $(SECURE_BOOTLOADER_KEY)"
	@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"
	@echo $(SEPARATOR)
	@echo "To reflash the bootloader after initial flash:"
	@echo "$(ESPTOOLPY_WRITE_FLASH) 0x0 $(BOOTLOADER_DIGEST_BIN)"
	@echo $(SEPARATOR)
	@echo "* After first boot, only re-flashes of this kind (with same key) will be accepted."
	@echo "* Not recommended to re-use the same secure boot keyfile on multiple production devices."

$(BOOTLOADER_DIGEST_BIN): $(BOOTLOADER_BIN) $(SECURE_BOOTLOADER_KEY) | check_python_dependencies
	@echo "DIGEST $(notdir $@)"
	$(ESPSECUREPY) digest_secure_bootloader -k $(SECURE_BOOTLOADER_KEY) -o $@ $<

else ifdef CONFIG_SECURE_BOOT_V2_ENABLED
BOOTLOADER_SIGNED_BIN := $(BOOTLOADER_BUILD_DIR)/bootloader-signed.bin
ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
bootloader: $(BOOTLOADER_BIN) $(SDKCONFIG_MAKEFILE) | check_python_dependencies
	$(ESPSECUREPY) sign_data --keyfile $(SECURE_BOOT_SIGNING_KEY) --version 2 \
	-o $(BOOTLOADER_SIGNED_BIN) $(BOOTLOADER_BIN)
else
bootloader: $(BOOTLOADER_BIN) $(SDKCONFIG_MAKEFILE) | check_python_dependencies
	@echo "Bootloader not signed. Sign the bootloader before flashing."
	@echo "To sign the bootloader, you can use this command:"
	@echo "espsecure.py sign_data --keyfile SECURE_BOOT_SIGNING_KEY --version 2 $(BOOTLOADER_BIN)"
endif
	@echo $(SEPARATOR)
	@echo "Use the following command to flash the bootloader:"
ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
	@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_SIGNED_BIN)"
else
	@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"
endif
	@echo $(SEPARATOR)

else # CONFIG_SECURE_BOOT && !CONFIG_SECURE_BOOTLOADER_REFLASHABLE \
&& !CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH && !CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
bootloader:
	@echo "Invalid bootloader target: bad sdkconfig?"
	@exit 1
endif

ifndef CONFIG_SECURE_BOOT
# don't build bootloader by default if secure boot is enabled
all_binaries: $(BOOTLOADER_BIN)
endif

bootloader-clean: $(SDKCONFIG_MAKEFILE)
	$(BOOTLOADER_MAKE) app-clean
ifdef CONFIG_SECURE_BOOTLOADER_REFLASHABLE
	rm -f $(SECURE_BOOTLOADER_KEY) $(BOOTLOADER_DIGEST_BIN)
endif
ifdef CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
	rm -f $(BOOTLOADER_SIGNED_BIN)
endif
endif
build system: Use component.mk for all components, refactor bootloader build For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1" Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader project works, it's now mostly independent from the parent. 2017-06-23 14:08:01 +10:00			`# Bootloader component (top-level project parts)`
Initial public version 2016-08-17 23:08:22 +08:00			`#`
			`# The bootloader is not a real component that gets linked into the project.`
build system: Use component.mk for all components, refactor bootloader build For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1" Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader project works, it's now mostly independent from the parent. 2017-06-23 14:08:01 +10:00			`# Instead it is an entire standalone project (in subproject/) that gets`
			`# built in the upper project's build directory. This Makefile.projbuild provides`
			`# the glue to build the bootloader project from the original project. It`
			`# basically runs Make in the subproject/ directory but it needs to`
			`# zero some variables the ESP-IDF project.mk makefile exports first, to not`
			`# let them interfere.`
Initial public version 2016-08-17 23:08:22 +08:00			`#`
			`BOOTLOADER_COMPONENT_PATH := $(COMPONENT_PATH)`
build system: Allow BUILD_DIR_BASE to be a relative directory (see github #38) 2016-10-06 18:05:51 +11:00			`BOOTLOADER_BUILD_DIR=$(abspath $(BUILD_DIR_BASE)/bootloader)`
Make: Fix make bootloader, make bootloader-flash, cleaning of bootloader Should resolve TW6610 2016-08-18 12:36:15 +08:00			`BOOTLOADER_BIN=$(BOOTLOADER_BUILD_DIR)/bootloader.bin`
Initial public version 2016-08-17 23:08:22 +08:00
secure boot: Derive secure bootloader key from private key Means only one key needs to be managed. 2016-11-04 16:05:00 +11:00			`# signing key path is resolved relative to the project directory`
Add --warn-undefined-variables to MAKEFLAGS Fix warnings where undefined vars are used. Make Kconfig emit "FOO=" for unset bool options To ensure make variables are always defined, even if empty. When writing auto.conf, include symbols disabled by dependency to make sure all make variables are always defined. Fixes espressif/esp-idf#137 Cherry-picked from https://github.com/espressif/esp-idf/pull/138 2016-12-03 22:11:22 +00:00			`CONFIG_SECURE_BOOT_SIGNING_KEY ?=`
Secure boot: initial image signature support 2016-11-03 17:33:30 +11:00			`SECURE_BOOT_SIGNING_KEY=$(abspath $(call dequote,$(CONFIG_SECURE_BOOT_SIGNING_KEY)))`
			`export SECURE_BOOT_SIGNING_KEY # used by bootloader_support component`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00
bootloader: Fix error in Make build system when signature options is on 2021-04-10 20:45:25 +08:00			`BOOTLOADER_SIGNED_BIN ?=`

