Boot 151 Rebuild V20
It comes with a blazing fast 32 bit ARM Cortex processor, the latest TMC 2209 silent stepper drivers for ultra quiet performance and pre-loaded with Marlin 2.0 firmware. No need to flash a bootloader or tinker with settings, just hook it up, turn it on and start 3D Printing.
Boot 151 Rebuild V20
By default, the application is built as a binary file in a format compatible withthe ESP-IDF bootloader. In addition to this application, 2nd stage bootloader isalso built. Application and bootloader binaries can be written into flash andloaded/executed from there.
If this option is enabled, and VDDSDIO LDO is set to 1.8V (using eFuseor MTDI bootstrapping pin), bootloader will change LDO settings tooutput 1.9V instead. This helps prevent flash chip from browning outduring flash programming operations.
The selected GPIO will be configured as an input with internal pull-up enabled.To trigger a test app, this GPIO must be pulled low on reset.After the GPIO input is deactivated and the device reboots, the old application will boot.(factory or OTA[x]).Note that GPIO34-39 do not have an internal pullup and an external one must be provided.
Tracks the execution time of startup code.If the execution time is exceeded, the RTC_WDT will restart system.It is also useful to prevent a lock up in start code caused by an unstable power source.NOTE: Tracks the execution time starts from the bootloader code - re-set timeout, while selecting thesource for slow_clk - and ends calling app_main.Re-set timeout is needed due to WDT uses a SLOW_CLK clock source. After changing a frequency slow_clk atime of WDT needs to re-set for new frequency.slow_clk depends on RTC_CLK_SRC (INTERNAL_RC or EXTERNAL_CRYSTAL).
Verify that this parameter is correct and more then the execution time.Pay attention to options such as reset to factory, trigger test partition and encryption on boot- these options can increase the execution time.Note: RTC_WDT will reset while encryption operations will be performed.
The secure version is the sequence number stored in the header of each firmware.The security version is set in the bootloader, version is recorded in the eFuse fieldas the number of set ones. The allocated number of bits in the efuse fieldfor storing the security version is limited (see BOOTLOADER_APP_SEC_VER_SIZE_EFUSE_FIELD option).
Bootloader: When bootloader selects an app to boot, an app is selected that hasa security version greater or equal that recorded in eFuse field.The app is booted with a higher (or equal) secure version.
Following other reset types, the bootloader will still validate the app image. This increasesthe chances that flash corruption resulting in a crash can be detected following soft reset, andthe bootloader will fall back to a valid app image. To increase the chances of successfully recoveringfrom a flash corruption event, keep the option BOOTLOADER_WDT_ENABLE enabled and consider also enablingBOOTLOADER_WDT_DISABLE_IN_USER_CODE - then manually disable the RTC Watchdog once the app is running.In addition, enable both the Task and Interrupt watchdog timers with reset options set.
This option allows the customer to place data in the RTC FAST memory,this area remains valid when rebooted, except for power loss.This memory is located at a fixed address and is availablefor both the bootloader and the application.(The application and bootoloader must be compiled with the same option).The RTC FAST memory has access only through PRO_CPU.
This option reserves in RTC FAST memory the area for custom purposes.If you want to create your own bootloader and save more informationin this area of memory, you can increase it. It must be a multiple of 4 bytes.This area (rtc_retain_mem_t) is reserved and has access from the bootloader and an application.
This option uses the same app signature scheme as hardware secure boot, but unlike hardware secure boot itdoes not prevent the bootloader from being physically updated. This means that the device can be securedagainst remote network access, but not physical access. Compared to using hardware Secure Boot this optionis much simpler to implement.
If hardware secure boot is enabled, this option is always enabled and cannot be disabled.If hardware secure boot is not enabled, this option still adds significant security against network-basedattackers by preventing spoofing of OTA updates.
Once enabled, Secure Boot will not boot a modified bootloader. The bootloader will only load a partitiontable or boot an app if the data has a verified digital signature. There are implications for reflashingupdated apps once secure boot is enabled.
Please note that, RSA or ECDSA secure boot is property of specific SoC based on its HW design, supportedcrypto accelerators, die-size, cost and similar parameters. Please note that RSA scheme has requirementfor bigger key sizes but at the same time it is comparatively faster than ECDSA verification.
On first boot, the bootloader will generate a key which is not readable externally or by software. Adigest is generated from the bootloader image itself. This digest will be verified on each subsequentboot.
