Fixes for unused variables

Makefile

@@ -104,8 +104,12 @@ CFLAGS+= \
 
 # Setup default optimizations (for GCC)
 ifeq ($(USE_GCC_HEADLESS),1)
-  CFLAGS+=-Wall -Wextra -Wno-main -ffreestanding -Wno-unused -nostartfiles
+  CFLAGS+=-Wall -Wextra -Wno-main -ffreestanding -nostartfiles
   CFLAGS+=-ffunction-sections -fdata-sections -fomit-frame-pointer
+  # Allow unused parameters and functions
+  CFLAGS+=-Wno-unused-parameter -Wno-unused-function
+  # Error on unused variables
+  CFLAGS+=-Wunused-variable
   LDFLAGS+=-Wl,-gc-sections -Wl,-Map=wolfboot.map -ffreestanding -nostartfiles
   # Not setting LDFLAGS directly since it is passed to the test-app
   LSCRIPT_FLAGS+=-T $(LSCRIPT)
@@ -469,7 +473,7 @@ utilsclean: clean
 	$(Q)$(MAKE) -C tools/test-update-server -s clean
 	$(Q)$(MAKE) -C tools/uart-flash-server -s clean
 	$(Q)$(MAKE) -C tools/unit-tests -s clean
-	$(Q)if [ "$(WOLFHSM_CLIENT)" = "1" ]; then $(MAKE) -C lib/wolfHSM/tools/whnvmtool -s clean; fi
+	$(Q)if [ "$(WOLFHSM_CLIENT)" = "1" ]; then $(MAKE) -C $(WOLFBOOT_LIB_WOLFHSM)/tools/whnvmtool -s clean; fi
 	$(Q)$(MAKE) -C tools/keytools/otp -s clean
 	$(Q)$(MAKE) -C tools/squashelf -s clean
 

arch.mk

@@ -106,7 +106,9 @@ ifeq ($(ARCH),AARCH64)
     CFLAGS+=$(ARCH_FLAGS) -DWOLFSSL_ARMASM -DWOLFSSL_ARMASM_INLINE -DWC_HASH_DATA_ALIGNMENT=8 -DWOLFSSL_AARCH64_PRIVILEGE_MODE
     WOLFCRYPT_OBJS += $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/cpuid.o \
                       $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha512-asm_c.o \
-                      $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha3-asm_c.o
+                      $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha3-asm_c.o \
+                      $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-aes-asm_c.o \
+                      $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha256-asm_c.o
   endif
 endif
 
@@ -190,13 +192,14 @@ ifeq ($(ARCH),ARM)
     ARCH_FLASH_OFFSET=0x08000000
     SPI_TARGET=stm32
     ifneq ($(PKA),0)
-      PKA_EXTRA_OBJS+= $(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Src/stm32wbxx_hal_pka.o  $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/st/stm32.o
-      PKA_EXTRA_CFLAGS+=-DWOLFSSL_STM32_PKA -I$(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Inc \
-          -Isrc -I$(STM32CUBE)/Drivers/BSP/P-NUCLEO-WB55.Nucleo/ -I$(STM32CUBE)/Drivers/CMSIS/Device/ST/STM32WBxx/Include \
-          -I$(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Inc/ \
-          -I$(STM32CUBE)/Drivers/CMSIS/Include \
-          -Ihal \
-          -DSTM32WB55xx
+      PKA_EXTRA_OBJS+= $(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Src/stm32wbxx_hal_pka.o $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/st/stm32.o
+      PKA_EXTRA_CFLAGS+=-DWOLFSSL_STM32WB -DWOLFSSL_STM32_PKA -DWOLFSSL_STM32_CUBEMX -DNO_STM32_HASH -DSTM32WB55xx
+      PKA_EXTRA_CFLAGS+=-Isrc -Ihal \
+          -I$(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Inc \
+          -I$(STM32CUBE)/Drivers/BSP/P-NUCLEO-WB55.Nucleo/ \
+          -I$(STM32CUBE)/Drivers/CMSIS/Device/ST/STM32WBxx/Include \
+          -I$(STM32CUBE)/Drivers/STM32WBxx_HAL_Driver/Inc \
+          -I$(STM32CUBE)/Drivers/CMSIS/Include
     endif
   endif
 
