Soft off ironside #3221
Draft
Soft off ironside #3221
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
New Twister schema is not supported yet in sdk-zephyr, drop this patch once Twister is updated. Signed-off-by: Gerard Marull-Paretas <[email protected]> (cherry picked from commit b1e95ba)
… map" This reverts commit c37deeb. This is only a temporary change, until we align our CI. To be removed once natsort is avaialble in the NCS CI. Signed-off-by: Robert Lubos <[email protected]> (cherry picked from commit fdb19c5)
Kconfig search is handled in a separate docset in NCS, so remove the page. This is a long-term noup patch. Signed-off-by: Gerard Marull-Paretas <[email protected]> Signed-off-by: Krishna T <[email protected]> (cherry picked from commit af08933)
-This allows configurations enabled by PSA_WANTS_ALG_XXXX to be used to control which TF-M module is enabled -If the TF-M image doesn't support e.g. the MAC APIs, then the MAC interface is not enabled Note: This functionality requires that nrf_security is enabled ref: NCSDK-11689 Make TF-M crypto module depend on PSA_WANT_GENERATE_RANDOM, same as all other crypto modules, which have PSA_HAS to group all PSA features that require the module. This makes TF-M by default exclude the RNG module when not needed. Signed-off-by: Frank Audun Kvamtrø <[email protected]> Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit ff04215)
Out-of-tree crypto subsystems need to deselect MBEDTLS_BUILTIN, but deselection is not supported. It is however supported to select a dependency in a ! expression. Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit f778d9f)
We moved the header files in sdk-mbedtls from the library folder to the include/library folder. This was done to avoid issues when building MbedTLS with the nrf_security module and the Oberon PSA core. The Oberon PSA core provides a subset of these header files and since they are included with quotes we cannot have them in the same directory. This change make the needed adaptions in CMake for the applications that don't use nrf_security. Signed-off-by: Georgios Vasilakis <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit a73fcf0)
The commits adds support for generating flash disks from Partition Manager defined partitions. Signed-off-by: Dominik Ermel <[email protected]> (cherry picked from commit 1a14317)
The "zephyr-code-partition" chosen DTS node cannot be used when build uses Partition Manager. In that case, mcumgr must rely on the definitions provided by the Partition Manager. Jira: NCSDK-21381 Signed-off-by: Marek Pieta <[email protected]> Signed-off-by: Dominik Ermel <[email protected]> (cherry picked from commit e1f0f17)
The commit adds bootutil hook, for nrf5340, to allow it handling the non-accessible image-1/primary slot. Signed-off-by: Andrzej Głąbek <[email protected]> Signed-off-by: Vinayak Kariappa Chettimada <[email protected]> Signed-off-by: Johann Fischer <[email protected]> Signed-off-by: Dominik Ermel <[email protected]> Signed-off-by: Jamie McCrae <[email protected]> (cherry picked from commit 410e44f)
Migrates child image configuration for this sample over to sysbuild Signed-off-by: Jamie McCrae <[email protected]> (cherry picked from commit 30e3e32)
Migrates child image configuration for this sample over to sysbuild Signed-off-by: Jamie McCrae <[email protected]> (cherry picked from commit 97bbc75)
This is a follow-up to commit 9dd570f. Since in NCS, unlike in vanilla Zephyr, the nano variant of newlib is the default one, restore entries that disable the nano variant in one sample and one test that require the full newlib variant. This patch is supposed to be removed when picolibc becomes the default. Signed-off-by: Andrzej Głąbek <[email protected]> Signed-off-by: Dominik Ermel <[email protected]> (cherry picked from commit 41c5668)
Disables partition manager when building some samples and tests which use sysbuild to prevent build issues Signed-off-by: Jamie McCrae <[email protected]> (cherry picked from commit a2bc55a)
Add a Kconfig for th TFM_CRYPTO_PAKE_MODULE_ENABLED to support the PAKE APIs. noup as the PAKE support including the PAKE module doesn't exist yet in upstream TF-M as they depend on mbed TLS support for it Ref: NCSDK-22416 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 8907bee)
Friend's replies on LPN's polls do not assume randomization in advertiser. Zero randomization will help to optimize time when LPN keeps receiving window open and save power. Signed-off-by: Aleksandr Khromykh <[email protected]> Signed-off-by: Olivier Lesage <[email protected]> (cherry picked from commit 896f773)
Fixes issue where randomness can be removed for advertising sets that have to handle other adv types than the BT_MESH_FRIEND_ADV tag type. Signed-off-by: Anders Storrø <[email protected]> Signed-off-by: Aleksandr Khromykh <[email protected]> Signed-off-by: Dominik Ermel <[email protected]> (cherry picked from commit 5dd031d)
…N_MANAGER Active partition ID need to be extracted basing on PARTITION_MANAGER products. ref.:NCSDK-26693 Signed-off-by: Andrzej Puzdrowski <[email protected]> Signed-off-by: Jamie McCrae <[email protected]> (cherry picked from commit a6e4092)
