Updated benchmark scripts to run on rpi + stm32h563

config/examples/stm32h5-no-tz.config

@@ -0,0 +1,34 @@
+ARCH?=ARM
+TZEN?=0
+TARGET?=stm32h5
+SIGN?=ECC256
+HASH?=SHA256
+DEBUG?=0
+VTOR?=1
+CORTEX_M0?=0
+CORTEX_M33?=1
+NO_ASM?=0
+NO_MPU=1
+EXT_FLASH?=0
+SPI_FLASH?=0
+ALLOW_DOWNGRADE?=0
+NVM_FLASH_WRITEONCE?=1
+WOLFBOOT_VERSION?=1
+V?=0
+SPMATH?=1
+RAM_CODE?=0
+DUALBANK_SWAP?=0
+WOLFBOOT_PARTITION_SIZE?=0xA0000
+#Double sector size to fit header in ML-DSA-87
+WOLFBOOT_SECTOR_SIZE?=0x4000
+WOLFBOOT_KEYVAULT_ADDRESS?=0x0C040000
+WOLFBOOT_KEYVAULT_SIZE?=0x1C000
+WOLFBOOT_NSC_ADDRESS?=0x0C05C000
+WOLFBOOT_NSC_SIZE?=0x4000
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x08060000
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x08100000
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x081A0000
+FLAGS_HOME=0
+DISABLE_BACKUP=0
+IMAGE_HEADER_SIZE?=1024
+ARMORED=1

include/image.h

@@ -444,6 +444,7 @@ static void __attribute__((noinline)) wolfBoot_image_clear_signature_ok(
         asm volatile("bne hnope"); \
         /* Repeat memcmp call */ \
         compare_res = XMEMCMP(digest, img->sha_hash, WOLFBOOT_SHA_DIGEST_SIZE); \
+        compare_res; \
         /* Redundant checks that ensure the function actually returned 0 */ \
         asm volatile("cmp r0, #0":::"cc"); \
         asm volatile("cmp r0, #0":::"cc"); \

options.mk

@@ -1,11 +1,21 @@
 WOLFCRYPT_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/asn.o
 USE_GCC?=1
+WOLFBOOT_TEST_FILLER?=0
+WOLFBOOT_TIME_TEST?=0
 
 # Support for Built-in ROT into OTP flash memory
 ifeq ($(FLASH_OTP_KEYSTORE),1)
     CFLAGS+=-D"FLASH_OTP_KEYSTORE"
 endif
 
+ifeq ($(WOLFBOOT_TEST_FILLER),1)
+    CFLAGS+=-D"WOLFBOOT_TEST_FILLER"
+endif
+
+ifeq ($(WOLFBOOT_TIME_TEST),1)
+    CFLAGS+=-D"WOLFBOOT_TIME_TEST"
+endif
+
 # Support for TPM signature verification
 ifeq ($(WOLFBOOT_TPM_VERIFY),1)
   WOLFTPM:=1
@@ -200,7 +210,7 @@ ifeq ($(SIGN),ECC521)
       ifneq ($(SPMATH),1)
         STACK_USAGE=11256
       else
-        STACK_USAGE=8288
+        STACK_USAGE=8480
       endif
     endif
   endif

src/image.c

@@ -2202,6 +2202,7 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img)
             wolfBoot_printf("Verification of hybrid signature\n");
             wolfBoot_verify_signature_secondary(key_slot, img,
                     stored_secondary_signature);
+	    (void)stored_secondary_signature_size;
             wolfBoot_printf("Done.\n");
         }
     }

test-app/ARM-stm32h5-ns.ld

@@ -1,7 +1,7 @@
 MEMORY
 {
     FLASH (rx) : ORIGIN = @WOLFBOOT_TEST_APP_ADDRESS@, LENGTH = @WOLFBOOT_TEST_APP_SIZE@
-    RAM (rwx) : ORIGIN = 0x20050000, LENGTH = 0x40000
+    RAM (rwx) : ORIGIN = 0x20050000, LENGTH = 0x50000
 }
 
