d664e32394
For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1" Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader project works, it's now mostly independent from the parent.
123 lines
4.5 KiB
Makefile
123 lines
4.5 KiB
Makefile
# Bootloader component (top-level project parts)
|
|
#
|
|
# The bootloader is not a real component that gets linked into the project.
|
|
# Instead it is an entire standalone project (in subproject/) that gets
|
|
# built in the upper project's build directory. This Makefile.projbuild provides
|
|
# the glue to build the bootloader project from the original project. It
|
|
# basically runs Make in the subproject/ directory but it needs to
|
|
# zero some variables the ESP-IDF project.mk makefile exports first, to not
|
|
# let them interfere.
|
|
#
|
|
BOOTLOADER_COMPONENT_PATH := $(COMPONENT_PATH)
|
|
BOOTLOADER_BUILD_DIR=$(abspath $(BUILD_DIR_BASE)/bootloader)
|
|
BOOTLOADER_BIN=$(BOOTLOADER_BUILD_DIR)/bootloader.bin
|
|
|
|
# signing key path is resolved relative to the project directory
|
|
SECURE_BOOT_SIGNING_KEY=$(abspath $(call dequote,$(CONFIG_SECURE_BOOT_SIGNING_KEY)))
|
|
export SECURE_BOOT_SIGNING_KEY # used by bootloader_support component
|
|
|
|
# Has a matching value in bootloader_support esp_flash_partitions.h
|
|
BOOTLOADER_OFFSET := 0x1000
|
|
|
|
# Custom recursive make for bootloader sub-project
|
|
#
|
|
# NB: Some variables are cleared in the environment, not
|
|
# overriden, because they need to be re-defined in the child
|
|
# project.
|
|
BOOTLOADER_MAKE= +\
|
|
PROJECT_PATH= \
|
|
COMPONENT_DIRS= \
|
|
$(MAKE) -C $(BOOTLOADER_COMPONENT_PATH)/subproject \
|
|
V=$(V) \
|
|
BUILD_DIR_BASE=$(BOOTLOADER_BUILD_DIR) \
|
|
TEST_COMPONENTS= \
|
|
TESTS_ALL=
|
|
|
|
.PHONY: bootloader-clean bootloader-flash bootloader-list-components bootloader $(BOOTLOADER_BIN)
|
|
|
|
$(BOOTLOADER_BIN): $(SDKCONFIG_MAKEFILE)
|
|
$(BOOTLOADER_MAKE) $@
|
|
|
|
clean: bootloader-clean
|
|
|
|
bootloader-list-components:
|
|
$(BOOTLOADER_MAKE) list-components
|
|
|
|
ifndef CONFIG_SECURE_BOOT_ENABLED
|
|
# If secure boot disabled, bootloader flashing is integrated
|
|
# with 'make flash' and no warnings are printed.
|
|
|
|
bootloader: $(BOOTLOADER_BIN)
|
|
@echo $(SEPARATOR)
|
|
@echo "Bootloader built. Default flash command is:"
|
|
@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $^"
|
|
|
|
ESPTOOL_ALL_FLASH_ARGS += $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)
|
|
|
|
bootloader-flash: $(BOOTLOADER_BIN) $(call prereq_if_explicit,erase_flash)
|
|
$(ESPTOOLPY_WRITE_FLASH) 0x1000 $^
|
|
|
|
else ifdef CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH
|
|
|
|
# One time flashing requires user to run esptool.py command themselves,
|
|
# and warning is printed about inability to reflash.
|
|
#
|
|
# The flashing command is deliberately printed without an auto-reset
|
|
# step, so the device doesn't immediately reset to flash itself.
|
|
|
|
bootloader: $(BOOTLOADER_BIN)
|
|
@echo $(SEPARATOR)
|
|
@echo "Bootloader built. One-time flash command is:"
|
|
@echo "$(subst hard_reset,no_reset,$(ESPTOOLPY_WRITE_FLASH)) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"
|
|
@echo $(SEPARATOR)
|
|
@echo "* IMPORTANT: After first boot, BOOTLOADER CANNOT BE RE-FLASHED on same device"
|
|
|
|
else ifdef CONFIG_SECURE_BOOTLOADER_REFLASHABLE
|
|
# Reflashable secure bootloader
|
|
# generates a digest binary (bootloader + digest)
|
|
|
|
BOOTLOADER_DIGEST_BIN := $(BOOTLOADER_BUILD_DIR)/bootloader-reflash-digest.bin
|
|
SECURE_BOOTLOADER_KEY := $(BOOTLOADER_BUILD_DIR)/secure-bootloader-key.bin
|
|
|
|
ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
|
|
$(SECURE_BOOTLOADER_KEY): $(SECURE_BOOT_SIGNING_KEY)
|
|
$(ESPSECUREPY) digest_private_key -k $< $@
|
|
else
|
|
$(SECURE_BOOTLOADER_KEY):
|
|
@echo "No pre-generated key for a reflashable secure bootloader is available, due to signing configuration."
|
|
@echo "To generate one, you can use this command:"
|
|
@echo "espsecure.py generate_flash_encryption_key $@"
|
|
@echo "then re-run make."
|
|
exit 1
|
|
endif
|
|
|
|
bootloader: $(BOOTLOADER_DIGEST_BIN)
|
|
@echo $(SEPARATOR)
|
|
@echo "Bootloader built and secure digest generated. First time flash command is:"
|
|
@echo "$(ESPEFUSEPY) burn_key secure_boot $(SECURE_BOOTLOADER_KEY)"
|
|
@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"
|
|
@echo $(SEPARATOR)
|
|
@echo "To reflash the bootloader after initial flash:"
|
|
@echo "$(ESPTOOLPY_WRITE_FLASH) 0x0 $(BOOTLOADER_DIGEST_BIN)"
|
|
@echo $(SEPARATOR)
|
|
@echo "* After first boot, only re-flashes of this kind (with same key) will be accepted."
|
|
@echo "* Not recommended to re-use the same secure boot keyfile on multiple production devices."
|
|
|
|
$(BOOTLOADER_DIGEST_BIN): $(BOOTLOADER_BIN) $(SECURE_BOOTLOADER_KEY)
|
|
@echo "DIGEST $(notdir $@)"
|
|
$(Q) $(ESPSECUREPY) digest_secure_bootloader -k $(SECURE_BOOTLOADER_KEY) -o $@ $<
|
|
|
|
else
|
|
bootloader:
|
|
@echo "Invalid bootloader target: bad sdkconfig?"
|
|
@exit 1
|
|
endif
|
|
|
|
ifndef CONFIG_SECURE_BOOT_ENABLED
|
|
# don't build bootloader by default is secure boot is enabled
|
|
all_binaries: $(BOOTLOADER_BIN)
|
|
endif
|
|
|
|
bootloader-clean:
|
|
$(BOOTLOADER_MAKE) app-clean
|
|
rm -f $(SECURE_BOOTLOADER_KEY) $(BOOTLOADER_DIGEST_BIN)
|