Skip to content

bootutil: Add manifest-based loader for Direct XIP #2511

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

bootutil: Add manifest-based loader for Direct XIP #2511

wants to merge 11 commits into from

Conversation

@tomchy
Copy link
Collaborator

@tomchy tomchy commented Oct 21, 2025
edited
Loading

Add a loader variant that is capable of booting images, based on a simple manifest.

Based on: #2503

@tomchy tomchy force-pushed the feature/mcuboot/NCSDK-NONE_Transaction_manifest_xip_upstream branch 3 times, most recently from 6ebfcaf to aaf2a5a Compare October 21, 2025 14:10
tomchy
tomchy commented Oct 22, 2025
View reviewed changes
tomchy
tomchy commented Oct 22, 2025
View reviewed changes
@tomchy tomchy force-pushed the feature/mcuboot/NCSDK-NONE_Transaction_manifest_xip_upstream branch from aaf2a5a to d8e62ff Compare October 22, 2025 09:00
@tomchy tomchy marked this pull request as ready for review October 22, 2025 15:13
tomchy added 11 commits October 23, 2025 14:06
@tomchy
loader: Rename boot_version_cmp
ab836a5 
Rename boot_version_cmp(..) to boot_compare_version(..).
Reason: most of the boot APIs use verb as the second part of the
function name.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
loader: Optimize boot_check_header_erased(..)
f99a102 
The boot_check_header_erased(..) function may use a common function to
check for a buffer value (bootutil_buffer_is_erased).
Checking function should return bool intead of int.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
loader: Unify header_valid(..) API
6fd2201 
Rename boot_is_header_valid(..) to boot_check_header_valid(..).
The fap and hdr arguments are misleading - they should always point to
the same slot. Change the function signature to use slot number instead.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
loader: Unify image check API.
897f9a9 
Rename boot_image_check(..) to boot_check_image(..). Most of boot APIs
use verb as the second part of the function name.
The fap and hdr arguments are misleading - they should always point to
the same slot. Change the function signature to use slot number instead.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
bootutil: Add missing docs
ec52710 
Add missing API docs for the following functions:
 - boot_get_loader_state()
 - boot_get_image_max_sizes()
 - image_max_size *boot_get_max_app_size()
Restrict visibility of the app_size* APIs, based on the configuration.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
bootutil: Move state-independent area APIs
1dde00c 
Move functions, that operate on the flash area and does not require the
bootloader state or bootloader status into a separate, dedicated file.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
loader: Move boot_get_max_app_size(..) API
4c1fa52 
Move the boot_get_max_app_size(..) API into bootutil_misc.c as this file
has the remaining functions, that operate on the size array
(i.e. boot_fetch_slot_state_sizes(..)) and is independent from the
update type, thus moving it will reduce the code duplication in the
future.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
bootutil: Move update-independent code
1b4be75 
Move functions from loader.c that are independent from the update type
into a dedicated file. That way it will be easier to provide alternative
loader type without massive code duplication.
This file is intended to be used by loader-like files instead and should
not be included in the bootutil/_priv.h headers.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
boot: Add MCUboot manifest TLV
1e6fbe3 
Add a possibility to attach a basic manifest with expected digests to an
image.
Alter the image verification logic, so only digests specified by the
manifest are allowed on the device.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
imgtool: Add a possibility to attach manifest TLV
bc13024 
Add a simple logic that allows to attach a manifest TLV to an image.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy
bootutil: Add manifest-based loader for Direct XIP
3688d72 
Add a loader variant that is capable of booting images, based on a
simple manifest.

Signed-off-by: Tomasz Chyrowicz <[email protected]>
@tomchy tomchy force-pushed the feature/mcuboot/NCSDK-NONE_Transaction_manifest_xip_upstream branch from d8e62ff to 3688d72 Compare October 23, 2025 12:07
JarmouniA
JarmouniA reviewed Oct 23, 2025
View reviewed changes
Copy link
Contributor

@JarmouniA JarmouniA left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we have some documentation for this feature? Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nordicjm nordicjm Awaiting requested review from nordicjm nordicjm is a code owner

@de-nordic de-nordic Awaiting requested review from de-nordic de-nordic is a code owner

@almir-okato almir-okato Awaiting requested review from almir-okato almir-okato is a code owner

@davidvincze davidvincze Awaiting requested review from davidvincze davidvincze is a code owner

@d3zd3z d3zd3z Awaiting requested review from d3zd3z d3zd3z is a code owner

1 more reviewer

@JarmouniA JarmouniA JarmouniA left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tomchy @JarmouniA