espressif: sysbuild: integrate MCUboot Espressif Port build

Enable sysbuild to build MCUboot Espressif's port as an
external project.

Signed-off-by: Almir Okato <[email protected]>
Signed-off-by: Lucas Tamborrino <[email protected]>
Signed-off-by: Marek Matej <[email protected]>

Author: almir-okato

scripts/ci/check_compliance.py

@@ -1058,6 +1058,16 @@ def check_no_undef_outside_kconfig(self, kconf):
         "DEEP_SLEEP",  # #defined by RV32M1 in ext/
         "DESCRIPTION",
         "ERR",
+        "ESP_BOOT_SWAP_USING_MOVE", # Used on MCUboot Espressif Port
+        "ESP_BOOT_SWAP_USING_OFFSET", # Used on MCUboot Espressif Port
+        "ESP_BOOT_SWAP_USING_SCRATCH", # Used on MCUboot Espressif Port
+        "ESP_BOOT_UPGRADE_ONLY", # Used on MCUboot Espressif Port
+        "ESP_SIGN_EC256", # Used on MCUboot Espressif Port
+        "ESP_SIGN_ED25519", # Used on MCUboot Espressif Port
+        "ESP_SIGN_KEY_FILE", # Used on MCUboot Espressif Port
+        "ESP_SIGN_NONE", # Used on MCUboot Espressif Port
+        "ESP_SIGN_RSA", # Used on MCUboot Espressif Port
+        "ESP_SINGLE_APPLICATION_SLOT", # Used on MCUboot Espressif Port
         "ESP_DIF_LIBRARY",  # Referenced in CMake comment
         "EXPERIMENTAL",
         "EXTRA_FIRMWARE_DIR", # Linux, in boards/xtensa/intel_adsp_cavs25/doc

share/sysbuild/image_configurations/MAIN_image_default.cmake

@@ -5,15 +5,16 @@
 # This sysbuild CMake file sets the sysbuild controlled settings as properties
 # on the main Zephyr image.
 
-set_config_bool(${ZCMAKE_APPLICATION} CONFIG_BOOTLOADER_MCUBOOT "${SB_CONFIG_BOOTLOADER_MCUBOOT}")
-set_config_string(${ZCMAKE_APPLICATION} CONFIG_MCUBOOT_SIGNATURE_KEY_FILE
-                  "${SB_CONFIG_BOOT_SIGNATURE_KEY_FILE}"
-)
-set_config_string(${ZCMAKE_APPLICATION} CONFIG_MCUBOOT_ENCRYPTION_KEY_FILE
-                  "${SB_CONFIG_BOOT_ENCRYPTION_KEY_FILE}"
-)
-
 if(SB_CONFIG_BOOTLOADER_MCUBOOT)
+  set_config_bool(${ZCMAKE_APPLICATION} CONFIG_BOOTLOADER_MCUBOOT y)
+
+  set_config_string(${ZCMAKE_APPLICATION} CONFIG_MCUBOOT_SIGNATURE_KEY_FILE
+                    "${SB_CONFIG_BOOT_SIGNATURE_KEY_FILE}"
+  )
+  set_config_string(${ZCMAKE_APPLICATION} CONFIG_MCUBOOT_ENCRYPTION_KEY_FILE
+                    "${SB_CONFIG_BOOT_ENCRYPTION_KEY_FILE}"
+  )
+
   if("${SB_CONFIG_SIGNATURE_TYPE}" STREQUAL "NONE")
     set_config_bool(${ZCMAKE_APPLICATION} CONFIG_MCUBOOT_GENERATE_UNSIGNED_IMAGE y)
   else()

soc/espressif/Kconfig.sysbuild

@@ -3,8 +3,135 @@
 
 choice BOOTLOADER
 	default BOOTLOADER_MCUBOOT
+
+# Extension for the BOOTLOADER Kconfig choice to allow
+# MCUboot Espressif Port to be build
+config BOOTLOADER_MCUBOOT_ESPRESSIF
+	bool "MCUboot Espressif Port"
+	depends on SOC_FAMILY_ESPRESSIF_ESP32
+	help
+	  Use MCUboot Espressif Port as the bootloader
+
 endchoice
 
