Since `tfm_merged.bin` now contains BL2, it can only be used for the
same purposes as `tfm_merged.hex` (intial firmware loading). Therefore
it should be using the confirmed images that `tfm_merged.hex` does.
Since the only difference between the two files with that change is now
the output format, we can directly generate `tfm_merged.bin` from
`tfm_merged.hex` with `objcopy` instead of going through `mergehex.py`.
Signed-off-by: Jordan Yates <jordan@embeint.com>
Generate a binary version of `tfm_s_zephyr_ns_signed.hex` with objcopy.
This file is valid for performing OTA upgrades, unlike `tfm_merged.bin`,
which contains BL2.
Signed-off-by: Jordan Yates <jordan@embeint.com>
`S_NS_CONFIRMED_HEX_FILE` was never generating a confirmed file, just
the same file contents as `S_NS_HEX_FILE`. Since no logic needs a
confirmed merge of `tfm_s.hex` and `zephyr.hex`, just remove the logic
instead of fixing it.
Signed-off-by: Jordan Yates <jordan@embeint.com>
Recent versions of the HAL rely on interpreting the HFRCO frequency
selection as a plain integer in preprocessor comparisons. The
adaptation layer in Zephyr created a C expression that was not
possible to evaluate by the preprocessor. Simplify the logic to
directly passing the devicetree value to the driver.
This slightly changes the behavior of the code by no longer accepting
arbitrary frequencies and mapping them to the closest HFRCO band.
However, the binding documentation already states that the frequency
should match the band.
Signed-off-by: Aksel Skauge Mellbye <aksel.mellbye@silabs.com>
Configuring the region domain while SAP is enabled may lead to instability
in SAP's state and functionality. This change ensures the region domain
is not set when SAP is active.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Check the address family of the packet before passing it to a ICMP
handler, to avoid scenarios where ICMPv4 packet is paseed to a ICMPv6
handler and vice versa.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
SL_CODE_CLASSIFY() is a macro used by the upstream Simplicity SDK to mark
time sensitive functions (in order to relocate them in RAM). This macro
place the function in specific sections. So build scripts can identify
them.
However, Wiseconnect is not able to leverage this feature. Worse, this
mechanism conflict with gen_relocate_app.py and zephyr_code_relocate(). So,
we really need to disable this mechanism for Wiseconnect on Zephyr.
Fortunately, SLI_CODE_CLASSIFICATION_DISABLE allow to disable
SL_CODE_CLASSIFY().
Note that on Simplicity SDK, these macro also conflict with
zephyr_code_relocate(). However, the mechanism is officially supported by
Simplicity SDK and we could leverage the feature for the on going support
of Series-3.
Signed-off-by: Jérôme Pouiller <jerome.pouiller@silabs.com>
This commit fixes a bug which occurred when a socket was closed.
It was observed when multiple attempts to obtain dataset using ephemeral
key were performed. Failure was seen starting with attempt number 2,
incoming packets were not processed.
In a open-close-open scenario, incoming traffic was dropped, most likely
because there was stale data in the corresponding socket service
structure.
By calling, `net_socket_service_register` after a socket in closed, the
problem was resolved, and data shown in `net sockets` cli command is now
updated and correct.
Signed-off-by: Cristian Bulacu <cristian.bulacu@nxp.com>
`ZVFS_OPEN_ADD_SIZE_NRF70_ENABLE_DUAL_VIF` should only exist in the
build if `NRF70_ENABLE_DUAL_VIF`, not for every application in tree.
Signed-off-by: Jordan Yates <jordan@embeint.com>
The fix resolves the drift test failure as part of kernel
timer behaviour and timer api test suite.
Moved sleeptimer-related source files to RAM using zephyr_code_relocate
when CONFIG_SILABS_SISDK_SLEEPTIMER is enabled, and removed duplicate
listing from PMGR backend.Updated Kconfig to select SRAM_VECTOR_TABLE
and CODE_DATA_RELOCATION_SRAM for the sleeptimer service.
Signed-off-by: S Mohamed Fiaz <Fiaz.Mohamed@silabs.com>
Fix the following building warning:
modules/lvgl/lvgl_shell.c:62:41: warning: format '%u' expects argument
of type 'unsigned int', but argument 3 has type 'size_t' {aka 'long
unsigned int'} [-Wformat=]
Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com>
It might happen that some boards have "zephyr,entropy" node set, but under
the hood the driver is not available (ex: entropy_bt_hci not being
available because CONFIG_BT_HOST is not enabled in the build).
