meowth_fp: put fingerprint code in RW only

Configure the fingerprint to be compile only in the RW partition for
size reason, and keep the RO for firmware update only.

Enable the RW signature to jump automatically to RW.
The dev key was generated with the following command:
openssl genrsa -3 -out board/meowth_fp/dev_key.pem 3072

Enable the new STM32H7 internal flash support along the way.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>

BRANCH=none
BUG=b:72360575
TEST=run on ZerbleBarn and see the firmware jumping to RW,
then run 'fptest' console command and get a proper capture.
CQ-DEPEND=CL:*552559

Change-Id: Icc894b8a59b255b4c6a139f177e99d0fde7c4e19
Reviewed-on: https://chromium-review.googlesource.com/880955
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Nicolas Boichat <drinkcat@chromium.org>

board/meowth_fp/board.c

@@ -15,6 +15,12 @@
 
 #include "gpio_list.h"
 
+#ifndef HAS_TASK_FPSENSOR
+void fps_event(enum gpio_signal signal)
+{
+}
+#endif
+
 /* SPI devices */
 const struct spi_device_t spi_devices[] = {
 	/* Fingerprint sensor (SCLK at 4Mhz) */

board/meowth_fp/board.h

@@ -13,6 +13,8 @@
 #define CONFIG_UART_CONSOLE 1
 #define CONFIG_UART_TX_DMA
 #define CONFIG_UART_TX_DMA_PH DMAMUX1_REQ_USART1_TX
+#undef CONFIG_UART_TX_BUF_SIZE
+#define CONFIG_UART_TX_BUF_SIZE 2048
 
 /* Optional features */
 #undef CONFIG_ADC
@@ -23,24 +25,40 @@
 #undef CONFIG_LID_SWITCH
 #define CONFIG_MKBP_EVENT
 #define CONFIG_PRINTF_LEGACY_LI_FORMAT
+#define CONFIG_SHA256
+#define CONFIG_SHA256_UNROLLED
 #define CONFIG_SPI
 #define CONFIG_STM_HWTIMER32
 #undef CONFIG_TASK_PROFILING
 #define CONFIG_WATCHDOG_HELP
 #define CONFIG_WP_ALWAYS
 
-/* Temporary */
-#undef CONFIG_FLASH
-#undef CONFIG_FLASH_PHYSICAL
-
-#define CONFIG_CMD_FLASH
-
 /* SPI configuration for the fingerprint sensor */
 #define CONFIG_SPI_MASTER
 #define CONFIG_SPI_FP_PORT  2 /* SPI4: third master config */
+#ifdef SECTION_IS_RW
 #define CONFIG_FP_SENSOR_FPC1145
 #define CONFIG_CMD_FPSENSOR_DEBUG
+/*
+ * Use the malloc code only in the RW section (for the private library),
+ * we cannot enable it in RO since it is not compatible with the RW verification
+ * (shared_mem_init done too late).
+ */
+#define CONFIG_MALLOC
+/* we are doing slow compute */
+#undef CONFIG_WATCHDOG_PERIOD_MS
+#define CONFIG_WATCHDOG_PERIOD_MS 10000
 
+#else /* SECTION_IS_RO */
+/* RO verifies the RW partition signature */
+#define CONFIG_RSA
+#define CONFIG_RSA_KEY_SIZE 3072
+#define CONFIG_RSA_EXPONENT_3
+#define CONFIG_RWSIG
+#endif
+#define CONFIG_RWSIG_TYPE_RWSIG
+
+#define CONFIG_CMD_FLASH
 #define CONFIG_CMD_SPI_XFER
 
