diff --git a/Makefile b/Makefile index 32002b51e7..1bb259a2d0 100644 --- a/Makefile +++ b/Makefile @@ -104,8 +104,12 @@ CFLAGS+= \ # Setup default optimizations (for GCC) ifeq ($(USE_GCC_HEADLESS),1) - CFLAGS+=-Wall -Wextra -Wno-main -ffreestanding -Wno-unused -nostartfiles + CFLAGS+=-Wall -Wextra -Wno-main -ffreestanding -nostartfiles CFLAGS+=-ffunction-sections -fdata-sections -fomit-frame-pointer + # Allow unused parameters and functions + CFLAGS+=-Wno-unused-parameter -Wno-unused-function + # Error on unused variables + CFLAGS+=-Wunused-variable LDFLAGS+=-Wl,-gc-sections -Wl,-Map=wolfboot.map -ffreestanding -nostartfiles # Not setting LDFLAGS directly since it is passed to the test-app LSCRIPT_FLAGS+=-T $(LSCRIPT) @@ -469,7 +473,7 @@ utilsclean: clean $(Q)$(MAKE) -C tools/test-update-server -s clean $(Q)$(MAKE) -C tools/uart-flash-server -s clean $(Q)$(MAKE) -C tools/unit-tests -s clean - $(Q)if [ "$(WOLFHSM_CLIENT)" = "1" ]; then $(MAKE) -C lib/wolfHSM/tools/whnvmtool -s clean; fi + $(Q)if [ "$(WOLFHSM_CLIENT)" = "1" ]; then $(MAKE) -C $(WOLFBOOT_LIB_WOLFHSM)/tools/whnvmtool -s clean; fi $(Q)$(MAKE) -C tools/keytools/otp -s clean $(Q)$(MAKE) -C tools/squashelf -s clean diff --git a/arch.mk b/arch.mk index 61ffb9ddd4..2fb3cec93d 100644 --- a/arch.mk +++ b/arch.mk @@ -106,7 +106,9 @@ ifeq ($(ARCH),AARCH64) CFLAGS+=$(ARCH_FLAGS) -DWOLFSSL_ARMASM -DWOLFSSL_ARMASM_INLINE -DWC_HASH_DATA_ALIGNMENT=8 -DWOLFSSL_AARCH64_PRIVILEGE_MODE WOLFCRYPT_OBJS += $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/cpuid.o \ $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha512-asm_c.o \ - $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha3-asm_c.o + $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha3-asm_c.o \ + $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-aes-asm_c.o \ + $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha256-asm_c.o endif endif @@ -190,13 +192,14 @@ ifeq ($(ARCH),ARM) ARCH_FLASH_OFFSET=0x08000000 SPI_TARGET=stm32 ifneq ($(PKA),0) - PKA_EXTRA_OBJS+= $(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Src/stm32wbxx_hal_pka.o $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/st/stm32.o - PKA_EXTRA_CFLAGS+=-DWOLFSSL_STM32_PKA -I$(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Inc \ - -Isrc -I$(STM32CUBE)/Drivers/BSP/P-NUCLEO-WB55.Nucleo/ -I$(STM32CUBE)/Drivers/CMSIS/Device/ST/STM32WBxx/Include \ - -I$(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Inc/ \ - -I$(STM32CUBE)/Drivers/CMSIS/Include \ - -Ihal \ - -DSTM32WB55xx + PKA_EXTRA_OBJS+= $(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Src/stm32wbxx_hal_pka.o $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/st/stm32.o + PKA_EXTRA_CFLAGS+=-DWOLFSSL_STM32WB -DWOLFSSL_STM32_PKA -DWOLFSSL_STM32_CUBEMX -DNO_STM32_HASH -DSTM32WB55xx + PKA_EXTRA_CFLAGS+=-Isrc -Ihal \ + -I$(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Inc \ + -I$(STM32CUBE)/Drivers/BSP/P-NUCLEO-WB55.Nucleo/ \ + -I$(STM32CUBE)/Drivers/CMSIS/Device/ST/STM32WBxx/Include \ + -I$(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Inc \ + -I$(STM32CUBE)/Drivers/CMSIS/Include endif endif @@ -1180,7 +1183,7 @@ ifeq ($(ARCH), AURIX_TC3) # Common wolfHSM port files CFLAGS += -I$(WOLFHSM_INFINEON_TC3XX)/port -DWOLFHSM_CFG_DMA OBJS += $(WOLFHSM_INFINEON_TC3XX)/port/tchsm_common.o \ - $(WOLFHSM_INFINEON_TC3XX)/port/tchsm_hsmhost.o + $(WOLFHSM_INFINEON_TC3XX)/port/tchsm_hsmhost.o # General wolfHSM files OBJS += $(WOLFBOOT_LIB_WOLFHSM)/src/wh_transport_mem.o @@ -1188,7 +1191,7 @@ ifeq ($(ARCH), AURIX_TC3) WH_NVM_BIN ?= whNvmImage.bin WH_NVM_HEX ?= whNvmImage.hex WH_NVM_PART_SIZE ?= 0x8000 - # Default to base of HSM DFLASH1 + # Default to base of HSM DFLASH1 WH_NVM_BASE_ADDRESS ?