Using a comment to explain Kconfig options make them invisible to Kconfig search. Use help instead. Signed-off-by: Sigurd Hellesvik <[email protected]> (cherry picked from commit eac8bb3)
Added overlay with m25r64 on-DK memory selecton. This aim to support testing DFU with secondary partition moved to the external flash. Signed-off-by: Andrzej Puzdrowski <[email protected]> (cherry picked from commit e5a3c32)
There is no point to use PICOLIB here as it bloats the tests. Signed-off-by: Dominik Ermel <[email protected]> (cherry picked from commit cbdf3c2)
Provides an option to enable TLS session caching for an MQTT client's secure socket. Signed-off-by: Jan Tore Guggedal <[email protected]> Signed-off-by: Robert Lubos <[email protected]> Signed-off-by: Dominik Ermel <[email protected]> Signed-off-by: Johann Fischer <[email protected]> (cherry picked from commit 10800b0)
This commit adds an extra parameter in the configuration structure to configure native TLS support at runtime. Signed-off-by: Mirko Covizzi <[email protected]> (cherry picked from commit 98c2677)
TF-M will uses SPU alignment during build time to make sure all partitions can be locked down with the SPU. So adding them for nRF53 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit fdd4008)
TF-M will uses SPU alignment during build time to make sure all partitions can be locked down with the SPU. So adding them for nRF91 The nRF54L15 doesn't use the SPU for setting the security attributes for flash/RAM regions. In order to avoid having multiple Kconfigs with similar meaning renamed the alignment Kconfig option to something more generic in order to use the same symbol for all the TrustZone enabled devices. Ref: NCSDK-25023 Signed-off-by: Markus Swarowsky <[email protected]> Signed-off-by: Georgios Vasilakis <[email protected]> (cherry picked from commit 03fc983)
Change introduces common static Partition Manager configuration. The tfm_nonsecure partition must be SPU region aligned. Ref: NCSDK-18033 Ref: NCSDK-19515 Signed-off-by: Marek Pieta <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 4668081)
Enabling USB CDC by default in Thingy:53 board configuration caused that there were two instances of USB CDC in MCUBoot. Change disables one instance which was added automatically by NCS if MCUBoot bootloader was built as a child image. Jira: NCSDK-18596 Signed-off-by: Mateusz Kapala <[email protected]> Signed-off-by: Johann Fischer <[email protected]> (cherry picked from commit 5928c1a)
Change enables MCUboot bootloader by default to allow programming samples and applications without external programmer (using MCUboot serial recovery). Change also enables network core to prevent build failures when building MCUboot with nRF53 multi image DFU. Jira: NCSDK-18263 Signed-off-by: Marek Pieta <[email protected]> Signed-off-by: Vinayak Kariappa Chettimada <[email protected]> Signed-off-by: Johann Fischer <[email protected]> Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 39e767e)
* Configuration allows DFU with serial transport using mcumgr and over BT using nRF Connect. * Added description of sample testcase for building smp_svr with support of secondary partition in on PDK spi_nor flash. * Added description of sample testcase for building smp_svr with support of secondary partition in on PDK spi_nor flash uisng DTS. Signed-off-by: Mateusz Michalek <[email protected]> Signed-off-by: Andrzej Puzdrowski <[email protected]> Signed-off-by: Dominik Ermel <[email protected]> Signed-off-by: Jamie McCrae <[email protected]> (cherry picked from commit 173521b)
We have our own psa crypto samples to show how to used PSA crypto with NCS. This sample still uses CONFIG_MBEDTLS_BUILTIN which is not supported anymore, therefore removing the support for it in NCS. Ref: NCSDK-17944 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 399afcb)
Adds a sysbuild Kconfig file which enables external flash when partition manager is enabled Signed-off-by: Jamie McCrae <[email protected]> (cherry picked from commit 41431fb)
This reverts commit 8ccb986. To be re-applied after cherry-picks with a fix for a recent mistake. Signed-off-by: Grzegorz Swiderski <[email protected]>
This reverts commit fb385d5. Signed-off-by: Grzegorz Swiderski <[email protected]>
This reverts commit 73fe1ee. Signed-off-by: Grzegorz Swiderski <[email protected]>
Upstream PR #: 94330 Allow the ZMS API to optionally accept 64 bit IDs. A typedef `zms_id_t` is added, so that the maximum ID width can be controlled using Kconfig. The current ATE structure is already large enough that it is possible to reserve 64 bits for IDs without increasing its total size (128 bits). This makes the feature a natural, low footprint alternative to Settings, for cases where the supported key namespace must be larger than 32 bit but not arbitrarily large. The ATE format does have to be altered to accommodate larger IDs, but the default "32 bit" format is left as is. Now, the `struct zms_ate` describes one of two supported formats, selected by an `#if` condition. In the future, it may be possible to support multiple ATE formats at runtime, in which case the structure can be turned into a union. In the new, "64 bit" ATEs, the `offset` and `metadata` fields are moved into a union, because they are found to be mutually exclusive. With the old format, the same fields are in different locations, but one of them always gets filled with a dummy value, depending on the given ATE type. To cover both cases, a `memset` is used, which should be optimized away by the compiler when appropriate. The only limitation is that the new ATE format has no room for data CRC, but an alternative integrity check can be implemented by the caller. Signed-off-by: Grzegorz Swiderski <[email protected]> (cherry picked from commit ec7a4ad199b0a87e5d604cbea20c8e2f4f741303)
