|
4 | 4 | - Copyright (c) 2017-2020 Linaro LTD |
5 | 5 | - Copyright (c) 2017-2019 JUUL Labs |
6 | 6 | - Copyright (c) 2019-2024 Arm Limited |
| 7 | + - Copyright (c) 2025 Nordic Semiconductor ASA |
7 | 8 |
|
8 | 9 | - Original license: |
9 | 10 |
|
@@ -987,6 +988,123 @@ strategy but there is no need for Scratch area. |
987 | 988 |
|
988 | 989 | + Boot the loaded slot of image 0. |
989 | 990 |
|
| 991 | +### [Multiple image boot using manifest](#multiple-image-boot-using-manifest) |
| 992 | + |
| 993 | + |
| 994 | +Deployments that use multiple images typically require strict control over |
| 995 | +versions of firmware components. |
| 996 | +There is a dependency TLV that can be used to specify dependencies between |
| 997 | +semantic versions of multiple components. However, since these only describe |
| 998 | +a minimally compatible version of a counterpart component, there is no mechanism |
| 999 | +to enforce a specific revision of the other image. |
| 1000 | +Therefore, the publisher must ensure that all combinations that satisfy the |
| 1001 | +dependencies are compatible with each other and are tested before deploying |
| 1002 | +a new version of the firmware bundle. |
| 1003 | +One way to simplify the process is to add dependencies to all parts that |
| 1004 | +enforce the latest revision of all other parts of the bundle. |
| 1005 | +This effectively enforces equality between the revisions of all parts. |
| 1006 | +This solution becomes even more problematic when using Direct-XIP mode - since |
| 1007 | +the bootloader typically only chain-loads the next stage, the next stage must |
| 1008 | +select and boot the correct slot of the next part of the firmware. |
| 1009 | +Although the dependencies ensure that the next part with a specific |
| 1010 | +version is present on the device, there is no guarantee in which slot it |
| 1011 | +was validated. |
| 1012 | +Again, the publisher may use different version numbers for the same firmware |
| 1013 | +created for different slots, but this raises the question of whether there is |
| 1014 | +a better way to manage dependencies between images. |
| 1015 | + |
| 1016 | +The bootloader manifest is an additional, protected TLV that serves as the sole |
| 1017 | +source of information about the compatibility and bootability of the multipart |
| 1018 | +firmware. The basic rules for all types of manifests are: |
| 1019 | + |
| 1020 | + * The manifest must be protected (directly or indirectly) by a cryptographic |
| 1021 | + signature. |
| 1022 | + * There must be exactly one selected image that can provide the manifest TLV. |
| 1023 | + * There must be only one manifest per slot. |
| 1024 | + * Processing of the manifest must validate the full functional set of firmware |
| 1025 | + components. |
| 1026 | + * If the manifest does not describe a part of the firmware, it must be |
| 1027 | + considered invalid. |
| 1028 | + * Each update candidate must provide a new manifest. |
| 1029 | + |
| 1030 | + |
| 1031 | +``` |
| 1032 | + +-------------------+ |
| 1033 | + +----------------->| Mainfest | |
| 1034 | + | +===================+ |
| 1035 | + | |+-----------------+| |
| 1036 | + | || format || |
| 1037 | + | |+-----------------+| |
| 1038 | + | || image count || |
| 1039 | + | |+-----------------+| |
| 1040 | + | +------------|| digest(Image 1) || |
| 1041 | + | | |+-----------------+| |
| 1042 | + | | || digest(Image 2) ||-------------+ |
| 1043 | + | | |+-----------------+| | |
| 1044 | + | | +-------------------+ | |
| 1045 | + | | | |
| 1046 | + +-----------------+ | | +-----------------+ +-----------------+ | |
| 1047 | + | Manifest image | | | | Image 1 | | Image 2 | | |
| 1048 | + +=================+ | | +=================+ +=================+ | |
| 1049 | + |+---------------+| | | |+---------------+| |+---------------+| | |
| 1050 | + || header || | | || header || || header || | |
| 1051 | + |+---------------+| | | |+---------------+| |+---------------+| | |
| 1052 | + || manifest TLV ||-+ | || firmware || || firmware || | |
| 1053 | + |+---------------+| | |+---------------+| |+---------------+| | |
| 1054 | + || digest TLV || +->|| digest TLV || || digest TLV ||<-+ |
| 1055 | + |+---------------+| |+---------------+| |+---------------+| |
| 1056 | + || signature TLV || || signature TLV || || signature TLV || |
| 1057 | + |+---------------+| |+---------------+| |+---------------+| |
| 1058 | + +-----------------+ +-----------------+ +-----------------+ |
| 1059 | +``` |
| 1060 | + |
| 1061 | +The manifest TLV has a format field that allows for the development of complex |
| 1062 | +boot logic in the future. The default manifest is structured as a list of |
| 1063 | +digests of firmware parts. |
| 1064 | + |
| 1065 | +The manifest is transferred as a protected TLV in a dedicated "Manifest image." |
| 1066 | +This image is updated using the same mechanisms as regular images. |
| 1067 | + |
| 1068 | +The manifest image may contain firmware - if so, this part of the firmware must |
| 1069 | +be updated with every firmware update. |
| 1070 | + |
| 1071 | +The bootloader's behavior changes once manifest-based updates |
| 1072 | +and booting are enabled. |
| 1073 | + |
| 1074 | +Boot process for Direct-XIP modes: |
| 1075 | + |
| 1076 | ++ Loop 1. Until all images are loaded and validated against the active manifest |
| 1077 | + 1. Subloop 1. Iterate over the manifest image slots |
| 1078 | + + Does any of the slots contain a manifest? |
| 1079 | + + Yes: |
| 1080 | + + Select the newer manifest. |
| 1081 | + + Copy it to the bootloader state. |
| 1082 | + + Validate the manifest image (integrity and security check). |
| 1083 | + + If validation fails mark the active manifest slot as |
| 1084 | + unavailable and try the other slot. |
| 1085 | + + No: Return with an error. |
| 1086 | + |
| 1087 | + 2. Subloop 2. Iterate over all images except manifest image |
| 1088 | + + Does the current image contain a valid header in the same slot |
| 1089 | + as the selected (active) manifest? |
| 1090 | + + Yes: Is the image valid (integrity and security check) and its |
| 1091 | + digest matches the manifest? |
| 1092 | + + Yes: Skip to the next image. |
| 1093 | + + No: |
| 1094 | + + Mark the active manifest slot as unavailable. |
| 1095 | + + Restart main loop. |
| 1096 | + + No: |
| 1097 | + + Mark the active manifest slot as unavailable. |
| 1098 | + + Restart main loop. |
| 1099 | + |
| 1100 | ++ Loop 2. Iterate over all images |
| 1101 | + + Increase the security counter if needed. |
| 1102 | + + Do the measured boot and the data sharing if needed. |
| 1103 | + |
| 1104 | ++ Boot the loaded slot of image 0. |
| 1105 | + |
| 1106 | +Manifest-based updates and booting for other modes are not yet implemented. |
| 1107 | + |
990 | 1108 | ## [Image swapping](#image-swapping) |
991 | 1109 |
|
992 | 1110 | The bootloader swaps the contents of the two image slots for two reasons: |
|
0 commit comments