= 0xAFC00000 # Select config file based on certificate chain verification @@ -1225,25 +1228,25 @@ ifeq ($(ARCH), AURIX_TC3) LSCRIPT_IN=hal/$(TARGET)_hsm.ld - # wolfHSM port server-specific files + # wolfHSM port server-specific files ifeq ($(WOLFHSM_SERVER),1) USE_GCC_HEADLESS=0 CFLAGS += -I$(WOLFHSM_INFINEON_TC3XX)/port/server OBJS += $(WOLFHSM_INFINEON_TC3XX)/port/server/port_halflash_df1.o \ - $(WOLFHSM_INFINEON_TC3XX)/port/server/io.o \ - $(WOLFHSM_INFINEON_TC3XX)/port/server/sysmem.o \ - $(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_hh_hsm.o \ - $(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_utils.o - - # SW only for now, as we dont have the right protection macros - #$(WOLFHSM_INFINEON_TC3XX)/port/server/ccb_hsm.o \ - #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_hash.o \ - #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_aes.o \ - #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_cmac.o \ - #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_pk.o \ - #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_trng.o + $(WOLFHSM_INFINEON_TC3XX)/port/server/io.o \ + $(WOLFHSM_INFINEON_TC3XX)/port/server/sysmem.o \ + $(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_hh_hsm.o \ + $(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_utils.o + + # SW only for now, as we dont have the right protection macros + #$(WOLFHSM_INFINEON_TC3XX)/port/server/ccb_hsm.o \ + #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_hash.o \ + #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_aes.o \ + #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_cmac.o \ + #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_pk.o \ + #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_trng.o endif # HSM BSP specific object files diff --git a/config/examples/stm32l4-cube.config b/config/examples/stm32l4-cube.config index df88f87138..3c81774a9c 100644 --- a/config/examples/stm32l4-cube.config +++ b/config/examples/stm32l4-cube.config @@ -15,7 +15,7 @@ SPMATH?=1 RAM_CODE?=0 DUALBANK_SWAP?=0 IMAGE_HEADER_SIZE?=0x200 -STM32CUBE?=$(HOME)/STM32Cube/Repository/STM32Cube_FW_L4_V1.17.0 +STM32CUBE?=$(HOME)/STM32Cube/Repository/STM32Cube_FW_L4_V1.18.1 WOLFBOOT_SECTOR_SIZE=0x1000 WOLFBOOT_PARTITION_SIZE=0x7A000 WOLFBOOT_PARTITION_BOOT_ADDRESS=0x0800A000 diff --git a/config/examples/stm32wb-pka-1mb.config b/config/examples/stm32wb-pka-1mb.config index f43b9d006d..c41b95a373 100644 --- a/config/examples/stm32wb-pka-1mb.config +++ b/config/examples/stm32wb-pka-1mb.config @@ -8,3 +8,5 @@ WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x08083800 WOLFBOOT_PARTITION_SWAP_ADDRESS=0x080FF000 NVM_FLASH_WRITEONCE=1 PKA=1 +STM32CUBE?=$(HOME)/STM32Cube/Repository/STM32Cube_FW_WB_V1.23.0 +NO_ARM_ASM=1 diff --git a/docs/wolfHSM.md b/docs/wolfHSM.md index 1ec50e29a6..b6fafbcb94 100644 --- a/docs/wolfHSM.md +++ b/docs/wolfHSM.md @@ -144,7 +144,7 @@ make test-sim-internal-flash-with-update #### wolfHSM Server Mode Build -To build the simulator configured to use embedded wolfHSM server mode, use the `WOLFHSM_SERVER=1` makefile option. In this mode, wolfBoot includes the complete wolfHSM server and no external HSM server is required. Currently the wolfHSM server only supporst the certificate chain verification mode of authentication. +To build the simulator configured to use embedded wolfHSM server mode, use the `WOLFHSM_SERVER=1` makefile option. In this mode, wolfBoot includes the complete wolfHSM server and no external HSM server is required. Currently the wolfHSM server only supports the certificate chain verification mode of authentication. ```sh # Grab the HSM server simulator configuration (with certificate chain verification) @@ -228,7 +228,7 @@ When using wolfHSM server mode, no external server is required. wolfBoot include # Create a simulated NVM image for the POSIX flash file simulator containing the dummy root CA for cert chain verification. # You must build whnvmtool first if you haven't already, and ensure the file name matches the simulated NVM image file # name in hal/sim.c -./lib/wolfHSM/tools/whnvmtool/whnvmtool --image=wolfBoot_wolfHSM_NVM.bin --size 16348 --invert-erased-byte tools/scripts/wolfBoot-wolfHSM-sim-dummy-certchain.nvminit +./lib/wolfHSM/tools/whnvmtool/whnvmtool --image=wolfBoot_wolfHSM_NVM.bin --size 16348 --invert-erased-byte tools/scripts/wolfBoot-wolfHSM-sim-dummy-certchain.nvminit # Run the wolfBoot simulator with embedded wolfHSM server to stage an update ./wolfboot.elf update_trigger get_version diff --git a/hal/lpc.c b/hal/lpc.c index bac9d53421..feb8157285 100644 --- a/hal/lpc.c +++ b/hal/lpc.c @@ -26,7 +26,6 @@ #include "fsl_flashiap.h" #include "fsl_power.h" -static int flash_init = 0; uint32_t SystemCoreClock; #ifdef NVM_FLASH_WRITEONCE diff --git a/hal/mcxa.c b/hal/mcxa.c index 5ce563a26a..4288560a7f 100644 --- a/hal/mcxa.c +++ b/hal/mcxa.c @@ -36,7 +36,6 @@ #define BOARD_BOOTCLOCKFRO96M_CORE_CLOCK 96000000UL static flash_config_t pflash; -static int flash_init = 0; uint32_t