@@ -1180,15 +1183,15 @@ ifeq ($(ARCH), AURIX_TC3)
       # Common wolfHSM port files
       CFLAGS += -I$(WOLFHSM_INFINEON_TC3XX)/port -DWOLFHSM_CFG_DMA
       OBJS += $(WOLFHSM_INFINEON_TC3XX)/port/tchsm_common.o \
-	          $(WOLFHSM_INFINEON_TC3XX)/port/tchsm_hsmhost.o
+              $(WOLFHSM_INFINEON_TC3XX)/port/tchsm_hsmhost.o
       # General wolfHSM files
       OBJS += $(WOLFBOOT_LIB_WOLFHSM)/src/wh_transport_mem.o
 
       # NVM image generation variables
       WH_NVM_BIN ?= whNvmImage.bin
       WH_NVM_HEX ?= whNvmImage.hex
       WH_NVM_PART_SIZE ?= 0x8000
-	  # Default to base of HSM DFLASH1
+      # Default to base of HSM DFLASH1
       WH_NVM_BASE_ADDRESS ?= 0xAFC00000
 
       # Select config file based on certificate chain verification
@@ -1225,25 +1228,25 @@ ifeq ($(ARCH), AURIX_TC3)
 
       LSCRIPT_IN=hal/$(TARGET)_hsm.ld
 
-	  # wolfHSM port server-specific files
+      # wolfHSM port server-specific files
       ifeq ($(WOLFHSM_SERVER),1)
         USE_GCC_HEADLESS=0
 
         CFLAGS += -I$(WOLFHSM_INFINEON_TC3XX)/port/server
 
         OBJS += $(WOLFHSM_INFINEON_TC3XX)/port/server/port_halflash_df1.o \
-				$(WOLFHSM_INFINEON_TC3XX)/port/server/io.o \
-				$(WOLFHSM_INFINEON_TC3XX)/port/server/sysmem.o \
-				$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_hh_hsm.o \
-				$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_utils.o
-
-				# SW only for now, as we dont have the right protection macros
-				#$(WOLFHSM_INFINEON_TC3XX)/port/server/ccb_hsm.o \
-				#$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_hash.o \
-				#$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_aes.o \
-				#$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_cmac.o \
-				#$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_pk.o \
-				#$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_trng.o
+          $(WOLFHSM_INFINEON_TC3XX)/port/server/io.o \
+          $(WOLFHSM_INFINEON_TC3XX)/port/server/sysmem.o \
+          $(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_hh_hsm.o \
+          $(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_utils.o
+
+        # SW only for now, as we dont have the right protection macros
+        #$(WOLFHSM_INFINEON_TC3XX)/port/server/ccb_hsm.o \
+        #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_hash.o \
+        #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_aes.o \
+        #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_cmac.o \
+        #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_pk.o \
+        #$(WOLFHSM_INFINEON_TC3XX)/port/server/tchsm_trng.o
       endif
 
       # HSM BSP specific object files

config/examples/stm32l4-cube.config

@@ -15,7 +15,7 @@ SPMATH?=1
 RAM_CODE?=0
 DUALBANK_SWAP?=0
 IMAGE_HEADER_SIZE?=0x200
-STM32CUBE?=$(HOME)/STM32Cube/Repository/STM32Cube_FW_L4_V1.17.0
+STM32CUBE?=$(HOME)/STM32Cube/Repository/STM32Cube_FW_L4_V1.18.1
 WOLFBOOT_SECTOR_SIZE=0x1000
 WOLFBOOT_PARTITION_SIZE=0x7A000
 WOLFBOOT_PARTITION_BOOT_ADDRESS=0x0800A000

