In Mbed Studio, debugging, based on pyOCD, requires Mbed OS application code starting on the sector boundary.
Modification list:
1. Update TF-M import assets with MCUboot header padding to sector aligned
2. Following above, change header size argument (-H) in wrapper.py command line
3. Following below, fix min-write-size (--align) to 4 (per flash_area_align()) in wrapper.py command line
https://docs.mcuboot.com/design.html#image-trailer
Related issue:
https://github.com/ARMmbed/mbed-os/issues/15417
Due to post-build script not supporting custom board, both the below UART configurations are enabled on NuMaker-IoT-M2354 board:
- UART0 PA7/PA6 enabled by bl2.bin
- UART0 PB9/PB8 enabled by tfm_s.bin and later by mbed
Both PA7/PA6 and PB9/PB8 enabled on UART0, PB8 gets disturbed and stdin mis-behaves on NuMaker-IoT-M2354 board.
NuMaker-M2354 : UART TX/RX = UART0 PA7/PA6
NuMaker-IoT_M2354 : UART TX/RX = UART0 PB9/PB8
This bugfix tries to enable post-build for custom board to some degree (not completely), with Mbed CLI.
NOTE: For Mbed CLI, the build process still sees NuMaker-M2354's partition/ and applies its mcuboot build options. Custom board must align on these.
1. In TF-M, fix NSPE interrupt-disabled NSC call broken. Check:
https://developer.trustedfirmware.org/T966
2. In TF-M, enable mcuboot log enabled forcibly. This is to help check firmware update process.
3. Update readme and script
Change MCUboot image versioning to meet requirements below:
1. Major.Minor.Revision must be non-decremental when used to derive security counter (-s 'auto').
2. Make Major.Minor.Revision+Build incremental to identify the firmware itself through psa_fwu_query().
3. Get around MCUboot failure with TF-M underestimated MAX_BOOT_RECORD_SZ
1. Change from single image boot to multiple image boot
2. SDH is configured to Secure for placing update firmware. It becomes inaccessible to Mbed.
3. Post-build script supports both multiple image boot and single image boot
4. Update readme to reflect above change
5. Increase forced_reset_timeout due to longer booting time for Greentea test
1. Configure non-secure target name to NU_M2354 (targets/targets.json). No NU_M2354_NS alias
2. Following template target, enable image signing and concatenating in post-build process
(1) Add post-build script (tools/targets).
(2) Enable TF-M custom build by centralize relevant stuff imported from TF-M (COMPONENT_TFM_S_FW).
3. Add M2354Code.merge_secure into whitelist of uvision6 (tools/export/uvision/__init__.py).
4. Add M2354 CMSIS pack database (tools/arm_pack_manager/index.json).
5. Configure stdio baudrate to 115200 to match TF-M port (platform/mbed_lib.json).
6. Define CMSIS_NVIC_VIRTUAL to override NVIC_SystemReset with TF-M version (cmsis_nvic_virtual.h).
7. Override tfm_ns_interface_xxx(...) to enable NS secure call:
(1) At pre-rtos stage
(2) In SVC context
8. Implement secure function call with tfm_platform_ioctl(...).
9. Combine stddriver_secure.h/c and hal_secure.h/c into platform_extra_secure.h/c.
10. Fix peripheral base to non-secure (PeripheralNames.h) (TrustZone-unaware since Mbed OS 6.0).
11. Fix NU_PORT_BASE/NU_GET_GPIO_PIN_DATA/NU_SET_GPIO_PIN_DATA to non-secure (PinNamesCommon.h) (TrustZone-unaware since Mbed OS 6.0).
12. NSC convention for StdDriver sys/clk (both TF-M and Mbed must follow)
(1) SYS_ResetModule
Usage: Replaced with SYS_ResetModule_S on Mbed OS
Action: Make it inaccessible from Mbed (neither source nor NSC). Provide SYS_ResetModule_S on Mbed via platform ioctl instead.
(2) CLK_GetXxx
Usage: Called in bpwm/i2s/qspi/sc/sdh and system_M2354 on Mbed OS
Action: Make them inaccessible from Mbed (neither source nor NSC). Re-provide them on Mbed via platform ioctl instead.
13. Remove DISABLE/ENABLE macro definitions in BSP to avoid name conflict with other modules
14. Change to TMR4/5 from TMR2/3 for implementing us_ticker/lp_ticker because TMR2 is used for TF-M NSPE test
15. Support cmake
NOTE: Export(uvision6) doesn't support TF-M target. To enable it for partial compile on Keil, force below function to return true.
is_target_supported(tools/export/uvision/__init__.py)
Chun-Chieh Li