 choice MCUBOOT_MODE
 	default MCUBOOT_MODE_OVERWRITE_ONLY if SOC_FAMILY_ESPRESSIF_ESP32
 endchoice
+
+if BOOTLOADER_MCUBOOT_ESPRESSIF
+
+config ESP_MCUBOOT_IMGTOOL_OVERWRITE_ONLY
+	bool "Use overwrite-only instead of swap upgrades"
+	help
+	  If enabled, --overwrite-only option passed to imgtool to avoid
+	  adding the swap status area size when calculating overflow.
+
+choice ESP_MCUBOOT_MODE
+	prompt "Mode of operation"
+	default ESP_MCUBOOT_MODE_SWAP_SCRATCH if BOOTLOADER_MCUBOOT_ESPRESSIF
+	help
+	  The operating mode of MCUboot (which will also be propagated to the application).
+
+config ESP_MCUBOOT_MODE_SINGLE_APP
+	bool "Single slot"
+	select ESP_MCUBOOT_IMGTOOL_OVERWRITE_ONLY
+	help
+	  MCUboot will only boot slot0_partition placed application and does not care about other
+	  slots. In this mode application is not able to DFU its own update to secondary slot and
+	  all updates need to be performed using MCUboot serial recovery.
+
+config ESP_MCUBOOT_MODE_SWAP_USING_OFFSET
+	bool "Swap using offset"
+	select EXPERIMENTAL
+	select ESP_MCUBOOT_BOOTLOADER_MODE_HAS_NO_DOWNGRADE
+	help
+	  MCUboot expects slot0_partition and slot1_partition to be present in DT and application
+	  will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
+	  in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.
+
+config ESP_MCUBOOT_MODE_SWAP_USING_MOVE
+	bool "Swap using move"
+	select ESP_MCUBOOT_BOOTLOADER_MODE_HAS_NO_DOWNGRADE
+	help
+	  MCUboot expects slot0_partition and slot1_partition to be present in DT and application
+	  will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected
+	  in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION.
+
+config ESP_MCUBOOT_MODE_SWAP_SCRATCH
+	bool "Swap using scratch"
+	select ESP_MCUBOOT_BOOTLOADER_MODE_HAS_NO_DOWNGRADE
+	help
+	  MCUboot expects slot0_partition, slot1_partition and scratch_partition to be present in
+	  DT, and application will boot from slot0_partition. In this mode scratch_partition is
+	  used as temporary storage when MCUboot swaps application from the secondary slot to the
+	  primary slot.
+	  MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected in main application if MCUboot
+	  has been built with MCUBOOT_DOWNGRADE_PREVENTION.
+
+config ESP_MCUBOOT_MODE_OVERWRITE_ONLY
+	bool "Overwrite"
+	select ESP_MCUBOOT_IMGTOOL_OVERWRITE_ONLY
+	select ESP_MCUBOOT_BOOTLOADER_MODE_HAS_NO_DOWNGRADE
+	help
+	  MCUboot will take contents of secondary slot of an image and will overwrite primary slot
+	  with it. In this mode it is not possible to revert back to previous version as it is not
+	  stored in the secondary slot.
+	  This mode supports MCUBOOT_BOOTLOADER_NO_DOWNGRADE which means that the overwrite will
+	  not happen unless the version of secondary slot is higher than the version in primary
+	  slot.
+
+endchoice # ESP_MCUBOOT_MODE
+
+config ESP_MCUBOOT_BOOTLOADER_MODE_HAS_NO_DOWNGRADE
+	bool
+	help
+	  Selected mode supports downgrade prevention, where you cannot switch to
+	  an application with lower version than the currently running application.
+
+if ESP_MCUBOOT_BOOTLOADER_MODE_HAS_NO_DOWNGRADE
+config ESP_MCUBOOT_BOOTLOADER_NO_DOWNGRADE
+	bool "MCUboot mode has downgrade prevention enabled"
+	help
+	  Selected MCUboot mode has downgrade prevention enabled, where you are not
+	  able to change back to image with lower version number.
+	  This options should be selected when MCUboot has been built with
+	  MCUBOOT_DOWNGRADE_PREVENTION option enabled.
+endif # ESP_MCUBOOT_BOOTLOADER_MODE_HAS_NO_DOWNGRADE
+
+choice ESP_BOOT_SIGNATURE_TYPE
+	prompt "Signature type"
+	default ESP_BOOT_SIGNATURE_TYPE_NONE
+
+config ESP_BOOT_SIGNATURE_TYPE_NONE
+	bool "No signature; use only hash check"
+
+config ESP_BOOT_SIGNATURE_TYPE_RSA
+	bool "RSA signatures"
+
+if ESP_BOOT_SIGNATURE_TYPE_RSA
+config ESP_BOOT_SIGNATURE_RSA_LEN
+	int "RSA signature length"
+	range 2048 3072
+	default 2048
+endif
+
+config ESP_BOOT_SIGNATURE_TYPE_ECDSA_P256
+	bool "Elliptic curve digital signatures with curve P-256"
+
+config ESP_BOOT_SIGNATURE_TYPE_ED25519
+	bool "Edwards curve digital signatures using ed25519"
+
+endchoice # ESP_BOOT_SIGNATURE_TYPE
+
+config ESP_BOOT_SIGNATURE_KEY_FILE
+	string "Signing PEM key file"
+	depends on !ESP_BOOT_SIGNATURE_TYPE_NONE
+	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ec-p256.pem" if ESP_BOOT_SIGNATURE_TYPE_ECDSA_P256
+	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-ed25519.pem" if ESP_BOOT_SIGNATURE_TYPE_ED25519
+	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-rsa-2048.pem" if ESP_BOOT_SIGNATURE_TYPE_RSA && ESP_BOOT_SIGNATURE_RSA_LEN=2048
+	default "$(ZEPHYR_MCUBOOT_MODULE_DIR)/root-rsa-3072.pem" if ESP_BOOT_SIGNATURE_TYPE_RSA && ESP_BOOT_SIGNATURE_RSA_LEN=3072
+	default ""
+	help
+	  Absolute path to signing key file to use with MCUBoot.
+
+endif # BOOTLOADER_MCUBOOT_ESPRESSIF