config/examples/stm32wb-pka-1mb.config

@@ -8,3 +8,5 @@ WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x08083800
 WOLFBOOT_PARTITION_SWAP_ADDRESS=0x080FF000
 NVM_FLASH_WRITEONCE=1
 PKA=1
+STM32CUBE?=$(HOME)/STM32Cube/Repository/STM32Cube_FW_WB_V1.23.0
+NO_ARM_ASM=1

docs/wolfHSM.md

@@ -144,7 +144,7 @@ make test-sim-internal-flash-with-update
 
 #### wolfHSM Server Mode Build
 
-To build the simulator configured to use embedded wolfHSM server mode, use the `WOLFHSM_SERVER=1` makefile option. In this mode, wolfBoot includes the complete wolfHSM server and no external HSM server is required. Currently the wolfHSM server only supporst the certificate chain verification mode of authentication.
+To build the simulator configured to use embedded wolfHSM server mode, use the `WOLFHSM_SERVER=1` makefile option. In this mode, wolfBoot includes the complete wolfHSM server and no external HSM server is required. Currently the wolfHSM server only supports the certificate chain verification mode of authentication.
 
 ```sh
 # Grab the HSM server simulator configuration (with certificate chain verification)
@@ -228,7 +228,7 @@ When using wolfHSM server mode, no external server is required. wolfBoot include
 # Create a simulated NVM image for the POSIX flash file simulator containing the dummy root CA for cert chain verification.
 # You must build whnvmtool first if you haven't already, and ensure the file name matches the simulated NVM image file
 # name in hal/sim.c
-./lib/wolfHSM/tools/whnvmtool/whnvmtool --image=wolfBoot_wolfHSM_NVM.bin --size 16348 --invert-erased-byte tools/scripts/wolfBoot-wolfHSM-sim-dummy-certchain.nvminit 
+./lib/wolfHSM/tools/whnvmtool/whnvmtool --image=wolfBoot_wolfHSM_NVM.bin --size 16348 --invert-erased-byte tools/scripts/wolfBoot-wolfHSM-sim-dummy-certchain.nvminit
 
 # Run the wolfBoot simulator with embedded wolfHSM server to stage an update
 ./wolfboot.elf update_trigger get_version

hal/lpc.c

@@ -26,7 +26,6 @@
 #include "fsl_flashiap.h"
 #include "fsl_power.h"
 
-static int flash_init = 0;
 uint32_t SystemCoreClock;
 
 #ifdef NVM_FLASH_WRITEONCE

hal/mcxa.c

@@ -36,7 +36,6 @@
 #define BOARD_BOOTCLOCKFRO96M_CORE_CLOCK 96000000UL
 
 static flash_config_t pflash;
-static int flash_init = 0;
 
 uint32_t SystemCoreClock;
 

hal/nrf5340.c

@@ -487,7 +487,6 @@ static uint32_t hal_shm_status_wait(ShmInfo_t* info, uint32_t status,
     uint32_t timeout_ms)
 {
     uint32_t status_ret = SHARED_STATUS_UNKNOWN;
-    int ret = 0;
 
     do {
         /* see if status shared already */
@@ -566,7 +565,7 @@ static void hal_net_check_version(void)
 {
     int ret;
     struct wolfBoot_image img;
-    uint32_t timeout, status = 0;
+    uint32_t status = 0;
 
 #ifdef TARGET_nrf5340_app
     /* check the network core version */
@@ -682,7 +681,7 @@ static void hal_net_check_version(void)
     }
     /* proceed to update_flash routines */
 #endif /* TARGET_nrf5340_* */
-exit:
+    (void)status;
     wolfBoot_printf("Status: App %s (ver %d), Net %s (ver %d)\n",
         hal_shm_status_string(shm->core.app.status), shm->core.app.version,
         hal_shm_status_string(shm->core.net.status), shm->core.net.version);