Path to a public key file used to verify signed images.Secure Boot V1: This ECDSA public key is compiled into the bootloader and/orapp, to verify app images.Secure Boot V2: This RSA public key is compiled into the signature block atthe end of the bootloader/app.
If this option is set, ROM bootloader will revoke the public key digest burned in efuse blockif it fails to verify the signature of software bootloader with it.Revocation of keys does not happen when enabling secure boot. Once secure boot is enabled,key revocation checks will be done on subsequent boot-up, while verifying the software bootloader
If not set (default), app partition size must be a multiple of 64KB. App images are padded to 64KBlength, and the bootloader checks any trailing bytes after the signature (before the next 64KBboundary) have not been written. This is because flash cache maps entire 64KB pages into the addressspace. This prevents an attacker from appending unverified data after the app image in the flash,causing it to be mapped into the address space.
If not set (default), and flash encryption is not yet enabled in eFuses, the 2nd stage bootloaderwill enable flash encryption: generate the flash encryption key and program eFuses.If this option is set, and flash encryption is not yet enabled, the bootloader will error out andreboot.If flash encryption is enabled in eFuses, this option does not change the bootloader behavior.
If set (default), in an app during startup code,there is a check of the flash encryption eFuse bit is on(as the bootloader should already have set it).The app requires this bit is on to continue work otherwise abort.
The address of partition table (by default 0x8000).Allows you to move the partition table, it gives more space for the bootloader.Note that the bootloader and app will both need to be compiled with the same PARTITION_TABLE_OFFSET value.
Generate an MD5 checksum for the partition table for protecting theintegrity of the table. The generation should be turned off for legacybootloaders which cannot recognize the MD5 checksum in the partitiontable.
During startup, the eFuses are copied from flash or,in case if flash is empty, from real eFuse to RAM and then update flash.This mode is useful when need to keep changes after reboot(testing secure_boot and flash_encryption).
Normally, if psram initialization is enabled during compile time but not found at runtime, itis seen as an error making the CPU panic. If this is enabled, booting will completebut no PSRAM will be available.
To reduce the startup time of an external RTC crystal,we bootstrap it with a 32kHz square wave for a fixed number of cycles.Setting 0 will disable bootstrapping (if disabled, the crystal may takelonger to start up or fail to oscillate under some conditions).
f5387b7 build: add urandom-seed and urngd to default packages set (+1,-1)fcb41de config: enable some useful features on !SMALL_FLASH devices (+16,-16)88c07c6 toolchain: Add GCC 9.1.0 release (+934,-2)972123f config: regenerate *_shipped sources (+302,-243)75dcaf3 config: fix relational operators for bool and tristate symbols (+4,-1)1fd5053 metadata: ensure one dependency provider to be y if a package is y (+2,-2)0096a1c scripts/config: fix *c_shipped build depency tracking (+4,-4)27a4a71 metadata: handle ABI version rebuild tracking for transient dependencies (+33,-9)83c0ee6 build: fix kernel_*config targets on 4.19 (+1,-1)5ede3fc build: warn when packages have no associated install section (+2)d03ef97 build: remove TARGET_IMAGES_PAD option (+1,-7)469ba33 build: make TARGET_ROOTFS_PARTSIZE 128MiB by default (+1,-1)9c8e0b0 build: enable gzipped images for armvirt and malta (+1,-1)97833a5 build: image: add pad-to and pad-rootfs-squashfs helpers (+10,-2)83d9fb0 build: image: add variable for gzip-ext4-padded-squashfs (+17)62105e5 build: image: add IMG_ROOTFS and IMG_COMBINED variables (+3,-1)ef5b7aa build: image: make image padding OS agnostic (+4,-4)7a1b575 scripts/feeds: add src-include method (+26,-11)fdd0a8d Make linux kernel builds reproducible when BUILDBOT selected (+2)340df72 scripts: time.pl: Don't print the time on stderr (+1,-1)c3e31b6 build: skip kernel stack validation when building on macOS (+4)8c3dbaf ath79: split DEVICE_TITLE in multiple variables (+280,-142)9e57b62 include/package.mk: Add support for src-checkout/ folder (+17,-1)4295485 brcm2708: add linux 4.19 support (+381.8K,-1.8K)fe928c7 build: allow simple build system customization with local.mk (+2)12610a5 Revert "build: allow simple build system customization with local.mk" (-2)e785da8 scripts/dl_github_archive.py: convert to Python 3 with 2-to-3 (+5,-5)57bb89b scripts/jungo-image: convert to Python 3 with 2-to-3 (+26,-26)19938c8 build: switch to Python 3 (+12,-5)3b68fb5 build: cleanup possibly dangling Python 2 host symlink (+14)5cf8977 autotools.mk: autoreconf: fix missing install-sh (+3,-1)c6d41c3 scripts/ubinize-image.sh: fix buildbot breakage (+1,-1)e545fac build: include BUILD_VARIANT in PKG_BUILD_DIR (+2,-23)f565f27 config: introduce separate CONFIG_SIGNATURE_CHECK option (+6,-2)6fa0e07 build: allow overriding the filename on the remote server when downloading (+1)363ce43 build: use config.site generated by autoconf-lean, drop hardcoded sitefiles (+1,-535)7ec092e Revert faulty tree push (+536,-2.8K)4540215 build: add buildinfo files for reproducibility (+10,-4)dfe9964 image.mk: remove device_ from manifest filename (+1,-1)7546be6 build: allow overriding default selection state for devices (+7,-2)7e5a0da build: fix indent in image-commands.mk (+1,-1)b39ded4 u-boot.mk: use openwrt url instead of lede project (+1,-1)0f36678 download.pl: use (+1,-2)1640379 scripts/dl_github_archive.py: fix python3 transition (+5,-4)4ee3cf2 build: introduce ALT vendor/model/variant (+34,-2)58aab73 image.mk: keep underscores when sanitize PROFILE (+1,-1)775b70f scripts/feeds: allow adding parameters to feeds (+30,-18)1c0290c build: remove harmful -nopad option from mksquashfs (+1,-1)035906f Fix handling of BUILD_SUFFIX in remote-gdb script (+4,-4)a21b70b scripts/feeds: fix 'src-include' directive (+1,-1)fe43969 include: kernel-build: pass pkg-config overrides to kernel build (+6)f11d90a Revert "build: remove harmful -nopad option from mksquashfs" (+1,-1)083bb9b config: kernel: add KERNEL_X86_VSYSCALL_EMULATION (+18)4f94a33 config: kernel: remove KERNEL_LXC_MISC (+22,-33)7cc22d7 config: kernel: only enable container features if !SMALL_FLASH (+2,-2)ee76bd1 images: fix boot failures on NAND with small sub pages (+60,-16)a75801c build: install-dtb: fix race condition when copying dtb (+7,-4)d5cd80a scripts/feeds: fix accepting "-" in feed type string (+1,-1)60eb0e8 scons: move to packages feed (+1,-85)18dc533 download.dl: fix @KERNEL mirror urls (+4,-4)205e093 build: make device tree arg really optional in mkits.sh (+4,-5)8cb13f4 rootfs.mk: ensure all timestamp are set to SOURCE_DATE_EPOCH (+1)61c57af build: set TARGET_ROOTFS_PARTSIZE to make combined image fit in 128MB (+1,-1)965f341 build: fix host menu config targets using ncurses (+11,-3)b2c55d5 build: fix xconfig target (+1,-1)e78c1ba rules: allow arbitrary log destination (+8,-1)881ed09 build: create JSON files containing image info (+90,-1)5f8e587 build: force disable stack validation during kernel build on non-linux systems (+2,-1)4791afa kernel-defaults: ensure SOURCE_DATE_EPOCH on /init (+1)b204fcd target/imagebuilder: use multi-thread support for xz compression (+2,-1)bd4d3cd toolchain,build: prefer -ffile-prefix-map for gcc-8+ (+9,-9)419eff5 config: remove unused GCC_VERSION_4_8 config symbols (-2)4ed356f kernel.mk: add KCFLAGS to make kmods reproducible (+1)46a1291 build: adjust gcc/g++ version checks for newer apple compilers (+2,-2)6caf437 build: add buildinfo as single Makefile target (+4,-1)9bb5dac build: fix seq host