soc/espressif/common/CMakeLists.txt

@@ -2,8 +2,8 @@
 # SPDX-License-Identifier: Apache-2.0
 
 zephyr_include_directories(include)
-
-if(NOT CONFIG_MCUBOOT AND NOT CONFIG_SOC_ESP32_APPCPU AND NOT CONFIG_SOC_ESP32S3_APPCPU)
+if(NOT CONFIG_MCUBOOT AND NOT CONFIG_MCUBOOT_ESPRESSIF AND
+    NOT CONFIG_SOC_ESP32_APPCPU AND NOT CONFIG_SOC_ESP32S3_APPCPU)
   zephyr_sources_ifdef(CONFIG_ESP_SPIRAM esp_psram.c)
 endif()
 
@@ -18,13 +18,13 @@ endif()
 
 message("-- Espressif HAL path: ${ESP_IDF_PATH}")
 
-if((CONFIG_ESP_SIMPLE_BOOT OR CONFIG_MCUBOOT) AND NOT CONFIG_SOC_ESP32C6_LPCORE)
+if((CONFIG_ESP_SIMPLE_BOOT OR CONFIG_MCUBOOT OR CONFIG_MCUBOOT_ESPRESSIF) AND NOT CONFIG_SOC_ESP32C6_LPCORE)
   if(CONFIG_BUILD_OUTPUT_BIN)
     set(ESPTOOL_PY ${ESP_IDF_PATH}/tools/esptool_py/esptool.py)
     message("-- Use the esptool.py: ${ESPTOOL_PY}")
 
     set(ELF2IMAGE_ARG "")
-    if(NOT CONFIG_MCUBOOT)
+    if(NOT CONFIG_MCUBOOT AND NOT CONFIG_MCUBOOT_ESPRESSIF)
       set(ELF2IMAGE_ARG "--ram-only-header")
     endif()
 
@@ -41,26 +41,36 @@ endif()
 
 set_property(TARGET bintools PROPERTY disassembly_flag_inline_source)
 
