nrfconnect · ahasztag · Apr 17, 2025 · May 19, 2025 · May 13, 2025 · May 23, 2025
@@ -52,6 +52,7 @@
 /boards/nordic/nrf54l*/                   @nrfconnect/ncs-co-boards @kl-cruz
 /boards/nordic/nrf52*                     @nrfconnect/ncs-co-boards @nrfconnect/ncs-si-bluebagel
 /boards/nordic/thingy91*                  @nrfconnect/ncs-co-boards @nrfconnect/ncs-cia
+/boards/nordic/nrf54h20dk/                @nrfconnect/ncs-charon
 /boards/shields/coverage_support/         @nrfconnect/ncs-low-level-test
 /boards/shields/nrf2220ek/                @nrfconnect/ncs-radio-sw
 /boards/shields/nrf2240ek/                @nrfconnect/ncs-radio-sw
@@ -345,6 +346,7 @@
 /include/dfu/dfu_target_suit.h            @nrfconnect/ncs-charon
 /include/dfu/suit_dfu_fetch_source.h      @nrfconnect/ncs-charon
 /include/dfu/suit_dfu.h                   @nrfconnect/ncs-charon
+/include/bl_partitions.h                  @nrfconnect/ncs-charon
 /include/drivers/flash/                   @nrfconnect/ncs-co-drivers
 /include/drivers/flash/flash_ipuc.h       @nrfconnect/ncs-co-drivers @nrfconnect/ncs-charon
 /include/drivers/gpio/                    @nrfconnect/ncs-co-drivers @nrfconnect/ncs-ll-ursus
@@ -688,6 +690,7 @@
 /samples/zephyr/sensor/qdec/              @nrfconnect/ncs-low-level-test
 /samples/zephyr/subsys/settings/          @nrfconnect/ncs-low-level-test
 /samples/zephyr/subsys/usb/               @nrfconnect/ncs-low-level-test
+/samples/zephyr/subsys/mgmt/mcumgr/smp_svr/ @nrfconnect/ncs-charon
 
 /samples/**/*.svg                         @nrfconnect/ncs-doc-leads
 /samples/**/*.png                         @nrfconnect/ncs-doc-leads