Flash encryption: Support enabling flash encryption in bootloader, app support * App access functions are all flash encryption-aware * Documentation for flash encryption * Partition read/write is flash aware * New encrypted write function 2016-11-11 17:00:34 +11:00			`# Has a matching value in bootloader_support esp_flash_partitions.h`
			`BOOTLOADER_OFFSET := 0x1000`

build system: Fix out-of-tree building via BUILD_DIR_BASE Closes #38 2016-10-04 15:03:48 +11:00			`# Custom recursive make for bootloader sub-project`
build system: Use component.mk for all components, refactor bootloader build For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1" Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader project works, it's now mostly independent from the parent. 2017-06-23 14:08:01 +10:00			`#`
			`# NB: Some variables are cleared in the environment, not`
			`# overriden, because they need to be re-defined in the child`
			`# project.`
			`BOOTLOADER_MAKE= +\`
			`PROJECT_PATH= \`
			`COMPONENT_DIRS= \`
			`$(MAKE) -C $(BOOTLOADER_COMPONENT_PATH)/subproject \`
			`V=$(V) \`
			`BUILD_DIR_BASE=$(BOOTLOADER_BUILD_DIR) \`
			`TEST_COMPONENTS= \`
build: allow EXCLUDE_COMPONENTS to contain quotes 'dequote' macro can’t be used at this point yet, use subst directly. Also prevent EXCLUDE_COMPONENTS from being passed to bootloader build. 2018-04-28 19:57:00 +08:00			`TESTS_ALL= \`
			`EXCLUDE_COMPONENTS=`
build system: Use component.mk for all components, refactor bootloader build For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1" Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader project works, it's now mostly independent from the parent. 2017-06-23 14:08:01 +10:00
			`.PHONY: bootloader-clean bootloader-flash bootloader-list-components bootloader $(BOOTLOADER_BIN)`
Initial public version 2016-08-17 23:08:22 +08:00
build system: Refactor component.mk to not need component_common.mk New makefile component_wrapper.mk allows some variables to be set before component.mk is evaluated. This properly fixes problems with sdkconfig being hard to access in all phases of the build. Including component_common.mk is no longer necessary and will print a deprecation warning for components which use it. 2016-11-10 13:20:55 +11:00			`$(BOOTLOADER_BIN): $(SDKCONFIG_MAKEFILE)`
build system: Remove need for $(Q) macro in recipes, use --silent in MAKEFLAGS instead 2016-11-11 12:29:38 +11:00			`$(BOOTLOADER_MAKE) $@`
Initial public version 2016-08-17 23:08:22 +08:00
make: 'make all' default target builds everything, 'make flash' flashes everything Also added 'make help' target which prints some useful usage summary. 2016-08-18 17:11:27 +08:00			`clean: bootloader-clean`

build system: Use component.mk for all components, refactor bootloader build For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1" Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader project works, it's now mostly independent from the parent. 2017-06-23 14:08:01 +10:00			`bootloader-list-components:`
			`$(BOOTLOADER_MAKE) list-components`

feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:21:41 +05:30			`ifndef CONFIG_SECURE_BOOT`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00			`# If secure boot disabled, bootloader flashing is integrated`
			`# with 'make flash' and no warnings are printed.`

bootloader: Don't use check_python_dependencies in the bootloader command 2018-08-20 11:07:27 +02:00			`bootloader: $(BOOTLOADER_BIN) \| check_python_dependencies`
Build system: Don't shell-quote SEPARATOR variable or it evaluates as a bunch of wildcards! 2016-11-11 14:44:10 +11:00			`@echo $(SEPARATOR)`
Fix 'make bootloader' not printing instructions 2016-08-18 16:59:38 +08:00			`@echo "Bootloader built. Default flash command is:"`
Flash encryption: Support enabling flash encryption in bootloader, app support * App access functions are all flash encryption-aware * Documentation for flash encryption * Partition read/write is flash aware * New encrypted write function 2016-11-11 17:00:34 +11:00			`@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $^"`
Initial public version 2016-08-17 23:08:22 +08:00
Flash encryption: Support enabling flash encryption in bootloader, app support * App access functions are all flash encryption-aware * Documentation for flash encryption * Partition read/write is flash aware * New encrypted write function 2016-11-11 17:00:34 +11:00			`ESPTOOL_ALL_FLASH_ARGS += $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)`
tools: Wrap flash binaries into a UF2 file for flashing through USB MSC @mmoskal This commit adds basic support for UF2 into ESP-IDF. 2020-12-11 16:28:11 +01:00			`UF2_ADD_BINARIES += $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)`
make: 'make all' default target builds everything, 'make flash' flashes everything Also added 'make help' target which prints some useful usage summary. 2016-08-18 17:11:27 +08:00
Use check_python_dependencies everywhere as order-only-prerequisite 2018-09-03 11:42:10 +02:00			`bootloader-flash: $(BOOTLOADER_BIN) $(call prereq_if_explicit,erase_flash) \| check_python_dependencies`
build system: Fix bootloader-flash target ESP32 forum thread: http://esp32.com/viewtopic.php?f=2&t=407&p=1902#p1902 2016-11-08 12:00:38 +11:00			`$(ESPTOOLPY_WRITE_FLASH) 0x1000 $^`
build system: Fix out-of-tree building via BUILD_DIR_BASE Closes #38 2016-10-04 15:03:48 +11:00
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00			`else ifdef CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH`
secure boot: Add warnings this feature is not finished yet 2016-11-11 15:40:58 +11:00
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00			`# One time flashing requires user to run esptool.py command themselves,`
			`# and warning is printed about inability to reflash.`
esptool: Add new options to reset before/after, detect flash size 2016-12-20 18:02:47 +11:00			`#`
			`# The flashing command is deliberately printed without an auto-reset`
			`# step, so the device doesn't immediately reset to flash itself.`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00
bootloader: Don't use check_python_dependencies in the bootloader command 2018-08-20 11:07:27 +02:00			`bootloader: $(BOOTLOADER_BIN) \| check_python_dependencies`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00			`@echo $(SEPARATOR)`
			`@echo "Bootloader built. One-time flash command is:"`
esptool: Add new options to reset before/after, detect flash size 2016-12-20 18:02:47 +11:00			`@echo "$(subst hard_reset,no_reset,$(ESPTOOLPY_WRITE_FLASH)) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00			`@echo $(SEPARATOR)`
			`@echo "* IMPORTANT: After first boot, BOOTLOADER CANNOT BE RE-FLASHED on same device"`

			`else ifdef CONFIG_SECURE_BOOTLOADER_REFLASHABLE`
Secure boot: initial image signature support 2016-11-03 17:33:30 +11:00			`# Reflashable secure bootloader`
			`# generates a digest binary (bootloader + digest)`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00
Secure Boot & Flash encryption: Support 3/4 Coding Scheme Includes esptool update to v2.6-beta1 2018-10-02 15:15:32 +10:00			`ifdef CONFIG_SECURE_BOOTLOADER_KEY_ENCODING_192BIT`
			`KEY_DIGEST_LEN=192`
			`else`
			`KEY_DIGEST_LEN=256`
			`endif`