SystemCoreClock; diff --git a/hal/nrf5340.c b/hal/nrf5340.c index 4d42e2f67c..7de476041d 100644 --- a/hal/nrf5340.c +++ b/hal/nrf5340.c @@ -487,7 +487,6 @@ static uint32_t hal_shm_status_wait(ShmInfo_t* info, uint32_t status, uint32_t timeout_ms) { uint32_t status_ret = SHARED_STATUS_UNKNOWN; - int ret = 0; do { /* see if status shared already */ @@ -566,7 +565,7 @@ static void hal_net_check_version(void) { int ret; struct wolfBoot_image img; - uint32_t timeout, status = 0; + uint32_t status = 0; #ifdef TARGET_nrf5340_app /* check the network core version */ @@ -682,7 +681,7 @@ static void hal_net_check_version(void) } /* proceed to update_flash routines */ #endif /* TARGET_nrf5340_* */ -exit: + (void)status; wolfBoot_printf("Status: App %s (ver %d), Net %s (ver %d)\n", hal_shm_status_string(shm->core.app.status), shm->core.app.version, hal_shm_status_string(shm->core.net.status), shm->core.net.version); diff --git a/hal/nxp_ls1028a.c b/hal/nxp_ls1028a.c index 0b601644e9..d886a217dd 100644 --- a/hal/nxp_ls1028a.c +++ b/hal/nxp_ls1028a.c @@ -537,7 +537,6 @@ void xspi_flash_write(uintptr_t address, const uint8_t *data, uint32_t len) { uint32_t size = 0; uint32_t tx_data = 0; - uint32_t size_wm = 0; uint32_t loop_cnt = 0; uint32_t remaining, rem_size = 0; uint32_t i = 0, j = 0; @@ -839,8 +838,6 @@ void hal_init(void) { volatile uint32_t counter=0xFFFFul; /* used for delay */ #ifdef DEBUG_UART - uint32_t fw; - uart_init(); wolfBoot_printf("wolfBoot Init\n"); #endif diff --git a/hal/nxp_p1021.c b/hal/nxp_p1021.c index 3ba50ac4d9..c96b9ef79e 100644 --- a/hal/nxp_p1021.c +++ b/hal/nxp_p1021.c @@ -1164,10 +1164,7 @@ static void config_io_pin(uint8_t port, uint8_t pin, int dir, int open_drain, static void read_io_pin(uint8_t port, uint8_t pin, int *data) { - uint32_t pin_1bit_mask, tmp_val; - - /* Calculate pin location for 1bit mask */ - pin_1bit_mask = (uint32_t)(1 << (NUM_OF_PINS - (pin + 1))); + uint32_t tmp_val; /* Read the data */ tmp_val = get32(GUTS_CPDAT(port)); @@ -1299,7 +1296,9 @@ static void qe_upload_microcode(const struct qe_firmware *firmware, static int qe_upload_firmware(const struct qe_firmware *firmware) { unsigned int i, j; +#ifdef ENABLE_QE_CRC32 uint32_t crc; +#endif size_t calc_size = sizeof(struct qe_firmware); size_t length; const struct qe_header *hdr; @@ -1567,6 +1566,7 @@ static void hal_irq_init(void) set32(PIC_GCR, PIC_GCR_M); /* eanble mixed-mode */ reg = get32(PIC_GCR); /* read back */ + (void)reg; } #endif @@ -1685,6 +1685,7 @@ int ext_flash_write(uintptr_t address, const uint8_t *data, int len) ELBC_FIR_OP(4, ELBC_FIR_OP_WB) | ELBC_FIR_OP(5, ELBC_FIR_OP_CW1)); #endif + (void)block_size; /* not used - shown for reference */ /* page write loop */ while (pos < len) { @@ -1717,6 +1718,7 @@ int ext_flash_write(uintptr_t address, const uint8_t *data, int len) wolfBoot_printf("write page %d, col %d, status %x\n", page, col, status); #endif + (void)status; address += page_size - col; pos += page_size - col; data += page_size - col; @@ -1857,6 +1859,7 @@ int ext_flash_erase(uintptr_t address, int len) #ifdef DEBUG_EXT_FLASH wolfBoot_printf("erase page %d, status %x\n", page, status); #endif + (void)status; len -= block_size; } diff --git a/hal/nxp_t1024.c b/hal/nxp_t1024.c index 6dc57481d0..ae859d87b5 100644 --- a/hal/nxp_t1024.c +++ b/hal/nxp_t1024.c @@ -1538,7 +1538,6 @@ uint32_t io_read32(uint16_t port) static int hal_pcie_init(void) { int ret; - int bus, i; int law_idx = 8; int tlb_idx = 14; /* next available TLB (after DDR) */ struct pci_enum_info enum_info; @@ -1862,8 +1861,10 @@ struct qe_firmware { /* Checks for valid QE firmware */ static int qe_check_firmware(const struct qe_firmware *firmware, const char* t) { - unsigned int i, j; + unsigned int i; +#ifdef ENABLE_QE_CRC32 uint32_t crc; +#endif size_t calc_size = sizeof(struct qe_firmware); size_t length; const struct qe_header *hdr; @@ -2172,7 +2173,6 @@ static int fman_upload_firmware(const struct qe_firmware *firmware) /* Loop through each microcode. */ for (i = 0; i < firmware->count; i++) { const struct qe_microcode *ucode = &firmware->microcode[i]; - uint32_t trapCount = 0; /* Upload a microcode if it's present */ if (ucode->code_offset) { @@ -2868,7 +2868,7 @@ extern uint32_t _bootpg_addr; /* Startup additional cores with spin table and synchronize the timebase */ static void hal_mp_up(uint32_t