hal/nxp_ls1028a.c

@@ -537,7 +537,6 @@ void xspi_flash_write(uintptr_t address, const uint8_t *data, uint32_t len)
 {
     uint32_t size = 0;
     uint32_t tx_data = 0;
-    uint32_t size_wm = 0;
     uint32_t loop_cnt = 0;
     uint32_t remaining, rem_size = 0;
     uint32_t i = 0, j = 0;
@@ -839,8 +838,6 @@ void hal_init(void)
 {
     volatile uint32_t counter=0xFFFFul; /* used for delay */
 #ifdef DEBUG_UART
-    uint32_t fw;
-
     uart_init();
     wolfBoot_printf("wolfBoot Init\n");
 #endif

hal/nxp_p1021.c

@@ -1164,10 +1164,7 @@ static void config_io_pin(uint8_t port, uint8_t pin, int dir, int open_drain,
 
 static void read_io_pin(uint8_t port, uint8_t pin, int *data)
 {
-    uint32_t pin_1bit_mask, tmp_val;
-
-    /* Calculate pin location for 1bit mask */
-    pin_1bit_mask = (uint32_t)(1 << (NUM_OF_PINS - (pin + 1)));
+    uint32_t tmp_val;
 
     /* Read the data */
     tmp_val = get32(GUTS_CPDAT(port));
@@ -1299,7 +1296,9 @@ static void qe_upload_microcode(const struct qe_firmware *firmware,
 static int qe_upload_firmware(const struct qe_firmware *firmware)
 {
     unsigned int i, j;
+#ifdef ENABLE_QE_CRC32
     uint32_t crc;
+#endif
     size_t calc_size = sizeof(struct qe_firmware);
     size_t length;
     const struct qe_header *hdr;
@@ -1567,6 +1566,7 @@ static void hal_irq_init(void)
 
     set32(PIC_GCR, PIC_GCR_M); /* eanble mixed-mode */
     reg = get32(PIC_GCR); /* read back */
+    (void)reg;
 }
 #endif
 
@@ -1685,6 +1685,7 @@ int ext_flash_write(uintptr_t address, const uint8_t *data, int len)
                     ELBC_FIR_OP(4, ELBC_FIR_OP_WB) |
                     ELBC_FIR_OP(5, ELBC_FIR_OP_CW1));
 #endif
+    (void)block_size; /* not used - shown for reference */
 
     /* page write loop */
     while (pos < len) {
@@ -1717,6 +1718,7 @@ int ext_flash_write(uintptr_t address, const uint8_t *data, int len)
         wolfBoot_printf("write page %d, col %d, status %x\n",
             page, col, status);
 #endif
+        (void)status;
         address += page_size - col;
         pos += page_size - col;
         data += page_size - col;
@@ -1857,6 +1859,7 @@ int ext_flash_erase(uintptr_t address, int len)
 #ifdef DEBUG_EXT_FLASH
         wolfBoot_printf("erase page %d, status %x\n", page, status);
 #endif
+        (void)status;
         len -= block_size;
     }
 

hal/nxp_t1024.c

@@ -1538,7 +1538,6 @@ uint32_t io_read32(uint16_t port)
 static int hal_pcie_init(void)
 {
     int ret;
-    int bus, i;
     int law_idx = 8;
     int tlb_idx = 14; /* next available TLB (after DDR) */
     struct pci_enum_info enum_info;
@@ -1862,8 +1861,10 @@ struct qe_firmware {
 /* Checks for valid QE firmware */
 static int qe_check_firmware(const struct qe_firmware *firmware, const char* t)
 {
-    unsigned int i, j;
+    unsigned int i;
+#ifdef ENABLE_QE_CRC32
     uint32_t crc;
+#endif
     size_t calc_size = sizeof(struct qe_firmware);
     size_t length;
     const struct qe_header *hdr;
@@ -2172,7 +2173,6 @@ static int fman_upload_firmware(const struct qe_firmware *firmware)
     /* Loop through each microcode. */
     for (i = 0; i < firmware->count; i++) {
         const struct qe_microcode *ucode = &firmware->microcode[i];