This commit changes the behavior so that:
1. if "zephyr,entropy" is set in the DT then CONFIG_CSPRNG_AVAILABLE get
enabled;
2. CONFIG_CSPRNG_AVAILABLE selects CONFIG_ENTROPY_GENERATOR
3. if there really is a driver available then CONFIG_ENTROPY_HAS_DRIVER
will be enabled by that driver;
4. CONFIG_ENTROPY_HAS_DRIVER selects CONFIG_CSPRNG_ENABLED;
4. Mbed TLS can consume the CONFIG_CSPRNG_ENABLED information to
decide whethere to enable CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG or
the legacy CONFIG_MBEDTLS_PSA_CRYPTO_LEGACY_RNG.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This is to preserve backward compatibility until the deprecation period of
the old names expires. After that time entries from that file can be
removed.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
When CONFIG_TFM_MCUBOOT_IMAGE_NUMBER is 1, all images are merged.
Currently, there is no tfm_merged.bin file for use in FOTA. This
adds file generation to fulfill that requirement.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
When CONFIG_TFM_MCUBOOT_IMAGE_NUMBER is 1, the process to create the
final tfm_merged.bin file is more complex. This prepares the content
to introduce the generation of tfm_merged.bin for use in FOTA
applications.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
Use cmake_parse_arguments() for more idiomatic code. This makes the
code more readable and easier to extend with new options.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
A fundamental use of Trusted Firmware-M is to provide security for
IoT applications, where firmware upgrades (FOTA) are almost always
mandatory. The current file signing process does not produce the
necessary binaries for multi-image S/NS FWU, since hex images are
not suitable for this use case. This introduces the missing signed
binary files for use by the FWU partition. The changes were tested
in multi-image FWU scenarios, and support for single-image scenarios
can be easily added in the future.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
Make variables that define output files explicitly include 'HEX' in the
name. This refactoring step allows for the introduction of BIN file
generation.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
The current behavior when signing an image adds --pad but does not
confirm the image. This appears to be a mistake, as the user should
inspect the image status in the Firmware Upgrade software. If an image
is not --confirmed, the FSM cannot infer the correct states. This sets
the image as confirmed to resolve the issue.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
The current behavior when signing an image is to always set --pad and
--pad-header for all images unless TFM_USE_NS_APP is set. This does not
allow for easy creation of signed images for FOTA applications. Rewrite
the PAD parameter as HEADER and TRAILER to simplify the setup of more
signing options.
Another important reason for this change is that the NS image, when
signed without --pad, runs on the hardware but does not perform the
MCUboot test, and the FWU never upgrades the image. This fixes the NS
image signing process to correctly support TF-M FWU using the PSA API
functions.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
The --max-sectors option helps catch problems with flash overlap when
merging images. If there is a misalignment in flash partitions, the
merge process usually fails. This uses information from Zephyr flash
partitions and the flash controller to automatically determine the
max sectors value and apply it when signing an image.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
The current version of TF-M script that sign MCUboot image uses a
default alignment of 1. This value varies between flash devices
and not all accept the default 1. This improve the script picking
the write-block-size property from the current flash controller
and pass as the --align parameter when signing an image.
Note: This solution works out-of-box for the vast majority of
devices in the Zephyr tree and an exception will throw when
a device is not supported.
Signed-off-by: BUDKE Gerson Fernando <gerson.budke@leica-geosystems.com>
Removes two Kconfig which seemed to indicate downloading of a
project would happen automatically, which does not abide by how
to get additional module code in Zephyr. Due to TF-M always setting
these to "DOWNLOAD" in the repo, they are set even if the modules
do not exist so that they do not download e.g. in CI. Unfortunately
it seems that the qcbor one cannot be removed at this time due to
being needed in some applications and is not apache licensed,
though instructions should be provided to users instead describing
how to add it to a module manifest instead, in a later task
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
*Adds AutAnalog related files to the cmakeu list and adding KConfig
definitions for AutAnalog and AutAnalog SAR ADC.
*Updates hal_infineon in west manifest.
*Updates infineon_kconfig.h to prevent multiple declarations of defines.
Signed-off-by: John Batch <john.batch@infineon.com>
Add bindings for the power related modules. Use the bindings
Kconfig to pull in SDK drivers for cmc, spc, vbat and wuu.
Signed-off-by: Mahesh Mahadevan <mahesh.mahadevan@nxp.com>
*Removes a reference to kit_pse84_eval from modules cmake file. These
includes aren't board specific.
*Removes reference to non-secure M33, which aren't currently supported.
Signed-off-by: John Batch <john.batch@infineon.com>