 SECTIONS

test-app/ARM-stm32h5.ld

@@ -1,7 +1,7 @@
 MEMORY
 {
     FLASH (rx) : ORIGIN = @WOLFBOOT_TEST_APP_ADDRESS@, LENGTH = @WOLFBOOT_TEST_APP_SIZE@
-    RAM (rwx) : ORIGIN = 0x30000000, LENGTH = 64K /* Run in lowmem */
+    RAM (rwx) : ORIGIN = 0x30000000, LENGTH = 256K
 }
 
 SECTIONS

test-app/Makefile

@@ -289,10 +289,12 @@ ifeq ($(TARGET),stm32h5)
   LDFLAGS+=-Wl,-gc-sections -Wl,-Map=image.map
   CFLAGS+=-I..
   APP_OBJS+=../hal/uart/uart_drv_$(UART_TARGET).o
-  ifeq ($(FLASH_OTP_KEYSTORE),1)
-    APP_OBJS+=../src/flash_otp_keystore.o
-  else
-    APP_OBJS+=../src/keystore.o
+  ifneq ($(SIGN),NONE)
+    ifeq ($(FLASH_OTP_KEYSTORE),1)
+      APP_OBJS+=../src/flash_otp_keystore.o
+    else
+      APP_OBJS+=../src/keystore.o
+    endif
   endif
 endif
 
@@ -330,7 +332,9 @@ endif
 ifeq ($(TARGET),va416x0)
   APP_OBJS+=$(SDK_OBJS)
   LSCRIPT_TEMPLATE=ARM-va416x0.ld
-  APP_OBJS+=../src/keystore.o
+  ifneq ($(SIGN),NONE)
+    APP_OBJS+=../src/keystore.o
+  endif
 endif
 
 ifeq ($(TARGET),sim)

test-app/app_stm32h5.c

@@ -31,7 +31,9 @@
 #include "hal/stm32h5.h"
 #include "uart_drv.h"
 #include "wolfboot/wolfboot.h"
+#ifndef WOLFBOOT_NO_SIGN
 #include "keystore.h"
+#endif
 #include "target.h"
 
 #ifdef WOLFBOOT_TPM
@@ -76,9 +78,20 @@ static int uart_poll(void);
 #define LED_BOOT_PIN  (4) /* PG4 - Nucleo - Red Led */
 #define LED_USR_PIN   (0) /* PB0 - Nucleo - Green Led */
 #define LED_EXTRA_PIN (4) /* PF4 - Nucleo - Orange Led */
+#define BOOT_TIME_PIN (13) /* PA13 - scope trigger */
+
+#ifdef WOLFBOOT_TEST_FILLER
+#define FILLER_SIZE (64 * 1024)
+static volatile uint8_t filler_data[FILLER_SIZE] = { 0x01, 0x02, 0x03 };
+#endif
 
 #define NVIC_USART3_IRQN (60)
 
+#ifndef GPIOA_MODER
+#define GPIOA_MODER (*(volatile uint32_t *)(GPIOA_BASE + 0x00))
+#define GPIOA_PUPDR (*(volatile uint32_t *)(GPIOA_BASE + 0x0C))
+#define GPIOA_BSRR  (*(volatile uint32_t *)(GPIOA_BASE + 0x18))
+#endif
 
 /* SysTick */
 static uint32_t cpu_freq = 250000000;
@@ -119,6 +132,21 @@ static void boot_led_on(void)
     GPIOG_BSRR |= (1 << (pin));
 }
 
+void boot_time_pin_on_early(void)
+{
+    uint32_t reg;
+    uint32_t pin = BOOT_TIME_PIN;
+
+    RCC_AHB2ENR_CLOCK_ER |= GPIOA_AHB2ENR1_CLOCK_ER;
+    /* Delay after an RCC peripheral clock enabling */
+    reg = RCC_AHB2ENR_CLOCK_ER;
+
+    reg = GPIOA_MODER & ~(0x03 << (pin * 2));
+    GPIOA_MODER = reg | (1 << (pin * 2));
+    GPIOA_PUPDR &= ~(0x03 << (pin * 2));
+    GPIOA_BSRR |= (1 << (pin));
+}
+
 static void boot_led_off(void)
 {
     GPIOG_BSRR |= (1 << (LED_BOOT_PIN + 16));
@@ -542,6 +570,7 @@ static int cmd_info(const char *args)
         printf("No image in update partition.\r\n");
     }
 