bootpg) { - uint32_t all_cores, active_cores, whoami, bpcr; + uint32_t all_cores, active_cores, whoami; int timeout = 50, i; whoami = get32(PIC_WHOAMI); /* Get current running core number */ diff --git a/hal/nxp_t2080.c b/hal/nxp_t2080.c index eb07d86402..6cc3159791 100644 --- a/hal/nxp_t2080.c +++ b/hal/nxp_t2080.c @@ -491,7 +491,7 @@ static void hal_cpld_init(void) void hal_init(void) { -#ifdef DEBUG_UART +#if defined(DEBUG_UART) && defined(ENABLE_CPLD) uint32_t fw; #endif diff --git a/hal/pic32c.c b/hal/pic32c.c index ef3f6839a2..c79f7819e2 100644 --- a/hal/pic32c.c +++ b/hal/pic32c.c @@ -376,8 +376,6 @@ void pic32_clock_pll0_init(int refdiv, int fbdiv, int bw, int postdiv) void pic32_clock_gclk_gen0(int mclk_div1, int cpudiv) { - uint32_t reg; - /* setup clock division before changing the generator */ if (mclk_div1 != 1) MCLK_DIV1 = mclk_div1; diff --git a/hal/pic32cz.c b/hal/pic32cz.c index 1d79960ab9..d0099b81bf 100644 --- a/hal/pic32cz.c +++ b/hal/pic32cz.c @@ -36,8 +36,6 @@ static void pic32_supc_vreg_pll_enable(void) { - uint32_t reg; - SUPC_VREGCTRL |= SUPC_VREGCTRL_AVREGEN_PLLREG_EN << SUPC_VREGCTRL_AVREGEN_SHIFT; diff --git a/hal/sama5d3.c b/hal/sama5d3.c index 27b7a10552..a5cb2bf9ab 100644 --- a/hal/sama5d3.c +++ b/hal/sama5d3.c @@ -223,12 +223,10 @@ static void mac_init(void) static void ddr_init(void) { - uint32_t val; uint32_t rtr, md, cr, tpr0, tpr1, tpr2; uint32_t col, row, cas, bank; uint32_t cal; uint32_t ba_offset = 0; - uint32_t pmc_pcr; volatile uint32_t *dram_base = (volatile uint32_t *)DRAM_BASE; /* Step 1: Calculate register values @@ -551,8 +549,6 @@ static int nand_device_read(uint32_t row_address, uint8_t *data, int mode) { uint32_t col_address = 0x00; uint32_t tot_len = 0; - uint32_t page_size = nand_flash.page_size; - uint32_t pages_per_device = nand_flash.pages_per_device; uint32_t i; if (mode == NAND_MODE_DATAPAGE) { @@ -668,8 +664,6 @@ int ext_flash_read(uintptr_t address, uint8_t *data, int len) static void pit_init(void) { - uint32_t pmc_pcr; - /* Turn on clock for PIT */ PMC_CLOCK_EN(PIT_PMCID); diff --git a/hal/stm32_tz.c b/hal/stm32_tz.c index 3aefb68a2c..fd2d0c8c1d 100644 --- a/hal/stm32_tz.c +++ b/hal/stm32_tz.c @@ -80,6 +80,7 @@ static int is_range_nonsecure(uint32_t address, int len) uint32_t min2 = WOLFBOOT_PARTITION_UPDATE_ADDRESS; uint32_t max2 = FLASH_TOP + 1; uint32_t end; + (void)boot_offset; /* calculated for reference, but not used */ if (len < 0) return 0; end = (uint32_t)(address + len); @@ -294,7 +295,6 @@ void hal_gtzc_init(void) void hal_tz_sau_init(void) { - uint32_t page_n = 0; /* SAU is set up before staging. Set up all areas as secure. */ /* Non-secure callable: NSC functions area */ diff --git a/hal/stm32c0.c b/hal/stm32c0.c index 30a335769f..436b3692c9 100644 --- a/hal/stm32c0.c +++ b/hal/stm32c0.c @@ -195,7 +195,6 @@ void RAMFUNCTION hal_flash_lock(void) int RAMFUNCTION hal_flash_erase(uint32_t address, int len) { - int start = -1, end = -1; uint32_t end_address; uint32_t p; if (len == 0) @@ -235,6 +234,7 @@ static void clock_pll_on(int powersave) /* Select clock parameters (CPU Speed = 48MHz) */ cpu_freq = 48000000; + (void)cpu_freq; /* not used */ flash_waitstates = 1; flash_set_waitstates(flash_waitstates); diff --git a/hal/stm32f7.c b/hal/stm32f7.c index c68c004777..09192d6af6 100644 --- a/hal/stm32f7.c +++ b/hal/stm32f7.c @@ -245,7 +245,6 @@ static void RAMFUNCTION clear_errors(void) int RAMFUNCTION hal_flash_write(uint32_t address, const uint8_t *data, int len) { int i; - uint32_t val; flash_wait_complete(); clear_errors(); /* Set 8-bit write */ @@ -348,6 +347,7 @@ static void clock_pll_on(int powersave) ppre2 = RCC_PRESCALER_DIV_2; flash_waitstates = 7; cpu_freq = 216000000; + (void)cpu_freq; /* not used */ flash_set_waitstates(flash_waitstates); @@ -457,17 +457,17 @@ static uint8_t bootloader_copy_mem[BOOTLOADER_SIZE]; void RAMFUNCTION fork_bootloader(void) { - uint8_t *data = (uint8_t *) WOLFBOOT_ORIG_BOOTLOADER; - uint32_t dst = WOLFBOOT_COPY_BOOTLOADER; - uint32_t r = 0, w = 0; int i; /* Return if content already matches */ - if (memcmp(data, (void *)WOLFBOOT_COPY_BOOTLOADER, BOOTLOADER_SIZE) == 0) + if (memcmp((void*)WOLFBOOT_ORIG_BOOTLOADER, (void*)WOLFBOOT_COPY_BOOTLOADER, + BOOTLOADER_SIZE) == 0) { return; + } /* Read the wolfBoot image in RAM */ - memcpy(bootloader_copy_mem, data, BOOTLOADER_SIZE); + memcpy(bootloader_copy_mem, (void*)WOLFBOOT_ORIG_BOOTLOADER, + BOOTLOADER_SIZE); /* Disable ART pre-fetcher */ FLASH_ACR &= ~(FLASH_ACR_PRFEN | FLASH_ACR_ARTEN); diff --git a/hal/stm32g0.c b/hal/stm32g0.c index 20ab6df2ee..bd63212f05 100644 --- a/hal/stm32g0.c +++ b/hal/stm32g0.c @@ -179,7 +179,6 @@ void RAMFUNCTION hal_flash_lock(void) int RAMFUNCTION hal_flash_erase(uint32_t address, int len) { - int start = -1, end = -1; uint32_t end_address; uint32_t p; if (len == 0) @@ -230,6 +229,8 @@ static void clock_pll_on(int powersave) hpre = RCC_PRESCALER_DIV_NONE; ppre = RCC_PRESCALER_DIV_NONE; flash_waitstates = 2; + (void)cpu_freq; /* not used */ + (void)pllq; /* not used */ flash_set_waitstates(flash_waitstates); diff --git a/hal/stm32h5.c b/hal/stm32h5.c index 2cd5435e85..c271ae81bd 100644 --- a/hal/stm32h5.c +++ b/hal/stm32h5.c @@ -100,8 +100,6 @@ int RAMFUNCTION hal_flash_write(uint32_t address, const uint8_t *data, int len) int i = 0; uint32_t *src, *dst; uint32_t dword[2]; - uint32_t off = 0; - uint32_t una_len = 0; hal_flash_clear_errors(0); src = (uint32_t *)data; @@ -245,8 +243,6 @@ int RAMFUNCTION hal_flash_erase(uint32_t address, int len) static void clock_pll_off(void) { - uint32_t reg32; - /* Select HSI as SYSCLK source. */ RCC_CFGR1 &= ~(0x07 << RCC_CFGR1_SW_SHIFT); DMB(); @@ -428,7 +424,6 @@ static void clock_pll_on(void) static void periph_unsecure(void) { - uint32_t pin; volatile uint32_t reg; volatile uint32_t *nvic_itns; uint32_t nvic_reg_pos, nvic_reg_off; @@ -480,7 +475,7 @@ static void periph_unsecure(void) nvic_itns = ((volatile uint32_t *)(NVIC_ITNS_BASE + 4 * nvic_reg_pos)); *nvic_itns |= (1 << nvic_reg_off); } -#endif +#endif /* TZ_SECURE() */ #define AIRCR *(volatile uint32_t *)(0xE000ED0C) @@ -541,7 +536,6 @@ static void fork_bootloader(void) { uint32_t data = (uint32_t) FLASHMEM_ADDRESS_SPACE; uint32_t dst = FLASH_BANK2_BASE; - uint32_t r = 0, w = 0; int i; @@ -640,9 +634,7 @@ int hal_flash_otp_write(uint32_t flashAddress, const void* data, uint16_t length { volatile uint16_t tmp_msw, tmp_lsw; uint16_t *pdata = (uint16_t *)data; - uint16_t idx = 0, len_align; - uint16_t last_word; - uint32_t blr_bitmap = 0; + uint16_t idx = 0; if (!(flashAddress >= FLASH_OTP_BASE && flashAddress <= FLASH_OTP_END)) { return -1; } diff --git a/hal/stm32h7.c b/hal/stm32h7.c index d202c136a5..839af50116 100644 --- a/hal/stm32h7.c +++ b/hal/stm32h7.c @@ -90,8 +90,8 @@ int RAMFUNCTION hal_flash_write(uint32_t address, const uint8_t *data, int len) uint32_t *src, *dst; uint8_t bank=0; uint8_t *vbytes = (uint8_t *)(stm32h7_cache); - int off = (address + i) - (((address + i) >> 5) << 5); - uint32_t base_addr = (address + i) & (~0x1F); /* aligned to 256 bit */ + int off; + uint32_t base_addr; if ((address & FLASH_BANK2_BASE_REL) != 0) { bank = 1; @@ -114,8 +114,8 @@ int RAMFUNCTION hal_flash_write(uint32_t address, const uint8_t *data, int len) i+=32; } else { - int off = (address + i) - (((address + i) >> 5) << 5); - uint32_t base_addr = (address + i) & (~0x1F); /* aligned to 256 bit */ + off = (address + i) - (((address + i) >> 5) << 5); + base_addr = (address + i) & (~0x1F); /* aligned to 256 bit */ dst = (uint32_t *)(base_addr); for (ii = 0; ii < 8; ii++) { stm32h7_cache[ii] = dst[ii]; @@ -359,7 +359,7 @@ static void clock_pll_off(void) static void clock_pll_on(int powersave) { uint32_t reg32; - uint32_t cpu_freq, plln, pllm, pllq, pllp, pllr, hpre, d1cpre, d1ppre; + uint32_t plln, pllm, pllq, pllp, pllr, hpre, d1cpre, d1ppre; uint32_t d2ppre1, d2ppre2, d3ppre, flash_waitstates; PWR_CR3 |= PWR_CR3_LDOEN; diff --git a/hal/stm32l0.c b/hal/stm32l0.c index 1f7fe7c58c..4a271411e3 100644 --- a/hal/stm32l0.c +++ b/hal/stm32l0.c @@ -155,7 +155,6 @@ void RAMFUNCTION hal_flash_lock(void) int RAMFUNCTION hal_flash_erase(uint32_t address, int len) { - int start = -1, end = -1; uint32_t end_address; uint32_t p; if (len == 0) @@ -249,6 +248,9 @@ static void clock_pll_on(int powersave) /* Wait for PLL clock to be selected. */ while (((RCC_CFGR >> 2) & 0x03) != RCC_CFGR_SW_PLL) ; + + (void)hsi_freq; /* not used */ + (void)cpu_freq; /* not used */ } void hal_init(void) diff --git a/hal/stm32l4.c b/hal/stm32l4.c index b4ddaece94..0aca3cbf68 100644 --- a/hal/stm32l4.c +++ b/hal/stm32l4.c @@ -29,10 +29,6 @@ /*** RCC ***/ #define RCC_PRESCALER_DIV_NONE 0 -static uint32_t Address = 0, PAGEError = 0; -static FLASH_EraseInitTypeDef