secure boot: Derive secure bootloader key from private key Means only one key needs to be managed. 2016-11-04 16:05:00 +11:00			`BOOTLOADER_DIGEST_BIN := $(BOOTLOADER_BUILD_DIR)/bootloader-reflash-digest.bin`
Secure Boot & Flash encryption: Support 3/4 Coding Scheme Includes esptool update to v2.6-beta1 2018-10-02 15:15:32 +10:00			`SECURE_BOOTLOADER_KEY := $(BOOTLOADER_BUILD_DIR)/secure-bootloader-key-$(KEY_DIGEST_LEN).bin`
secure boot: Derive secure bootloader key from private key Means only one key needs to be managed. 2016-11-04 16:05:00 +11:00
Secure boot: Option for app & partition table signing to happen outside build system 2016-12-19 13:06:21 +11:00			`ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES`
make: Use order-only prereq to check python dependencies 2018-08-20 17:39:56 +10:00			`$(SECURE_BOOTLOADER_KEY): $(SECURE_BOOT_SIGNING_KEY) \| check_python_dependencies`
Secure Boot & Flash encryption: Support 3/4 Coding Scheme Includes esptool update to v2.6-beta1 2018-10-02 15:15:32 +10:00			`$(ESPSECUREPY) digest_private_key --keylen $(KEY_DIGEST_LEN) -k $< $@`
Secure boot: Option for app & partition table signing to happen outside build system 2016-12-19 13:06:21 +11:00			`else`
			`$(SECURE_BOOTLOADER_KEY):`
			`@echo "No pre-generated key for a reflashable secure bootloader is available, due to signing configuration."`
			`@echo "To generate one, you can use this command:"`
			`@echo "espsecure.py generate_flash_encryption_key $@"`
			`@echo "then re-run make."`
			`exit 1`
			`endif`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00
			`bootloader: $(BOOTLOADER_DIGEST_BIN)`
			`@echo $(SEPARATOR)`
			`@echo "Bootloader built and secure digest generated. First time flash command is:"`
bootloader: Secure_boot name replaced by secure_boot_v1 & secure_boot_v2 - espefuse.py burn_key secure_boot is no longer used. - Secure boot V1: espefuse.py burn_key secure_boot_v1 file.bin - Secure boot V2: espefuse.py burn_key secure_boot_v2 file.bin 2020-10-15 16:48:23 +08:00			`@echo "$(ESPEFUSEPY) burn_key secure_boot_v1 $(SECURE_BOOTLOADER_KEY)"`
Flash encryption: Support enabling flash encryption in bootloader, app support * App access functions are all flash encryption-aware * Documentation for flash encryption * Partition read/write is flash aware * New encrypted write function 2016-11-11 17:00:34 +11:00			`@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00			`@echo $(SEPARATOR)`
			`@echo "To reflash the bootloader after initial flash:"`
			`@echo "$(ESPTOOLPY_WRITE_FLASH) 0x0 $(BOOTLOADER_DIGEST_BIN)"`
			`@echo $(SEPARATOR)`
			`@echo "* After first boot, only re-flashes of this kind (with same key) will be accepted."`
Add documentation for bootloader secure boot stage 2016-11-01 17:41:27 +11:00			`@echo "* Not recommended to re-use the same secure boot keyfile on multiple production devices."`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00
make: Use order-only prereq to check python dependencies 2018-08-20 17:39:56 +10:00			`$(BOOTLOADER_DIGEST_BIN): $(BOOTLOADER_BIN) $(SECURE_BOOTLOADER_KEY) \| check_python_dependencies`
Secure boot: initial image signature support 2016-11-03 17:33:30 +11:00			`@echo "DIGEST $(notdir $@)"`
bootloader: Fix warning building reflashable Secure Boot image 2018-07-13 15:24:11 +10:00			`$(ESPSECUREPY) digest_secure_bootloader -k $(SECURE_BOOTLOADER_KEY) -o $@ $<`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00
feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:21:41 +05:30			`else ifdef CONFIG_SECURE_BOOT_V2_ENABLED`
			`BOOTLOADER_SIGNED_BIN := $(BOOTLOADER_BUILD_DIR)/bootloader-signed.bin`
			`ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES`
			`bootloader: $(BOOTLOADER_BIN) $(SDKCONFIG_MAKEFILE) \| check_python_dependencies`
			`$(ESPSECUREPY) sign_data --keyfile $(SECURE_BOOT_SIGNING_KEY) --version 2 \`
			`-o $(BOOTLOADER_SIGNED_BIN) $(BOOTLOADER_BIN)`
			`else`
			`bootloader: $(BOOTLOADER_BIN) $(SDKCONFIG_MAKEFILE) \| check_python_dependencies`
			`@echo "Bootloader not signed. Sign the bootloader before flashing."`
			`@echo "To sign the bootloader, you can use this command:"`
			`@echo "espsecure.py sign_data --keyfile SECURE_BOOT_SIGNING_KEY --version 2 $(BOOTLOADER_BIN)"`
			`endif`
			`@echo $(SEPARATOR)`
			`@echo "Use the following command to flash the bootloader:"`
			`ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES`
			`@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_SIGNED_BIN)"`
			`else`
			`@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"`
			`endif`
			`@echo $(SEPARATOR)`