+#ifndef WOLFBOOT_NO_SIGN
     printf("\r\n");
     printf("Bootloader OTP keystore information\r\n");
     printf("====================================\r\n");
@@ -559,6 +588,10 @@ static int cmd_info(const char *args)
         printf("  ====================================\r\n  ");
         print_hex(keybuf, size, 0);
     }
+#else
+    printf("\r\n");
+    printf("Signing disabled (SIGN=NONE)\r\n");
+#endif
     return 0;
 }
 
@@ -1295,6 +1328,10 @@ void main(void)
     /* Turn on boot LED */
     boot_led_on();
 
+#ifdef WOLFBOOT_TEST_FILLER
+    filler_data[FILLER_SIZE - 1] = 0xAA;
+#endif
+
     /* Enable SysTick */
     systick_enable();
 

test-app/app_stm32h7.c

@@ -363,8 +363,10 @@ void uart_print(const char *s)
     }
 }
 
-#define FILLER_SIZE (100 * 1024)
+#ifdef WOLFBOOT_TEST_FILLER
+#define FILLER_SIZE (64 * 1024)
 static volatile uint8_t filler_data[FILLER_SIZE] = { 0x01, 0x02, 0x03 };
+#endif
 
 void main(void)
 {
@@ -377,7 +379,9 @@ void main(void)
     if (FIRMWARE_A)
         ld3_write(LED_INIT);
 
+#ifdef WOLFBOOT_TEST_FILLER
     filler_data[FILLER_SIZE - 1] = 0xAA;
+#endif
     /* LED Indicator of successful UART initialization. SUCCESS = ON, FAIL = OFF */
     if (uart_setup(115200) < 0)
         ld2_write(LED_OFF);

test-app/startup_arm.c

@@ -63,6 +63,12 @@ extern void main(void);
 
 void isr_reset(void) {
     register unsigned int *src, *dst;
+
+#if defined(WOLFBOOT_TIME_TEST) && defined(TARGET_stm32h5)
+    extern void boot_time_pin_on_early(void);
+    boot_time_pin_on_early();
+#endif
+
     src = (unsigned int *) &_stored_data;
     dst = (unsigned int *) &_start_data;
     while (dst < (unsigned int *)&_end_data) {

tools/scripts/benchmark.sh

@@ -1,34 +1,12 @@
 #!/bin/bash
 #
 function run_on_board() {
-    # GPIO2: RST
-    # GPIO3: BOOT (input)
+    # GPIO2 (pin 27): RST (output) -- connected to STM32H5 NRST
+    # GPIO4 (pin 16): BOOT (input) -- connected to STM32H5 PA14
 
-    if ! (st-flash reset &>/dev/null); then
-        echo -n "No data."
-    else
+    openocd  -f board/st_nucleo_h5.cfg -c "reset_config connect_assert_srst; init; program wolfboot.bin 0x08000000; program test-app/image_v1_signed.bin 0x08060000; shutdown" &>/dev/null
     sleep 1
-        st-flash --connect-under-reset write factory.bin 0x8000000 &>/dev/null
-        sleep .2
-    echo "2" > /sys/class/gpio/export 2>/dev/null
-    echo "out" > /sys/class/gpio/gpio2/direction
-        echo "1" > /sys/class/gpio/gpio2/value # Release reset
-        echo "0" > /sys/class/gpio/gpio2/value # Keep reset low
-        sleep 1
-    echo -n " | "
-        echo "1" > /sys/class/gpio/gpio2/value # Release reset
-    START=`date +%s.%N`
-    while (test `cat /sys/class/gpio/gpio4/value` -eq 0); do
-       sleep .01
-    done
-    while (test `cat /sys/class/gpio/gpio4/value` -eq 0); do
-       sleep .01
-    done
-    END=`date +%s.%N`
-    echo "scale=3; $END/1 - $START/1 "| bc
-    echo "in" > /sys/class/gpio/gpio2/direction
-    echo "2" >/sys/class/gpio/unexport 2>/dev/null
-    fi
+    python3 tools/scripts/boot-time.py
 }
 