EraseInitStruct; - - static uint32_t RAMFUNCTION GetPage(uint32_t Addr) { uint32_t page = 0; @@ -84,6 +80,7 @@ void RAMFUNCTION hal_flash_lock(void) int RAMFUNCTION hal_flash_erase(uint32_t address,int len) { + FLASH_EraseInitTypeDef EraseInitStruct; uint32_t FirstPage = 0, LastPage = 0, NbOfPages = 0, BankNumber = 0; uint32_t PAGEError = 0; int ret; @@ -104,9 +101,9 @@ int RAMFUNCTION hal_flash_erase(uint32_t address,int len) EraseInitStruct.Page = FirstPage; EraseInitStruct.NbPages = NbOfPages; ret = HAL_FLASHEx_Erase(&EraseInitStruct, &PAGEError); - if (ret != HAL_OK) return -1; + (void)PAGEError; /* not used */ return 0; } @@ -289,9 +286,7 @@ void hal_prepare_boot(void) * It is defined here only to avoid a compiler error * for a missing symbol in hal_flash_driver. */ -#ifdef __WOLFBOOT uint32_t HAL_GetTick(void) { return 0; } -#endif diff --git a/hal/stm32l5.c b/hal/stm32l5.c index 3f36516314..36843412de 100644 --- a/hal/stm32l5.c +++ b/hal/stm32l5.c @@ -308,8 +308,6 @@ static void clock_pll_on(int powersave) #if TZ_SECURE() static void periph_unsecure() { - uint32_t pin; - /*Enable clock for User LED GPIOs */ RCC_AHB2_CLOCK_ER|= LED_AHB2_ENABLE; @@ -373,8 +371,6 @@ static void RAMFUNCTION fork_bootloader(void) { uint8_t *data = (uint8_t *) FLASHMEM_ADDRESS_SPACE; uint32_t dst = FLASH_BANK2_BASE; - uint32_t r = 0, w = 0; - int i; /* Return if content already matches */ if (memcmp(data, (void *)FLASH_BANK2_BASE, BOOTLOADER_SIZE) == 0) diff --git a/hal/stm32u5.c b/hal/stm32u5.c index 05d63519c1..a160ef85f9 100644 --- a/hal/stm32u5.c +++ b/hal/stm32u5.c @@ -495,8 +495,6 @@ static void RAMFUNCTION fork_bootloader(void) { uint8_t *data = (uint8_t *) FLASHMEM_ADDRESS_SPACE; uint32_t dst = FLASH_BANK2_BASE; - uint32_t r = 0, w = 0; - int i; /* Return if content already matches */ if (memcmp(data, (void *)FLASH_BANK2_BASE, BOOTLOADER_SIZE) == 0) diff --git a/hal/stm32wb.c b/hal/stm32wb.c index b51334ab21..aae1184108 100644 --- a/hal/stm32wb.c +++ b/hal/stm32wb.c @@ -21,6 +21,11 @@ #include #include "image.h" + +#ifndef __WOLFBOOT +#undef WOLFSSL_STM32_PKA +#endif + #ifdef WOLFSSL_STM32_PKA #include "stm32wbxx_hal.h" PKA_HandleTypeDef hpka = { }; @@ -49,7 +54,7 @@ PKA_HandleTypeDef hpka = { }; #define RCC_CR_MSIRANGE_SHIFT 4 #define RCC_CR_MSIRANGE_6 (0x06 << 4) #define RCC_CR_MSIRANGE_Msk (0x0F << 4) -#endif /* !WOLFSSL_STM32_PKA */ +#endif #define RCC_CFGR_SW_MSI 0x0 #define RCC_CFGR_SW_PLL 0x3 @@ -250,7 +255,7 @@ static void clock_pll_off(void) static void clock_pll_on(void) { uint32_t reg32; - uint32_t cpu_freq, pllm, plln, pllp,pllq, pllr; + uint32_t cpu_freq; uint32_t hpre, ppre1, ppre2; uint32_t flash_waitstates; @@ -258,6 +263,7 @@ static void clock_pll_on(void) cpu_freq = 64000000; flash_waitstates = 4; flash_set_waitstates(flash_waitstates); + (void)cpu_freq; /* not used */ /* Configure + enable internal high-speed oscillator. */ RCC_CR = (RCC_CR & (~RCC_CR_MSIRANGE_Msk)) | RCC_CR_MSIRANGE_6; @@ -313,7 +319,7 @@ static void clock_pll_on(void) void hal_init(void) { clock_pll_on(); -#ifdef WOLFSSL_STM32_PKA +#if defined(__WOLFBOOT) && defined(WOLFSSL_STM32_PKA) __HAL_RCC_PKA_CLK_ENABLE(); hpka.Instance = PKA; HAL_PKA_Init(&hpka); diff --git a/hal/uart/uart_drv_stm32wb.c b/hal/uart/uart_drv_stm32wb.c index 72eab68278..23f5942de2 100644 --- a/hal/uart/uart_drv_stm32wb.c +++ b/hal/uart/uart_drv_stm32wb.c @@ -104,7 +104,6 @@ int uart_rx(uint8_t *c) int uart_init(uint32_t bitrate, uint8_t data, char parity, uint8_t stop) { - uint32_t reg; /* Enable pins and configure for AF7 */ uart_pins_setup(); diff --git a/hal/va416x0.c b/hal/va416x0.c index 91ac2a698c..775ba6c8e3 100644 --- a/hal/va416x0.c +++ b/hal/va416x0.c @@ -280,7 +280,6 @@ hal_status_t FRAM_Read(uint8_t spiBank, uint32_t addr, uint8_t *buf, hal_status_t FRAM_Erase(uint8_t spiBank, uint32_t addr, uint32_t len) { hal_status_t status; - uint8_t spiData[4]; uint8_t data[32]; #ifdef DEBUG_EXT_FLASH diff --git a/hal/zynq.c b/hal/zynq.c index 77f4ad5581..0585b6473a 100644 --- a/hal/zynq.c +++ b/hal/zynq.c @@ -1555,7 +1555,6 @@ uint64_t hal_timer_ms(void) /* public HAL functions */ void hal_init(void) { - uint32_t reg; const char* bootMsg = "\nwolfBoot Secure Boot\n"; #ifdef DEBUG_UART diff --git a/include/user_settings.h b/include/user_settings.h index e86c935e51..b21ff4c5c4 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -587,4 +587,8 @@ extern int tolower(int c); # define WOLFSSL_PEM_TO_DER #endif +#ifdef WOLFSSL_STM32_PKA +#define HAVE_UINTPTR_T /* make sure stdint.h is included */ +#endif + #endif /* !