@@ -0,0 +1,9 @@
+# Copyright (c) 2025 Nordic Semiconductor
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+
+if BOARD_NRF54H20DK_NRF54H20_CPUAPP_IRON_B0_MCUBOOT
+
+config ROM_START_OFFSET
+	default 0x800 if BOOTLOADER_MCUBOOT || (MCUBOOT && SECURE_BOOT)
+
+endif # BOARD_NRF54H20DK_NRF54H20_CPUAPP_IRON_B0_MCUBOOT
@@ -0,0 +1,6 @@
+# Copyright (c) 2025 Nordic Semiconductor
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+
+config BOARD_NRF54H20DK
+	select SOC_NRF54H20_CPUAPP if (BOARD_NRF54H20DK_NRF54H20_CPUAPP_IRON_B0_MCUBOOT)
+	select SOC_NRF54H20_IRON if (BOARD_NRF54H20DK_NRF54H20_CPUAPP_IRON_B0_MCUBOOT)
@@ -0,0 +1,10 @@
+# Copyright (c) 2025 Nordic Semiconductor
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+
+config SECURE_BOOT_APPCORE
+	default y if BOARD_NRF54H20DK_NRF54H20_CPUAPP_IRON_B0_MCUBOOT
+
+choice BOOTLOADER
+	default BOOTLOADER_MCUBOOT if BOARD_NRF54H20DK_NRF54H20_CPUAPP_IRON_B0_MCUBOOT
+
+endchoice
@@ -0,0 +1,18 @@
+#
+# Copyright (c) 2025 Nordic Semiconductor
+#
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+#
+
+include(${ZEPHYR_BASE}/boards/common/nrfutil.board.cmake)
+
+if(CONFIG_BOARD_NRF54H20DK_NRF54H20_CPUAPP_IRON_B0_MCUBOOT)
+  if(CONFIG_SOC_NRF54H20_CPUAPP)
+    set(JLINKSCRIPTFILE ${CMAKE_CURRENT_LIST_DIR}/support/nrf54h20_cpuapp.JLinkScript)
+  else()
+    set(JLINKSCRIPTFILE ${CMAKE_CURRENT_LIST_DIR}/support/nrf54h20_cpurad.JLinkScript)
+  endif()
+
+  board_runner_args(jlink "--device=CORTEX-M33" "--speed=4000" "--tool-opt=-jlinkscriptfile ${JLINKSCRIPTFILE}")
+  include(${ZEPHYR_BASE}/boards/common/jlink.board.cmake)
+endif()
@@ -0,0 +1,5 @@
+board:
+  extend: nrf54h20dk
+  variants:
+  - name: b0/mcuboot
+    qualifier: nrf54h20/cpuapp/iron
@@ -0,0 +1,117 @@
+/*
+ * Copyright (c) 2025 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+ */
+
+
+/* This file is to be merged with the original memory_map.dtsi in the future.
+ * The following nodes will be replaced:
+ */
+/delete-node/ &cpuapp_cpusec_ipc_shm;
+/delete-node/ &cpuapp_cpusys_ipc_shm;
+/delete-node/ &cpurad_cpusec_ipc_shm;
+/delete-node/ &cpurad_cpusys_ipc_shm;
+/delete-node/ &cpusec_cpuapp_ipc_shm;
+/delete-node/ &cpusec_cpurad_ipc_shm;
+/delete-node/ &cpusys_cpuapp_ipc_shm;
+/delete-node/ &cpusys_cpurad_ipc_shm;
+/delete-node/ &cpuapp_rw_partitions;
+/delete-node/ &cpuapp_rx_partitions;
+/delete-node/ &cpurad_rx_partitions;
+
+/ {
+	reserved-memory {
+		cpuapp_cpusys_ipc_shm: memory@2f88f600 {
+			reg = <0x2f88f600 0x80>;
+		};
+
+		cpusys_cpuapp_ipc_shm: memory@2f88f680 {
+			reg = <0x2f88f680 0x80>;
+		};
+
+		cpurad_cpusys_ipc_shm: memory@2f88f700 {
+			reg = <0x2f88f700 0x80>;
+		};
+
+		cpusys_cpurad_ipc_shm: memory@2f88f780 {
+			reg = <0x2f88f780 0x80>;
+		};
+
+		cpusec_cpurad_ipc_shm: memory@2f88f800 {
+			reg = <0x2f88f800 0x80>;
+		};
+
+		cpurad_ironside_se_event_report: memory@2f88f880 {
+			reg = <0x2f88f880 0x100>;
+		};
+
+		cpurad_ironside_se_boot_report: memory@2f88f980 {
+			reg = <0x2f88f980 0x200>;
+		};
+
+		cpusec_cpuapp_ipc_shm: memory@2f88fb80 {
+			reg = <0x2f88fb80 0x80>;
+		};
+
+		cpuapp_ironside_se_event_report: memory@2f88fc00 {
+			reg = <0x2f88fc00 0x100>;
+		};
+
+		cpuapp_ironside_se_boot_report: memory@2f88fd00 {
+			reg = <0x2f88fd00 0x200>;
+		};
+	};
+};
+
+&mram1x {
+	partitions {
+		compatible = "fixed-partitions";
+		#address-cells = <1>;
+		#size-cells = <1>;
+