 function set_benchmark {
@@ -37,16 +15,16 @@ function set_benchmark {
     CONFIG=$@
     # Name
     echo -n "| "
-    echo -n $NAME
+    echo -n "$NAME"
     echo -n " | "
     # Configuration
     echo -n $CONFIG | tr -d '\n'
     echo -n " | "
     make clean &>/dev/null
     make keysclean &>/dev/null
-    make $@ &>/dev/null || make $@ factory.bin
-    make $@ stack-usage &>/dev/null
-    make $@ image-header-size &>/dev/null
+    make WOLFBOOT_TEST_FILLER=1 WOLFBOOT_TIME_TEST=1 $@ &>/dev/null
+    make WOLFBOOT_TEST_FILLER=1 WOLFBOOT_TIME_TEST=1 $@ stack-usage &>/dev/null
+    make WOLFBOOT_TEST_FILLER=1 WOLFBOOT_TIME_TEST=1 $@ image-header-size &>/dev/null
     # Bootloader size
     echo -n `ls -l wolfboot.bin | cut -d " " -f 5 | tr -d '\n'`
     echo -n " | "
@@ -55,20 +33,21 @@ function set_benchmark {
     echo -n " | "
     # Image header size
     cat .image_header_size | tr -d '\n'
+    # Application size
+    echo -n " | "
+    echo -n `ls -l test-app/image.bin | cut -d " " -f 5 | tr -d '\n'`
     # Boot time
+    echo -n " | "
     run_on_board 2>&1 | tr -d '\n'
     echo " |"
 }
 
-echo "4" > /sys/class/gpio/export 2>/dev/null
-echo "2" > /sys/class/gpio/unexport 2>/dev/null
 make keytools &>/dev/null
-cp config/examples/stm32h7.config .config
-echo "in" > /sys/class/gpio/gpio4/direction
-# Output benchmark results in a Markdown table
-echo "| Name | Configuration | Bootloader size | Stack size | Image header size | Boot time |"
-echo "|------|---------------|-----------------|------------|-------------------|-----------|"
+cp config/examples/stm32h5-no-tz.config .config
 
+# Output benchmark results in a Markdown table
+echo "| Name | Configuration | Bootloader size | Stack size | Image header size | Application size | Boot time |"
+echo "|------|---------------|-----------------|------------|-------------------|------------------|-----------|"
 
 set_benchmark "SHA2 only" SIGN=NONE
 set_benchmark "SHA384 only" SIGN=NONE HASH=SHA384
@@ -97,4 +76,3 @@ set_benchmark "LMS 1-10-8" SIGN=LMS LMS_LEVELS=1 LMS_HEIGHT=10 LMS_WINTERNITZ=8
 set_benchmark "XMSS-SHA2_10_256'" XMSS_PARAMS='XMSS-SHA2_10_256' SIGN=XMSS IMAGE_SIGNATURE_SIZE=2500 IMAGE_HEADER_SIZE=8192
 set_benchmark "ML_DSA-65 hybrid with ECDSA384" SIGN=ML_DSA ML_DSA_LEVEL=3 IMAGE_SIGNATURE_SIZE=3309 IMAGE_HEADER_SIZE=8192 SIGN_SECONDARY=ECC384 WOLFBOOT_UNIVERSAL_KEYSTORE=1
 set_benchmark "ML_DSA-87 hybrid with ECDSA521" SIGN=ML_DSA ML_DSA_LEVEL=5 IMAGE_SIGNATURE_SIZE=4627 IMAGE_HEADER_SIZE=12288 SIGN_SECONDARY=ECC521 WOLFBOOT_UNIVERSAL_KEYSTORE=1
-