_WOLFBOOT_USER_SETTINGS_H_ */ diff --git a/lib/wolfssl b/lib/wolfssl index 4daab8a813..8d357de6d8 160000 --- a/lib/wolfssl +++ b/lib/wolfssl @@ -1 +1 @@ -Subproject commit 4daab8a813464914b1442cada7b2b6c00d7764b2 +Subproject commit 8d357de6d804495c34219689119e1d6360791486 diff --git a/options.mk b/options.mk index 5881575199..9ccc779191 100644 --- a/options.mk +++ b/options.mk @@ -132,7 +132,7 @@ ifeq ($(SIGN),ECC256) STACK_USAGE=4096 else ifeq ($(WOLFTPM),1) - STACK_USAGE=6680 + STACK_USAGE=7616 else ifneq ($(SPMATH),1) STACK_USAGE=5264 diff --git a/src/boot_arm.c b/src/boot_arm.c index 5006d599c2..43a65babae 100644 --- a/src/boot_arm.c +++ b/src/boot_arm.c @@ -42,7 +42,9 @@ extern void SysTick_Handler(void); #ifndef WOLFBOOT_NO_MPU +#ifndef MPU_BASE #define MPU_BASE (0xE000ED90) +#endif #define MPU_TYPE *((volatile uint32_t *)(MPU_BASE + 0x00)) #define MPU_CTRL *((volatile uint32_t *)(MPU_BASE + 0x04)) #define MPU_RNR *((volatile uint32_t *)(MPU_BASE + 0x08)) diff --git a/src/image.c b/src/image.c index d8e0195bd4..5c776ae6d8 100644 --- a/src/image.c +++ b/src/image.c @@ -1726,8 +1726,8 @@ int wolfBoot_check_flash_image_elf(uint8_t part, unsigned long* entry_out) entry_out_set = 1; } wolfBoot_printf("ELF: [CHECK] 32-bit, entry=0x%08X, " - "ph_offset=0x%lX, ph_count=%u\n", - eh->entry, (unsigned long)entry_off, entry_count); + "ph_offset=0x%08X, ph_count=%u\n", + (unsigned int)eh->entry, (unsigned int)entry_off, entry_count); } else { /* 64-bit ELF */ elf64_header* eh = (elf64_header*)elf_h; @@ -1740,7 +1740,7 @@ int wolfBoot_check_flash_image_elf(uint8_t part, unsigned long* entry_out) } wolfBoot_printf("ELF: [CHECK] 64-bit, entry=0x%08lx, " "ph_offset=0x%08lx, ph_count=%d\n", - eh->entry, (unsigned long)entry_off, entry_count); + (unsigned long)eh->entry, (unsigned long)entry_off, entry_count); } elf_hdr_sz = (size_t)elf_hdr_pht_combined_size(elf_h); @@ -1970,7 +1970,7 @@ int wolfBoot_load_flash_image_elf(int part, unsigned long* entry_out, int ext_fl load_addr = (uintptr_t)(paddr + BASE_OFF); wolfBoot_printf("ELF: [STORE] Writing loadable segment: " "loadaddr=0x%08lx, offset=0x%08lx, size=%lu\n", - load_addr, offset, filesz); + (unsigned long)load_addr, offset, filesz); copy_flash_buffered((uintptr_t)(image + offset), load_addr, filesz, ext_flash, ext_flash); diff --git a/src/libwolfboot.c b/src/libwolfboot.c index 3cdf2d45de..409b17852b 100644 --- a/src/libwolfboot.c +++ b/src/libwolfboot.c @@ -154,8 +154,11 @@ static uint32_t wb_reverse_word32(uint32_t x) #endif #endif - +#if defined(WOLFBOOT_FIXED_PARTITIONS) || defined(EXT_FLASH) || \ + defined(NVM_FLASH_WRITEONCE) static const uint32_t wolfboot_magic_trail = WOLFBOOT_MAGIC_TRAIL; +#endif + /* Top addresses for FLAGS field * - PART_BOOT_ENDFLAGS = top of flags for BOOT partition * - PART_UPDATE_ENDFLAGS = top of flags for UPDATE_PARTITION @@ -1012,15 +1015,15 @@ static int decrypt_header(uint8_t *src) { int i; uint32_t magic; - uint32_t len; for (i = 0; i < IMAGE_HEADER_SIZE; i+=ENCRYPT_BLOCK_SIZE) { wolfBoot_crypto_set_iv(encrypt_iv_nonce, i / ENCRYPT_BLOCK_SIZE); crypto_decrypt(dec_hdr + i, src + i, ENCRYPT_BLOCK_SIZE); } magic = *((uint32_t*)(dec_hdr)); - len = *((uint32_t*)(dec_hdr + sizeof(uint32_t))); if (magic != WOLFBOOT_MAGIC) return -1; + /* Example for extracting the length - not used for now */ + /* len = *((uint32_t*)(dec_hdr + sizeof(uint32_t))); */ return 0; } @@ -1295,9 +1298,7 @@ static int wolfBoot_update_firmware_version() { int wolfBoot_dualboot_candidate_addr(void** addr) { - int fallback_possible = 0; uint32_t boot_v, update_v; - uint8_t p_state; int retval = 0; /* Find the candidate */ @@ -1314,7 +1315,6 @@ int wolfBoot_dualboot_candidate_addr(void** addr) *addr = hal_get_update_address(); } else if ((boot_v > 0) && (update_v > 0)) { - fallback_possible = 1; if (update_v > boot_v) { retval = 1; *addr = hal_get_update_address(); @@ -1718,7 +1718,6 @@ int aes_init(void) void aes_set_iv(uint8_t *nonce, uint32_t iv_ctr) { uint32_t iv_buf[ENCRYPT_BLOCK_SIZE / sizeof(uint32_t)]; - uint32_t iv_local_ctr; int i; XMEMCPY(iv_buf, nonce, ENCRYPT_NONCE_SIZE); #ifndef BIG_ENDIAN_ORDER @@ -1986,11 +1985,10 @@ int RAMFUNCTION