+		cpuapp_b0_partition: partition@2c000 {
+			reg = <0x2c000 DT_SIZE_K(62)>;
+		};
+
+		cpuapp_provision_partition: partition@3b800 {
+			reg = <0x3b800 DT_SIZE_K(2)>;
+		};
+
+		cpuapp_s0_partition: partition@3c000 {
+			reg = <0x3c000 DT_SIZE_K(64)>;
+		};
+
+		cpuapp_s1_partition: partition@4c000 {
+			reg = <0x4c000 DT_SIZE_K(64)>;
+		};
+
+		cpuapp_slot0_partition: partition@5c000 {
+			reg = <0x5c000 DT_SIZE_K(336)>;
+		};
+
+		cpurad_slot0_partition: partition@b0000 {
+			reg = <0xb0000 DT_SIZE_K(272)>;
+		};
+
+		cpuppr_code_partition: partition@f4000 {
+			reg = <0xf4000 DT_SIZE_K(64)>;
+		};
+
+		cpuflpr_code_partition: partition@104000 {
+			reg = <0x104000 DT_SIZE_K(48)>;
+		};
+
+		cpuapp_slot1_partition: partition@110000 {
+			reg = <0x110000 DT_SIZE_K(336)>;
+		};
+
+		cpurad_slot1_partition: partition@164000 {
+			reg = <0x164000 DT_SIZE_K(272)>;
+		};
+
+		storage_partition: partition@1a8000 {
+			reg = <0x1a8000 DT_SIZE_K(40)>;
+		};
+	};
+};
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2025 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+ */
+
+#include "../../../../zephyr/boards/nordic/nrf54h20dk/nrf54h20dk_nrf54h20_cpuapp.dts"
+#include "../../../../zephyr/boards/nordic/nrf54h20dk/nrf54h20dk_nrf54h20-ipc_conf_iron.dtsi"
+#include "nrf54h20dk_nrf54h20-memory_map_iron_b0_mcuboot.dtsi"
+
+/delete-node/ &cpusec_cpurad_ipc;
+
+/ {
+	chosen {
+		zephyr,code-partition = &slot0_partition;
+		zephyr,uart-mcumgr = &uart136;
+	};
+};
+
+&cpusec_bellboard {
+	status = "okay";
+};
+
+&cpusec_cpuapp_ipc {
+	mbox-names = "tx", "rx";
+	status = "okay";
+};
+
+b0_partition: &cpuapp_b0_partition {
+	label = "b0";
+};
+
+provision_partition: &cpuapp_provision_partition {
+	label = "provision";
+};
+
+s0_partition: &cpuapp_s0_partition {
+};
+
+s1_partition: &cpuapp_s1_partition {
+	label = "s1-image";
+};
+
+slot0_partition: &cpuapp_slot0_partition {
+	label = "image-0";
+};
+
+slot1_partition: &cpuapp_slot1_partition {
+	label = "image-1";
+};
+
+boot_partition: &s0_partition {
+	label = "mcuboot";
+};
@@ -0,0 +1,25 @@
+# Copyright (c) 2025 Nordic Semiconductor
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+
+identifier: nrf54h20dk/nrf54h20/cpuapp/iron/b0/mcuboot
+name: nRF54H20-DK-nRF54H20-Application (IRONside compatible) with MCUBOOT and NSIB (revision 0.9.0)
+type: mcu
+arch: arm
+toolchain:
+  - gnuarmemb
+  - xtools
+  - zephyr
+sysbuild: true
+ram: 256
+flash: 480
+supported:
+  - adc
+  - can
+  - counter
+  - gpio
+  - i2c
+  - pwm
+  - retained_mem
+  - spi
+  - watchdog
+  - usbd
@@ -0,0 +1,29 @@
+# Copyright (c) 2025 Nordic Semiconductor
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+
+# Enable UART driver
+CONFIG_SERIAL=y
+
+# Enable console
+CONFIG_CONSOLE=y
+CONFIG_UART_CONSOLE=y
+
+# Enable MPU
+CONFIG_ARM_MPU=y
+
+# Enable hardware stack protection
+CONFIG_HW_STACK_PROTECTION=y
+
+# MPU-based null-pointer dereferencing detection cannot be applied
+# as the (0x0 - 0x400) region is unmapped for this target.
+CONFIG_NULL_POINTER_EXCEPTION_DETECTION_NONE=y
+
+# Enable cache
+CONFIG_CACHE_MANAGEMENT=y
+CONFIG_EXTERNAL_CACHE=y
+
+# Enable GPIO
+CONFIG_GPIO=y
+
+# UICR generation is not supported, and when reintroduced will not use nrf-regtool.
+CONFIG_NRF_REGTOOL_GENERATE_UICR=n
@@ -10,6 +10,8 @@
 # Since this file is brought in via include(), we do the work in a
 # function to avoid polluting the top-level scope.
 