-# Select the image origin depending on the boot configuration
 if(CONFIG_SOC_ESP32_APPCPU OR CONFIG_SOC_ESP32S3_APPCPU)
   dt_nodelabel(dts_partition_path NODELABEL "slot0_appcpu_partition")
 elseif(CONFIG_SOC_ESP32C6_LPCORE)
   dt_nodelabel(dts_partition_path NODELABEL "slot0_lpcore_partition")
-elseif(CONFIG_MCUBOOT OR CONFIG_ESP_SIMPLE_BOOT)
-  dt_nodelabel(dts_partition_path NODELABEL "boot_partition")
 else()
   dt_nodelabel(dts_partition_path NODELABEL "slot0_partition")
 endif()
-
 dt_reg_addr(image_off PATH ${dts_partition_path})
-board_runner_args(esp32 "--esp-app-address=${image_off}")
+
+# Get boot partition address
+dt_nodelabel(dts_boot_partition_path NODELABEL "boot_partition")
+dt_reg_addr(boot_off PATH ${dts_boot_partition_path})
+
+# Select the image origin depending on the boot configuration
+if(CONFIG_BOOTLOADER_MCUBOOT)
+  board_runner_args(esp32 "--esp-app-address=${image_off}")
+  message("-- Target partition ${dts_partition_path}")
+else()
+  # In this case, it means that the current build is either
+  # the bootloader (MCUboot, MCUboot Espressif Port) or regular
+  # app that boots using Simple boot
+  board_runner_args(esp32 "--esp-app-address=${boot_off}")
+  message("-- Target partition ${dts_boot_partition_path}")
+endif()
+
 board_runner_args(esp32 "--esp-flash-size=${esptoolpy_flashsize}MB")
 board_runner_args(esp32 "--esp-flash-freq=${CONFIG_ESPTOOLPY_FLASHFREQ}")
 board_runner_args(esp32 "--esp-flash-mode=${CONFIG_ESPTOOLPY_FLASHMODE}")
 board_finalize_runner_args(esp32 "--esp-monitor-baud=${monitor_baud}")
 
-message("-- Image partition ${dts_partition_path}")
-
 # Look for cross references between bootloader sections
 if(CONFIG_MCUBOOT)
     message("check_callgraph using: ${ESP_IDF_PATH}/tools/ci/check_callgraph.py")
@@ -78,6 +88,10 @@ endif()
 
 if(CONFIG_MCUBOOT)
   set(SOC_LINKER_SCRIPT ${CMAKE_CURRENT_SOURCE_DIR}/../${CONFIG_SOC}/mcuboot.ld CACHE INTERNAL "")
+elseif(CONFIG_MCUBOOT_ESPRESSIF)
+  # building bootloader MCUboot Espressif Port uses its linker script existing
+  # in MCUboot repo
+  set(SOC_LINKER_SCRIPT ${CMAKE_CURRENT_SOURCE_DIR}/empty.ld CACHE INTERNAL "")
 elseif(CONFIG_SOC_ESP32_APPCPU OR CONFIG_SOC_ESP32S3_APPCPU)
   set(SOC_LINKER_SCRIPT ${CMAKE_CURRENT_SOURCE_DIR}/../${CONFIG_SOC}/default_appcpu.ld CACHE INTERNAL "")
 elseif(CONFIG_SOC_ESP32C6_LPCORE)

soc/espressif/common/Kconfig

@@ -17,13 +17,20 @@ config ESP32_USE_UNSUPPORTED_REVISION
 
 config ESP_SIMPLE_BOOT
 	bool "Simple Boot method"
-	default y if !BOOTLOADER_MCUBOOT && !MCUBOOT
+	default y if !BOOTLOADER_MCUBOOT && !MCUBOOT && !MCUBOOT_ESPRESSIF
 	help
 	  The Simple Boot is a booting method that doesn't need a 2nd stage bootloader.
 	  Output is a single image that should be flashed at an offset defined by used SOC.
 	  Please note that this method brings the system up with all memories set-up, but
 	  all other features, such as secure boot OTA or slots management are not available.
 