-        uint32_t trapCount = 0;
 
         /* Upload a microcode if it's present */
         if (ucode->code_offset) {
@@ -2868,7 +2868,7 @@ extern uint32_t _bootpg_addr;
 /* Startup additional cores with spin table and synchronize the timebase */
 static void hal_mp_up(uint32_t bootpg)
 {
-    uint32_t all_cores, active_cores, whoami, bpcr;
+    uint32_t all_cores, active_cores, whoami;
     int timeout = 50, i;
 
     whoami = get32(PIC_WHOAMI); /* Get current running core number */

hal/nxp_t2080.c

@@ -491,7 +491,7 @@ static void hal_cpld_init(void)
 
 void hal_init(void)
 {
-#ifdef DEBUG_UART
+#if defined(DEBUG_UART) && defined(ENABLE_CPLD)
     uint32_t fw;
 #endif
 

hal/pic32c.c

@@ -376,8 +376,6 @@ void pic32_clock_pll0_init(int refdiv, int fbdiv, int bw, int postdiv)
 
 void pic32_clock_gclk_gen0(int mclk_div1, int cpudiv)
 {
-    uint32_t reg;
-
     /* setup clock division before changing the generator */
     if (mclk_div1 != 1)
         MCLK_DIV1 = mclk_div1;

hal/pic32cz.c

@@ -36,8 +36,6 @@
 
 static void pic32_supc_vreg_pll_enable(void)
 {
-    uint32_t reg;
-
     SUPC_VREGCTRL |= SUPC_VREGCTRL_AVREGEN_PLLREG_EN
         << SUPC_VREGCTRL_AVREGEN_SHIFT;
 

hal/sama5d3.c

@@ -223,12 +223,10 @@ static void mac_init(void)
 
 static void ddr_init(void)
 {
-    uint32_t val;
     uint32_t rtr, md, cr, tpr0, tpr1, tpr2;
     uint32_t col, row, cas, bank;
     uint32_t cal;
     uint32_t ba_offset = 0;
-    uint32_t pmc_pcr;
     volatile uint32_t *dram_base = (volatile uint32_t *)DRAM_BASE;
 
     /* Step 1: Calculate register values
@@ -551,8 +549,6 @@ static int nand_device_read(uint32_t row_address, uint8_t *data, int mode)
 {
     uint32_t col_address = 0x00;
     uint32_t tot_len = 0;
-    uint32_t page_size = nand_flash.page_size;
-    uint32_t pages_per_device = nand_flash.pages_per_device;
     uint32_t i;
 
     if (mode == NAND_MODE_DATAPAGE) {
@@ -668,8 +664,6 @@ int ext_flash_read(uintptr_t address, uint8_t *data, int len)
 
 static void pit_init(void)
 {
-    uint32_t pmc_pcr;
-
     /* Turn on clock for PIT */
     PMC_CLOCK_EN(PIT_PMCID);
 

hal/stm32_tz.c

@@ -80,6 +80,7 @@ static int is_range_nonsecure(uint32_t address, int len)
     uint32_t min2 = WOLFBOOT_PARTITION_UPDATE_ADDRESS;
     uint32_t max2 = FLASH_TOP + 1;
     uint32_t end;
+    (void)boot_offset; /* calculated for reference, but not used */
     if (len < 0)
         return 0;
     end = (uint32_t)(address + len);
@@ -294,7 +295,6 @@ void hal_gtzc_init(void)
 
 void hal_tz_sau_init(void)
 {
-    uint32_t page_n = 0;
     /* SAU is set up before staging. Set up all areas as secure. */
 
     /* Non-secure callable: NSC functions area */

hal/stm32c0.c

@@ -195,7 +195,6 @@ void RAMFUNCTION hal_flash_lock(void)
 
 int RAMFUNCTION hal_flash_erase(uint32_t address, int len)
 {
-    int start = -1, end = -1;
     uint32_t end_address;
     uint32_t p;
     if (len == 0)
@@ -235,6 +234,7 @@ static void clock_pll_on(int powersave)
 
     /* Select clock parameters (CPU Speed = 48MHz) */
     cpu_freq = 48000000;
+    (void)cpu_freq; /* not used */
     flash_waitstates = 1;
 
     flash_set_waitstates(flash_waitstates);