+include(${CMAKE_CURRENT_LIST_DIR}/bootloader_dts_utils.cmake)
+
 function(ncs_secure_boot_mcuboot_sign application bin_files signed_targets prefix)
   find_program(IMGTOOL imgtool.py HINTS ${ZEPHYR_MCUBOOT_MODULE_DIR}/scripts/ NAMES imgtool NAMES_PER_DIR)
   set(keyfile "${SB_CONFIG_BOOT_SIGNATURE_KEY_FILE}")
@@ -26,7 +28,20 @@ function(ncs_secure_boot_mcuboot_sign application bin_files signed_targets prefi
   sysbuild_get(CONFIG_BUILD_OUTPUT_HEX IMAGE ${application} VAR CONFIG_BUILD_OUTPUT_HEX KCONFIG)
 
   string(TOUPPER "${application}" application_uppercase)
-  set(imgtool_sign ${PYTHON_EXECUTABLE} ${IMGTOOL} sign --version ${SB_CONFIG_SECURE_BOOT_MCUBOOT_VERSION} --align 4 --slot-size $<TARGET_PROPERTY:partition_manager,${prefix}PM_${application_uppercase}_SIZE> --pad-header --header-size ${SB_CONFIG_PM_MCUBOOT_PAD})
+  if(SB_CONFIG_PARTITION_MANAGER)
+    set(slot_size $<TARGET_PROPERTY:partition_manager,${prefix}PM_${application_uppercase}_SIZE>)
+    set(mcuboot_pad ${SB_CONFIG_PM_MCUBOOT_PAD})
+    set(pad_header "--pad-header")
+  else()
+    dt_chosen(code_partition_node TARGET ${application} PROPERTY "zephyr,code-partition")
+    dt_reg_size(slot_size TARGET ${application} PATH ${code_partition_node})
+    sysbuild_get(mcuboot_pad IMAGE ${application} VAR CONFIG_ROM_START_OFFSET KCONFIG)
+
+    # The padding has already been added to the image by CONFIG_ROM_START_OFFSET
+    set(pad_header)
+  endif()
+
+  set(imgtool_sign ${PYTHON_EXECUTABLE} ${IMGTOOL} sign --version ${SB_CONFIG_SECURE_BOOT_MCUBOOT_VERSION} --align 4 --slot-size ${slot_size} ${pad_header} --header-size ${mcuboot_pad})
 
   if(SB_CONFIG_MCUBOOT_HARDWARE_DOWNGRADE_PREVENTION)
     set(imgtool_extra --security-counter ${SB_CONFIG_MCUBOOT_HW_DOWNGRADE_PREVENTION_COUNTER_VALUE})
@@ -101,6 +116,11 @@ function(ncs_secure_boot_mcuboot_sign application bin_files signed_targets prefi
       ${application_image_dir}/zephyr/.config
       ${CMAKE_BINARY_DIR}/signed_by_b0_${application}.hex
       )
+
+    set_property(
+      GLOBAL APPEND PROPERTY NORDIC_SECURE_BOOT_HEX_FILES_TO_MERGE
+      ${output}.hex
+    )
   endif()
 
   # Add the west sign calls and their byproducts to the post-processing
@@ -132,21 +152,32 @@ if(SB_CONFIG_BOOTLOADER_MCUBOOT)
 
     if(SB_CONFIG_SECURE_BOOT_BUILD_S1_VARIANT_IMAGE)
       ncs_secure_boot_mcuboot_sign(s1_image "${bin_files}" "${signed_targets}" "")
-      set(extra_bin_data "signed_by_mcuboot_and_b0_s1_image.binload_address=$<TARGET_PROPERTY:partition_manager,PM_S1_ADDRESS>;signed_by_mcuboot_and_b0_s1_image.binslot=1")
+      if(SB_CONFIG_PARTITION_MANAGER)
+        set(slot1_addr $<TARGET_PROPERTY:partition_manager,PM_S1_ADDRESS>)
+      else()
+        nsib_get_s1_address(slot1_addr)
+      endif()
+      set(extra_bin_data "signed_by_mcuboot_and_b0_s1_image.binload_address=${slot1_addr};signed_by_mcuboot_and_b0_s1_image.binslot=1")
     endif()
 
     if(bin_files)
       sysbuild_get(mcuboot_fw_info_firmware_version IMAGE mcuboot VAR CONFIG_FW_INFO_FIRMWARE_VERSION KCONFIG)
 
       include(${ZEPHYR_NRF_MODULE_DIR}/cmake/fw_zip.cmake)
 
+      if(SB_CONFIG_PARTITION_MANAGER)
+        set(slot0_addr $<TARGET_PROPERTY:partition_manager,PM_S0_ADDRESS>)
+      else()
+        nsib_get_s0_address(slot0_addr)
+      endif()
+
       generate_dfu_zip(
         OUTPUT ${CMAKE_BINARY_DIR}/dfu_mcuboot.zip
         BIN_FILES ${bin_files}
         TYPE mcuboot
         IMAGE mcuboot
         SCRIPT_PARAMS
-        "signed_by_mcuboot_and_b0_mcuboot.binload_address=$<TARGET_PROPERTY:partition_manager,PM_S0_ADDRESS>"
+        "signed_by_mcuboot_and_b0_mcuboot.binload_address=${slot0_addr}"
         ${extra_bin_data}
         "version_MCUBOOT=${SB_CONFIG_SECURE_BOOT_MCUBOOT_VERSION}"
         "version_B0=${mcuboot_fw_info_firmware_version}"