+# Set by MCUboot Espressif Port
+config MCUBOOT_ESPRESSIF
+	bool
+	help
+	  Hidden option used to indicate that the current image is MCUBoot
+	  Espressif Port
+
 config ESP32_TIMER_TASK_STACK_SIZE
 	int "Stack size of the high resolution ESP Timer"
 	default 4096

soc/espressif/common/Kconfig.defconfig

@@ -4,16 +4,16 @@
 if SOC_SERIES_ESP32C2 || SOC_SERIES_ESP32C3 || SOC_SERIES_ESP32C6
 
 config GEN_ISR_TABLES
-	default y if !SOC_ESP32C6_LPCORE
+	default y if !SOC_ESP32C6_LPCORE && !MCUBOOT_ESPRESSIF
 
 config GEN_SW_ISR_TABLE
-	default y
+	default y if !MCUBOOT_ESPRESSIF
 
 config GEN_IRQ_VECTOR_TABLE
 	default n
 
 config DYNAMIC_INTERRUPTS
-	default y if !SOC_ESP32C6_LPCORE
+	default y if !SOC_ESP32C6_LPCORE && !MCUBOOT_ESPRESSIF
 
 config ISR_STACK_SIZE
 	default 2048
@@ -66,13 +66,13 @@ config XTENSA_USE_CORE_CRT1
 	default n
 
 config GEN_ISR_TABLES
-	default y
+	default y if !MCUBOOT_ESPRESSIF
 
 config GEN_IRQ_VECTOR_TABLE
 	default n
 
 config CLOCK_CONTROL
-	default y
+	default y if !MCUBOOT_ESPRESSIF
 
 config SOC_FLASH_ESP32
 	default y

soc/espressif/common/empty.ld

@@ -0,0 +1,8 @@
+/*
+ * Copyright (c) 2025 Espressif Systems (Shanghai) Co., Ltd.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/* Empty linker script to allow MCUboot Espressif Port to link in its
+ * own way when building using sysbuild.
+ */

soc/espressif/esp32/CMakeLists.txt

@@ -1,5 +1,9 @@
 # SPDX-License-Identifier: Apache-2.0
 
+if(CONFIG_MCUBOOT_ESPRESSIF)
+  return()
+endif()
+
 if (CONFIG_SOC_ESP32_APPCPU)
   zephyr_sources(
     soc_appcpu.c

soc/espressif/esp32/Kconfig

@@ -3,13 +3,13 @@
 
 config SOC_SERIES_ESP32
 	select XTENSA
-	select CLOCK_CONTROL
-	select DYNAMIC_INTERRUPTS
+	select CLOCK_CONTROL if !MCUBOOT_ESPRESSIF
+	select DYNAMIC_INTERRUPTS if !MCUBOOT_ESPRESSIF
 	select ARCH_HAS_GDBSTUB
 	select ARCH_SUPPORTS_COREDUMP
-	select PINCTRL
+	select PINCTRL if !MCUBOOT_ESPRESSIF
 	select HAS_ESPRESSIF_HAL
-	select CPU_HAS_FPU
+	select CPU_HAS_FPU if !MCUBOOT_ESPRESSIF
 	select HAS_PM
 	select HAS_POWEROFF
 

soc/espressif/esp32c2/CMakeLists.txt

@@ -1,5 +1,9 @@
 # SPDX-License-Identifier: Apache-2.0
 
+if(CONFIG_MCUBOOT_ESPRESSIF)
+  return()
+endif()
+
 zephyr_sources(
   vectors.S
   soc_irq.S

soc/espressif/esp32c2/Kconfig

@@ -4,9 +4,9 @@
 config SOC_SERIES_ESP32C2
 	select RISCV
 	select RISCV_SOC_HAS_GP_RELATIVE_ADDRESSING
-	select DYNAMIC_INTERRUPTS
-	select CLOCK_CONTROL
-	select PINCTRL
+	select DYNAMIC_INTERRUPTS if !MCUBOOT_ESPRESSIF
+	select CLOCK_CONTROL if !MCUBOOT_ESPRESSIF
+	select PINCTRL if !MCUBOOT_ESPRESSIF
 	select RISCV_ISA_RV32I
 	select RISCV_ISA_EXT_M
 	select RISCV_ISA_EXT_C

soc/espressif/esp32c3/CMakeLists.txt

@@ -1,5 +1,9 @@
 # SPDX-License-Identifier: Apache-2.0
 
+if(CONFIG_MCUBOOT_ESPRESSIF)
+  return()
+endif()
+
 zephyr_sources(
   vectors.S
   soc_irq.S