4 # The bootloader is not a real component that gets linked into the project.
5 # Instead it is an entire standalone project ( in src/) that gets built in
6 # the upper projects build directory. This Makefile.projbuild provides the
7 # glue to build the bootloader project from the original project. It
8 # basically runs Make in the src/ directory but it needs to zero some variables
9 # the ESP-IDF project.mk makefile exports first, to not let them interfere.
11 ifndef IS_BOOTLOADER_BUILD
13 BOOTLOADER_COMPONENT_PATH := $(COMPONENT_PATH)
14 BOOTLOADER_BUILD_DIR=$(abspath $(BUILD_DIR_BASE)/bootloader)
15 BOOTLOADER_BIN=$(BOOTLOADER_BUILD_DIR)/bootloader.bin
17 # signing key path is resolved relative to the project directory
18 SECURE_BOOT_SIGNING_KEY=$(abspath $(call dequote,$(CONFIG_SECURE_BOOT_SIGNING_KEY)))
19 export SECURE_BOOT_SIGNING_KEY # used by bootloader_support component
21 # Has a matching value in bootloader_support esp_flash_partitions.h
22 BOOTLOADER_OFFSET := 0x1000
24 # Custom recursive make for bootloader sub-project
25 BOOTLOADER_MAKE=+$(MAKE) -C $(BOOTLOADER_COMPONENT_PATH)/src \
26 V=$(V) BUILD_DIR_BASE=$(BOOTLOADER_BUILD_DIR) TEST_COMPONENTS=
28 .PHONY: bootloader-clean bootloader-flash bootloader $(BOOTLOADER_BIN)
30 $(BOOTLOADER_BIN): $(SDKCONFIG_MAKEFILE)
33 clean: bootloader-clean
35 ifdef CONFIG_SECURE_BOOTLOADER_DISABLED
36 # If secure boot disabled, bootloader flashing is integrated
37 # with 'make flash' and no warnings are printed.
39 bootloader: $(BOOTLOADER_BIN)
41 @echo "Bootloader built. Default flash command is:"
42 @echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $^"
44 ESPTOOL_ALL_FLASH_ARGS += $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)
46 bootloader-flash: $(BOOTLOADER_BIN)
47 $(ESPTOOLPY_WRITE_FLASH) 0x1000 $^
49 else ifdef CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH
51 # One time flashing requires user to run esptool.py command themselves,
52 # and warning is printed about inability to reflash.
54 bootloader: $(BOOTLOADER_BIN)
56 @echo "Bootloader built. One-time flash command is:"
57 @echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"
59 @echo "* IMPORTANT: After first boot, BOOTLOADER CANNOT BE RE-FLASHED on same device"
61 else ifdef CONFIG_SECURE_BOOTLOADER_REFLASHABLE
62 # Reflashable secure bootloader
63 # generates a digest binary (bootloader + digest)
65 BOOTLOADER_DIGEST_BIN := $(BOOTLOADER_BUILD_DIR)/bootloader-reflash-digest.bin
66 SECURE_BOOTLOADER_KEY := $(BOOTLOADER_BUILD_DIR)/secure-bootloader-key.bin
68 $(SECURE_BOOTLOADER_KEY): $(SECURE_BOOT_SIGNING_KEY)
69 $(Q) $(ESPSECUREPY) digest_private_key -k $< $@
71 bootloader: $(BOOTLOADER_DIGEST_BIN)
73 @echo "Bootloader built and secure digest generated. First time flash command is:"
74 @echo "$(ESPEFUSEPY) burn_key secure_boot $(SECURE_BOOTLOADER_KEY)"
75 @echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"
77 @echo "To reflash the bootloader after initial flash:"
78 @echo "$(ESPTOOLPY_WRITE_FLASH) 0x0 $(BOOTLOADER_DIGEST_BIN)"
80 @echo "* After first boot, only re-flashes of this kind (with same key) will be accepted."
81 @echo "* Not recommended to re-use the same secure boot keyfile on multiple production devices."
83 $(BOOTLOADER_DIGEST_BIN): $(BOOTLOADER_BIN) $(SECURE_BOOTLOADER_KEY)
84 @echo "DIGEST $(notdir $@)"
85 $(Q) $(ESPSECUREPY) digest_secure_bootloader -k $(SECURE_BOOTLOADER_KEY) -o $@ $<
89 @echo "Invalid bootloader target: bad sdkconfig?"
93 all_binaries: $(BOOTLOADER_BIN)
96 $(BOOTLOADER_MAKE) app-clean
97 rm -f $(SECURE_BOOTLOADER_KEY) $(BOOTLOADER_DIGEST_BIN)
99 $(BOOTLOADER_BUILD_DIR):
103 CFLAGS += -D BOOTLOADER_BUILD=1 -I $(IDF_PATH)/components/esp32/include