Apply 2.16.100 release update

Add more files for MCUXpresso SDK release 2.16.100

boot/bootutil/include/bootutil/boot_hooks.h

@@ -99,6 +99,25 @@ fih_ret boot_image_check_hook(int img_index, int slot);
  */
 int boot_perform_update_hook(int img_index, struct image_header *img_head,
                              const struct flash_area *area);
+
+/** Hook for implement image's pre-copying action
+ *
+ * This hook is for implement action which might be done right before image is
+ * copied to the primary slot. This hook is called in MCUBOOT_OVERWRITE_ONLY
+ * mode only.
+ *
+ * @param img_index the index of the image pair
+ * @param area the flash area of the primary image.
+ * @param size size of copied image.
+ *
+ * @retval 0: success, mcuboot will follow normal code execution flow after
+ *            execution of this call.
+ *         non-zero: an error, mcuboot will return from
+ *         boot_copy_image() with error.
+ *         Update will be undone so might be resume on the next boot.
+ */
+int boot_copy_region_pre_hook(int img_index, const struct flash_area *area, 
+                              size_t size);
 
 /** Hook for implement image's post copying action
  *

boot/bootutil/include/bootutil/image.h

@@ -158,7 +158,7 @@ struct image_tlv {
 #define IS_ENCRYPTED(hdr) (((hdr)->ih_flags & IMAGE_F_ENCRYPTED_AES128) \
                         || ((hdr)->ih_flags & IMAGE_F_ENCRYPTED_AES256))
 
-#ifdef CONFIG_MCUBOOT_ENCRYPTED_XIP_SUPPORT
+#if defined(CONFIG_ENCRYPT_XIP_EXT_ENABLE) && !defined(CONFIG_ENCRYPT_XIP_EXT_OVERWRITE_ONLY)
 /* Both slots are used for staging encrypted image */
 #define MUST_DECRYPT(fap, idx, hdr) (IS_ENCRYPTED(hdr))
 #else

boot/bootutil/src/bootutil_priv.h

@@ -167,9 +167,9 @@ _Static_assert(sizeof(boot_img_magic) == BOOT_MAGIC_SZ, "Invalid size for image
 #else
 #define ARE_SLOTS_EQUIVALENT()    1
 
-#if defined(MCUBOOT_DIRECT_XIP) && defined(MCUBOOT_ENC_IMAGES) && !defined(CONFIG_MCUBOOT_ENCRYPTED_XIP_SUPPORT)
+#if defined(MCUBOOT_DIRECT_XIP) && defined(MCUBOOT_ENC_IMAGES) && !defined(CONFIG_ENCRYPT_XIP_EXT_ENABLE)
 #error "Image encryption (MCUBOOT_ENC_IMAGES) is not supported when MCUBOOT_DIRECT_XIP is selected."
-#endif /* MCUBOOT_DIRECT_XIP && MCUBOOT_ENC_IMAGES && !CONFIG_MCUBOOT_ENCRYPTED_XIP_SUPPORT */
+#endif /* MCUBOOT_DIRECT_XIP && MCUBOOT_ENC_IMAGES && !CONFIG_ENCRYPT_XIP_EXT_ENABLE */
 #endif /* MCUBOOT_DIRECT_XIP || MCUBOOT_RAM_LOAD */
 
 #define BOOT_MAX_IMG_SECTORS       MCUBOOT_MAX_IMG_SECTORS

boot/bootutil/src/loader.c

@@ -511,7 +511,7 @@ boot_image_check(struct boot_loader_state *state, struct image_header *hdr,
         if (rc < 0) {
             FIH_RET(fih_rc);
         }
-#ifdef CONFIG_MCUBOOT_ENCRYPTED_XIP_SUPPORT
+#if defined(CONFIG_ENCRYPT_XIP_EXT_ENABLE) && !defined(CONFIG_ENCRYPT_XIP_EXT_OVERWRITE_ONLY)
         /* Both slots are used for staging encrypted image */
         uint32_t active_slot = state->slot_usage[BOOT_CURR_IMG(state)].active_slot;
         if (rc == 0 && boot_enc_set_key(BOOT_CURR_ENC(state), active_slot, bs)) {
@@ -1188,6 +1188,12 @@ boot_copy_image(struct boot_loader_state *state, struct boot_status *bs)
         }
     }
 #endif
+
+    rc = BOOT_HOOK_CALL(boot_copy_region_pre_hook, 0, BOOT_CURR_IMG(state),
+                        BOOT_IMG_AREA(state, BOOT_PRIMARY_SLOT), size);
+    if (rc != 0) {
+        return rc;
+    }
 
     BOOT_LOG_INF("Image %d copying the secondary slot to the primary slot: 0x%x bytes",
                  image_index, size);

ext/nxp_encrypted_xip/include/platform_enc_common.h

@@ -12,22 +12,20 @@
 #include "fsl_common.h"
 #include "flash_map.h"
 
-/* Checks whether active slot has valid encryption metadata.  */
-status_t platform_enc_check_slot(struct flash_area *fa, uint32_t *active_slot);
+/* Checks whether encryption metadata are valid  */
+status_t platform_enc_cfg_read(struct flash_area *fa_meta, uint32_t *active_slot);
 
-/* Initializes new encryption metadata with random nonce in active slot */
-status_t platform_enc_prepare_slot(struct flash_area *fa, uint32_t active_slot);
+/* Initializes new encryption metadata with random nonce */
+status_t platform_enc_cfg_write(struct flash_area *fa_meta, uint32_t active_slot);
 
 /* Initializes platform on-the-fly encryption based on configuration in encryption metadata */
-status_t platform_enc_init_slot(struct flash_area *fa, uint8_t *nonce);
+status_t platform_enc_cfg_init(struct flash_area *fa_meta, uint8_t *nonce);
 
-/* Deinitializes platform on-the-fly encryption */
-status_t platform_enc_deinit_slot(struct flash_area *fa);
-
-/* Finish initialization of on-the-fly encryption (if needed) */
-status_t platform_enc_finish(struct flash_area *fa);
+status_t platform_enc_cfg_getNonce(struct flash_area *fa_meta, uint8_t *nonce);
 
 /* Encrypts data */
 status_t platform_enc_encrypt_data(uint32_t flash_addr, uint8_t *nonce, uint8_t *input, uint8_t *output, uint32_t len);
 
+void hexdump(const void *src, size_t size);
+
 #endif