tool check (+2,-2)f46a4a9 image: add magic number option for append-uImage-fakehdr (+5,-2)4a45e69 build: separate signing logic (+27,-15)2ae5100 build: add script to sign packages (+27)02330a6 build: call Host/Uninstall before wiping the host build dir (+1,-1)f4aaee0 Revert "build: separate signing logic" (+15,-27)b81cee8 build: have scripts/feeds honor all toplevel .mk-files of a feed (+7,-4)d22c175 netfilter: fix NAT packaging with kernels 5.2+ (+2,-1)1f0063b rules.mk: remove "$(STAGING_DIR)/include" (+2,-2)5625a02 ubinize-image: set image sequence from SOURCE_DATE_EPOCH (+9,-1)66ebca7 build: label kernel and rootfs ext4 volumes (+3,-3)d26738b scripts/dl_github_archive.py: fix python3 str, bytes confusion (+2,-2)0fb23d6 build: image: fix build breakage of some images (+1)98d1c7d build: image: add common and reproducible IMG_PART_SIGNATURE variable (+1)dfd8c45 build: image: posix compatibility cut v head (+2,-2)f962e02 kernel-build: fix kernel_menuconfig breakage by forcing YACC (+1)c001ace build: prereq: simplify Python 3 version checks (+6,-6)2066ee0 build: prereq: add support for Python 3.8 (+2)09c428e build: add PKG_SOURCE_URL_FILE support (+1)74acc16 kernel-build: ignore runtime config options during reconfig (+3,-1)5f68333 config: kernel: fix typo in HFSPLUG_FS_POSIX_ACL (+1,-1)bc3783d build: image: add SOC device variable (+2,-1)dc34c69 scripts/dowload.pl: add archive.apache.org to apache mirror list (+1)856ea2b libcxx: Add package (+94,-2)383abff cmake: Install host packages to lib instead of lib64 (+1)fb19fb8 libcxx: Depenency fixes (+5,-4)2e14dd2 scripts/gen_image_generic.sh: remove $ in arithmetic (+1,-1)3f65fe5 scripts/gen_image_generic.sh: replace deprecated backticks with $() (+1,-1)eae889b scripts/strip-kmod.sh: replace legacy backticks with $() (+1,-1)f4b812d scripts/strip-kmod.sh: use sh instead of bash (+1,-1)ec0fb23 scripts/strip-kmod.sh: harmonize leading whitespaces (+1,-1)543d945 scripts/symlink-tree.sh: use /bin/sh (+1,-1)9a8ba44 scripts/mkits.sh: replace legacy backticks with $() (+2,-2)dec46a9 scripts/gen-dependencies.sh: replace backticks with $() (+2,-2)33f87d2 scripts/gen-dependencies.sh: use /bin/sh (+1,-1)2fe5319 scripts/env: use explicit find location (+1,-1)995378a scripts/env: replace -a and -o with &&/ (+5,-5)e37e2f0 scripts/arm-magic.sh: switch to /bin/sh (+1,-1)9b0e8d0 treewide: move mktplinkfw to tplink-v1-image in image-commands.mk (+41,-82)97940f8 kernel: remove obsolete kernel version switches (+69,-113)8b86ddf netfilter: add back nft_hash (+1)19cbac7 buildsystem: Make PIE ASLR option tristate (+26,-5)0e05093 netfilter: package required kmods for nftables (+15,-13)44304c1 base-files: fix build for /sbin/pkg_check (+3,-3)f0b76d0 build: define check-kernel-size to remove unflashable images (+7)c26b687 kernel: remove further obsolete kernel version switches (+10,-26)eec50c7 build: Add KBUILD_HOSTLDLIBS (+1)73f3ad1 build: fix empty SUBTARGET in json files (+1,-1)7d7aa2f brcm2708: rename target to bcm27xx (+45,-45)d9b043c build: Add option KERNEL_UBSAN (+42)431594a build: Add option KERNEL_KASAN (+54)947d2e0 build: Add KCOV kernel code coverage for fuzzing (+33)b951f53 build: Add additional kernel debug options (+78)2299808 base-files: add all buildinfo with INCLUDE_CONFIG (+4,-2)0fad8af kernel: Include xt_MASQUERADE for kernel 5.2 and later (+2,-1)69d179e kernel: Use new symbol to deactivate MIPS FPU support (+5)4d87963 build: add xargs as prerequisite (+5)dddcff2 build: Remove STAGING_DIR_HOST references for InstallDev/UninstallDev (+3,-3)f96cfe0 build: Fix directory symlinks not removed when cleaning STAGING_DIR (+1,-1)a5100a0 build: simplify gnu-getopt search (-1)0c4d91f build: clean menuconfig utility as part of dirclean (+1)90daff4 build: image: move IMAGE_SIZE to image.mk (+7,-9)ec5e846 x86: make crashdump works (+33,-1)cb007a7 x86: switch image generation to new code (+126,-121)33cc7e7 x86:</