Upstream PR #: 94330 * Update the "corrupt ATE" tests to work with the new ATE format. * Add a basic test to verify support to 64 bit ZMS IDs. * Add a `testcase.yaml` entry to cover the above points and also run lookup cache tests to evaluate the 64 bit hash function. Signed-off-by: Grzegorz Swiderski <[email protected]> (cherry picked from commit d9e38a9c4521e9b4423526e2c8e91b64f15928c7)
ZMS legacy enabled by CONFIG_SETTINGS_ZMS_LEGACY uses a different lookup cache function that is optimized for Settings subsystem. Signed-off-by: Riadh Ghaddab <[email protected]> (cherry picked from commit 491354b) (cherry picked from commit 15cd2f6) (cherry picked from commit 8ccb986)
…nto account Currently all calls to otPlatLog with debug log level are printed. Cleanup logging.c Signed-off-by: Pieter De Gendt <[email protected]> (cherry picked from commit 9983ff7)
…en COVERAGE Skip checking timing expectation when COVERAGE is used. Coverage mode affect timing - making code slower, as additional operations are needed to gather coverage stats. Upstream PR #: 94927 Signed-off-by: Piotr Kosycarz <[email protected]>
…sample Move the legacy code of the CDC ACM sample to a separate sample in the legacy directory. Signed-off-by: Johann Fischer <[email protected]> (cherry picked from commit a7b0f71)
…e sample Move the legacy code from the HID mouse sample to a separate sample in the legacy directory. Signed-off-by: Johann Fischer <[email protected]> (cherry picked from commit 1e50aaa)
Include rpi_pico.overlay from the rpi_pico_rp2040_w.overlay in order to have `pico/rp2040/w` board to work out of the box. Signed-off-by: John Lin <[email protected]> (cherry picked from commit 0fe7cbd)
…sample Move the legacy code from the USB MSC sample to a separate sample in the legacy directory. Make legacy sample very simple and drop all filesystem dependencies. Signed-off-by: Johann Fischer <[email protected]> (cherry picked from commit 375e8e6)
…tures Add 'usbd' to the list of features supported by nrf54lm20dk. Signed-off-by: Sebastian Głąb <[email protected]> (cherry picked from commit b50b5b4)
…with console Use console logs to determine if sample operates correctly. Signed-off-by: Sebastian Głąb <[email protected]> (cherry picked from commit e0fcfa1)
in #83352 a few bindings were not migrated, fix that, as it will lead to ci fails. Signed-off-by: Fin Maaß <[email protected]> (cherry picked from commit 4a468e9)
Extended clock control driver to support new DVFS service from IronSide secure domain. Added new compatible nrf-iron-hsfll-local which can be used to enable new DVFS service support in local domain. Signed-off-by: Łukasz Stępnicki <[email protected]> (cherry picked from commit a5c0ba8)
DVFS is supported with IronSide call. NRFS DVFS will be not enabled by default. Upstream PR #: 94865 Signed-off-by: Łukasz Stępnicki <[email protected]>
lstnl
force-pushed
the
soft_off_ironside
branch
2 times, most recently
from
43f8f98 to
477aa35
Compare
Temp changes added grtc channel disable to avoid wakeups when going to soft off Signed-off-by: Łukasz Stępnicki <[email protected]>
lstnl
force-pushed
the
soft_off_ironside
branch
from
48c66c2 to
852da8d
Compare
Added option to use system channel for setup wakeup from soft off. In Lilium there is insuficcient grtc channels and no spare channel that can be used as wake up source. Added function to disable all grtc channels, except the one used for wake up to be able to enter soft off stated on local domain (disable uncexpected grtc wake ups). Signed-off-by: Łukasz Stępnicki <[email protected]>
Enabled LATCH reading on sw1 this need additiona REATAIN bits manipulation. Changed console to be handled automatically, otherwise there are some unknown characters when console is suspended. Removed obsolete configs. Signed-off-by: Łukasz Stępnicki <[email protected]>
Low power comparator can be used as wake up source for nrf54h20. Using LPCOMP as wakeup needs global power force when entering system off, this is handled in sysctrl. Signed-off-by: Łukasz Stępnicki <[email protected]>
This is new method of entering system off state. Local domains do not shut down immediatelly but rather go to deep sleep (idle or s2ram) and waits for other domains to go to system off. This enable option to go back to normal operation if there is something blocking system off. For example application is not yet ready to soft off and wakes up radio. This also enables GRTC to be used with system methods like k_sleep to wake up from system off at scheduled time. Signed-off-by: Łukasz Stępnicki <[email protected]>
lstnl
force-pushed
the
soft_off_ironside
branch
from
5bb3810 to
f3c8bba
Compare
Reset reason for Lilium is not showing reset pin as valid reset source, this needs to be checked. Signed-off-by: Łukasz Stępnicki <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.