			`else # CONFIG_SECURE_BOOT && !CONFIG_SECURE_BOOTLOADER_REFLASHABLE \`
			`&& !CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH && !CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME`
Refactor existing bootloader common functionality into bootloader_support component 2016-11-02 10:41:58 +11:00			`bootloader:`
			`@echo "Invalid bootloader target: bad sdkconfig?"`
			`@exit 1`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00			`endif`

feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:21:41 +05:30			`ifndef CONFIG_SECURE_BOOT`
docs: Update Flash Encryption docs to clarify reflashing options 2018-07-13 16:18:07 +10:00			`# don't build bootloader by default if secure boot is enabled`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00			`all_binaries: $(BOOTLOADER_BIN)`
secure boot & flash encryption: Rework configuration options Add UART bootloader disable options for flash encryption 2016-11-25 14:09:26 +11:00			`endif`
build system: Add espefuse/espsecure support for secure boot 2016-11-01 10:50:16 +11:00
build system: Add dependencies to component clean steps Build directory must exist, component_project_vars.mk must be generated if it is going to be. 2017-09-01 17:28:13 +10:00			`bootloader-clean: $(SDKCONFIG_MAKEFILE)`
Merge branch 'master' into feature/build_component_project_vars 2016-11-14 14:48:10 +11:00			`$(BOOTLOADER_MAKE) app-clean`
build system: Fix undefined variables make/project.mk:315: warning: undefined variable `CC' make/project.mk:316: warning: undefined variable `LD' make/project.mk:317: warning: undefined variable `AR' make/project.mk:62: warning: undefined variable `MAKECMDGOALS' components/partition_table/Makefile.projbuild:24: warning: undefined variable `quote' components/bootloader/Makefile.projbuild:123: warning: undefined variable 'BOOTLOADER_DIGEST_BIN' components/bootloader/Makefile.projbuild:123: warning: undefined variable 'SECURE_BOOTLOADER_KEY' 2017-10-20 12:14:41 +08:00			`ifdef CONFIG_SECURE_BOOTLOADER_REFLASHABLE`
Merge branch 'master' into feature/build_component_project_vars 2016-11-14 14:48:10 +11:00			`rm -f $(SECURE_BOOTLOADER_KEY) $(BOOTLOADER_DIGEST_BIN)`
build system: Fix undefined variables make/project.mk:315: warning: undefined variable `CC' make/project.mk:316: warning: undefined variable `LD' make/project.mk:317: warning: undefined variable `AR' make/project.mk:62: warning: undefined variable `MAKECMDGOALS' components/partition_table/Makefile.projbuild:24: warning: undefined variable `quote' components/bootloader/Makefile.projbuild:123: warning: undefined variable 'BOOTLOADER_DIGEST_BIN' components/bootloader/Makefile.projbuild:123: warning: undefined variable 'SECURE_BOOTLOADER_KEY' 2017-10-20 12:14:41 +08:00			`endif`
feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:21:41 +05:30			`ifdef CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME`
			`ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES`
			`rm -f $(BOOTLOADER_SIGNED_BIN)`
			`endif`
Whitespace: Automated whitespace fixes (large commit) Apply the pre-commit hook whitespace fixes to all files in the repo. (Line endings, blank lines at end of file, trailing whitespace) 2020-11-10 18:40:01 +11:00			`endif`