ext_flash_decrypt_read(uintptr_t address, uint8_t *data, int len */ int wolfBoot_ram_decrypt(uint8_t *src, uint8_t *dst) { - uint8_t block[ENCRYPT_BLOCK_SIZE]; uint8_t dec_block[ENCRYPT_BLOCK_SIZE]; uint8_t *row_address = src; uint32_t dst_offset = 0, iv_counter = 0; - uint32_t magic, len; + uint32_t len; if (!encrypt_initialized) { if (crypto_init() < 0) { diff --git a/src/pkcs11_store.c b/src/pkcs11_store.c index 7c685c92bb..e4945960a1 100644 --- a/src/pkcs11_store.c +++ b/src/pkcs11_store.c @@ -73,6 +73,7 @@ void * _sbrk(unsigned int incr) static uint8_t *heap = NULL; static uint32_t heapsize = (uint32_t)&_heap_size; void *old_heap = heap; + (void)heapsize; if (((incr >> 2) << 2) != incr) incr = ((incr >> 2) + 1) << 2; @@ -85,8 +86,6 @@ void * _sbrk(unsigned int incr) } #endif -static int vault_idx = -1; - struct obj_hdr { uint32_t token_id; @@ -154,7 +153,7 @@ static int bitmap_get(uint32_t pos) static int bitmap_find_free_pos(void) { - int i, j; + int i; for (i = 0; i < KEYVAULT_MAX_ITEMS; i++) { if (bitmap_get(i) == 0) return i; @@ -285,7 +284,6 @@ static struct obj_hdr *find_object_header(int32_t type, uint32_t tok_id, uint32_t obj_id) { struct obj_hdr *hdr = NODES_TABLE; - uint32_t *tok_obj_stored = NULL; while ((uintptr_t)hdr < ((uintptr_t)NODES_TABLE + WOLFBOOT_SECTOR_SIZE)) { if ((hdr->token_id == tok_id) && (hdr->object_id == obj_id) && (hdr->type == type)) { @@ -384,11 +382,8 @@ static struct store_handle *find_free_handle(void) int wolfPKCS11_Store_Open(int type, CK_ULONG id1, CK_ULONG id2, int read, void** store) { - unsigned int i; struct store_handle *handle; uint8_t *buf; - struct obj_hdr *hdr = NULL; - /* Check if there is one handle available to open the slot */ handle = find_free_handle(); @@ -458,12 +453,10 @@ void wolfPKCS11_Store_Close(void* store) int wolfPKCS11_Store_Read(void* store, unsigned char* buffer, int len) { struct store_handle *handle = store; - uint32_t *tok_obj_id; uint32_t obj_size = 0; if ((handle == NULL) || (handle->hdr == NULL) || (handle->buffer == NULL)) return -1; - tok_obj_id = (uint32_t *)handle->buffer; obj_size = handle->hdr->size; if (obj_size > KEYVAULT_OBJ_SIZE) return -1; diff --git a/src/qspi_flash.c b/src/qspi_flash.c index 40bd139615..5a49bacc54 100644 --- a/src/qspi_flash.c +++ b/src/qspi_flash.c @@ -148,7 +148,6 @@ static int qspi_flash_read_id(uint8_t* id, uint32_t idSz) { int ret; uint8_t data[4]; /* size multiple of uint32_t */ - uint32_t status = 0; memset(data, 0, sizeof(data)); ret = qspi_command_simple(QSPI_MODE_READ, READ_ID_CMD, data, 3); @@ -356,7 +355,6 @@ uint16_t spi_flash_probe(void) int spi_flash_sector_erase(uint32_t address) { int ret; - uint32_t idx = 0; ret = qspi_write_enable(); if (ret == 0) { @@ -419,7 +417,7 @@ int spi_flash_read(uint32_t address, void *data, int len) int spi_flash_write(uint32_t address, const void *data, int len) { int ret = 0; - uint32_t xferSz, page, pages, idx = 0; + uint32_t xferSz, page, pages; uintptr_t addr; #ifdef DEBUG_QSPI diff --git a/src/update_flash.c b/src/update_flash.c index 406734bb0e..2cb6915ca8 100644 --- a/src/update_flash.c +++ b/src/update_flash.c @@ -136,7 +136,6 @@ static int RAMFUNCTION wolfBoot_copy_sector(struct wolfBoot_image *src, uint32_t src_sector_offset = (sector * WOLFBOOT_SECTOR_SIZE); uint32_t dst_sector_offset = src_sector_offset; #ifdef EXT_ENCRYPTED - uint32_t i; uint8_t key[ENCRYPT_KEY_SIZE]; uint8_t nonce[ENCRYPT_NONCE_SIZE]; uint32_t iv_counter; @@ -418,11 +417,8 @@ static int wolfBoot_delta_update(struct wolfBoot_image *boot, { int sector = 0; int ret; - uint8_t flag, st; - int hdr_size; + uint8_t flag; uint8_t delta_blk[DELTA_BLOCK_SIZE]; - uint32_t offset = 0; - uint16_t ptr_len; uint32_t *img_offset; uint32_t *img_size; uint32_t total_size; diff --git a/test-app/Makefile b/test-app/Makefile index cbe3fb89d0..b58cba2cfe 100644 --- a/test-app/Makefile +++ b/test-app/Makefile @@ -176,7 +176,7 @@ endif ifeq ($(TARGET),stm32l4) APP_OBJS+=$(STM32CUBE)/Drivers/STM32L4xx_HAL_Driver/Src/stm32l4xx_hal_flash.o APP_OBJS+=$(STM32CUBE)/Drivers/STM32L4xx_HAL_Driver/Src/stm32l4xx_hal_flash_ex.o - CFLAGS+=-DSTM32L4A6xx -DUSE_HAL_DRIVER -Isrc -Ihal \ + CFLAGS+=-DSTM32L4A6xx -DUSE_HAL_DRIVER -I../src -I../hal \ -I$(STM32CUBE)/Drivers/STM32L4xx_HAL_Driver/Inc/ \ -I$(STM32CUBE)/Drivers/BSP/STM32L4xx_Nucleo_144/ \ -I$(STM32CUBE)/Drivers/CMSIS/Device/ST/STM32L4xx/Include/ \