 #ifndef __ASSEMBLER__

board/meowth_fp/dev_key.pem

@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4wIBAAKCAYEAoxINZU5fQAiABFm4xT83HUQx/WvRlyZ3ZfRqTyMlMxw7U0cU
+DEw7fOY0oj20bkpmVJRfwkm4k7BwOuTt3nl5UuKgeztL4gW+h++ptIIzfT2/a4KL
+BnHsuNfgXZ+yzJ5RSKlJwVOibJr5CNfsmESX4Lwe3LudFc7iE/yfgsOyU/9Ha/jB
+mgLywyWObwpfAt+viOCIF4mYeEI5bLpDHqwk6EnEq0jWaNpcEsLA/twhDf2Qxc7I
+7Zds3f6C3iA1N/d0Zmva4UvdAGnFzQlq9mmgnCenIjwEb4jxqcFXaMgk88jkcheY
+q7MQANRt+iYOX2MiUNtigUoDoJTMBiV3bRs47sSiH+lS6hZHdOsmjMyF30bV5IJD
+k+x1Zoxsd2jYR1PXgxZ+pxLoKx/m9KIV8onbqgl0Jx4+JkABH5eYp/KAhObCenLS
+CySFi7OLbi915yydzFJ3C34pgWVN077GVCXGqglxDcNMacqXqHCwOUoNuAGXjxyF
+XH33G9a/TJDzQhZFAgEDAoIBgGy2s5je6iqwVVg70IN/ehOCy/5H4Q9u+kP4Rt9s
+w3doJ4zaDV2IJ6iZeGwpIvQxmY24P9bb0GJ1oCdDST77pjdBwFInh+wD1FqfxnhW
+zP4pKkesXK72ndCP6ukVId2+4NsbhoDibEhnULCP8xAtupXSvz3SaLk0lrf9v6yC
+duKqL51QgRFXTIIZCZ9cP1c/yltAWrpbuvrW0PMm12nIGJrb2HIwjvCRkrcsgKno
+FglTtdk0hfO6SJP/AelqziVPod5DxP4Gcws0JWnWjIKtYmNpIrI/sfVD29DNLYYS
+Pn1Vgxi5UcwfEbcxkwxMKoJOUb1WSPkvjpQTlQUPiBLX3sLpLvxaOVrEjNXy+V13
+Jl7bc2dGbDIsQMXkFiodTHsqwAq1diFOUL9oE6VeES2hmX63f7lHSXMb92phmvs4
+BylzoTK64ew8oUkufLTX/ys0LGiGvPXCrdfDxdsO2Rx90XB5YPcvvQKge0eCfDck
+kCX4C/6j7V3y/nS5GzpLCFshqwKBwQDVaKdjlpzAKKu+hfBRaujZsrgXd2i4LTuI
+r+sclHl4aII0HJbSolsiV8Pc+jcFtvzLDUnSh4Pjza/6qtYF0q3fxAXQCmBAq8Xc
+AF2sYmZJmMT4OajMS0LG7nhYgm5OpXpyvgc+ndBnDtqXVPQy/wpo8dBV8G1QtXbj
+OsvrTeQ8ZaFcUA4jOuyz+VNpONOUzvxx/jVwuEDVl7xB5/6TayNbCrecqd6CsSur
+S3Z21lelrCV/CjIJqkPZQlgwsKE31CUCgcEAw52MAKuTr3Lh78Gn4PqkLVc6/2UQ
+x3XsZ92oAxhNv2AdmOUHJuIaS7JNirmXljaq6cyrOPsp3qm8g+NVSwS86qLV1Vec
+oUOuV/5S1DdmB2Tj0V74fF7RdsfS37p3P+49AEhGNn+epPTu5UAH+xhrAwRkO0Li
+qOCXHMpkQ9CRilOvUgpxBY6m6fR89bKjkY9evYomKiHj6CfoyUCCFf3pJkin/lHS
+YyizEeF/b7zd2WFgEhxvRec1k36+RG/FgY+hAoHBAI5FxO0PEyrFx9RZSuDx8JEh
+0A+k8HrI0lsf8hMNplBFrCK9ueHBkhblLT38JK55/dyzhoxaV+0zyqccjq6Mc+qC
+roqxlYByg+gAPnLsRDEQg1AmcIgyLISe+uWsSYnDpvcpWim+iu9fPGTjTXdUsZtL
+4DlK84sjpJd8h/Iz7X2ZFj2KtBd8nc1Q4kYl4mM0qEv+zkslgI5lKCvv/wzyF5IH
+JRMb6ax2HRzc+aSO5RkdblSxdrEcLTuBkCB1wM/iwwKBwQCCaQgAcmJ090FKgRqV
+/G1zj3yqQ2CE+UhFPnACEDPU6r5l7gTElrwydt5ce7pkJHHxMxzQp3E/G9MCl44y
+AyicbI6OOmhrgnQ6qYyNekQE7e02P1BS6eD52oyVJvoqntNVhYQkVRRt+J9DgAVS
+EEdXWELSLJcbQGS93ELX4GEG4nThXEtZCcSb+FNOdxe2X5R+XBlxa+1Fb/CGKwFj
+/ptu2xqpi+GXcHdhQP+f0z6Q65VhaEoumiO3qdQtn9kBCmsCgcEA0/VwBz03FMcv
+2SM6zDbL2Kf4PnnLJuDHFzItWH8smrBNVfOOuJ5KGhuIHAAJxaQoWBxeYeaPPqme
+5rQRl58XEb5h3FswAKPx2U77NUROtObOVffV5Tid1E+iBQYhlUUkxtE5b+Said3u
+LqkP8K5n1ai2xuvHusuL6vcp/5T+WrSG5GDiGU+27c2Uf/NePbFYggLl3P9rmDM8
+/1xGGpxMGV2OrOhXtPk7LykEdJRuN+7YhNX5dW1LwWcicOLkFVOG
+-----END RSA PRIVATE KEY-----

board/meowth_fp/ec.tasklist

@@ -18,6 +18,6 @@
  */
 #define CONFIG_TASK_LIST \
 	TASK_ALWAYS(HOOKS, hook_task, NULL, LARGER_TASK_STACK_SIZE) \
-	TASK_ALWAYS(FPSENSOR, fp_task, NULL, 4096) \
+	TASK_ALWAYS_RW(FPSENSOR, fp_task, NULL, 4096) \
 	TASK_ALWAYS(HOSTCMD, host_command_task, NULL, LARGER_TASK_STACK_SIZE) \
 	TASK_ALWAYS(CONSOLE, console_task, NULL, LARGER_TASK_STACK_SIZE)