trusted-firmware-m: Set --confirm when signing

nandojve · nandojve · commit 376b0060f94b · 2025-10-22T08:06:55.000+02:00
The current behavior when signing an image adds --pad but does not
confirm the image. This appears to be a mistake, as the user should
inspect the image status in the Firmware Upgrade software. If an image
is not --confirmed, the FSM cannot infer the correct states. This sets
the image as confirmed to resolve the issue.

Signed-off-by: BUDKE Gerson Fernando &lt;gerson.budke@leica-geosystems.com&gt;
diff --git a/modules/trusted-firmware-m/CMakeLists.txt b/modules/trusted-firmware-m/CMakeLists.txt
@@ -502,14 +502,18 @@ if (CONFIG_BUILD_WITH_TFM)
     endif()
   endif()
 
-  function(tfm_sign OUT_ARG SUFFIX HEADER TRAILER MAX_SECTORS INPUT_FILE OUTPUT_FILE)
+  function(tfm_sign OUT_ARG SUFFIX HEADER TRAILER CONFIRM MAX_SECTORS INPUT_FILE OUTPUT_FILE)
     if(HEADER AND TRAILER)
       set(pad_args --pad --pad-header)
     elseif(HEADER)
       set(pad_args --pad-header)
     elseif(TRAILER)
       set(pad_args --pad)
     endif()
+    if(CONFIRM)
+      # --confirm imply PAD
+      set(confirm --confirm)
+    endif()
     # Secure + Non-secure images are signed the same way as a secure only
     # build, but with a different layout file.
     set(layout_file ${PREPROCESSED_FILE_${SUFFIX}})
@@ -529,6 +533,7 @@ if (CONFIG_BUILD_WITH_TFM)
       --max-sectors ${MAX_SECTORS}
       -v ${CONFIG_TFM_IMAGE_VERSION_${SUFFIX}}
       ${pad_args}
+      ${confirm}
       ${HEX_ADDR_ARGS_${SUFFIX}}
       ${ADD_${SUFFIX}_IMAGE_MIN_VER}
       -s ${CONFIG_TFM_IMAGE_SECURITY_COUNTER}
@@ -567,7 +572,7 @@ if (CONFIG_BUILD_WITH_TFM)
     )
 
   elseif(CONFIG_TFM_MCUBOOT_IMAGE_NUMBER STREQUAL "1")
-    tfm_sign(sign_cmd S_NS TRUE TRUE ${S_NS_MAX_SECTORS} ${S_NS_FILE} ${S_NS_SIGNED_FILE})
+    tfm_sign(sign_cmd S_NS TRUE TRUE TRUE ${S_NS_MAX_SECTORS} ${S_NS_FILE} ${S_NS_SIGNED_FILE})
 
     set_property(GLOBAL APPEND PROPERTY extra_post_build_commands
       COMMAND ${PYTHON_EXECUTABLE} ${ZEPHYR_BASE}/scripts/build/mergehex.py
@@ -592,12 +597,12 @@ if (CONFIG_BUILD_WITH_TFM)
 
   else()
     if (CONFIG_TFM_USE_NS_APP)
-      tfm_sign(sign_cmd_ns NS TRUE TRUE ${S_NS_MAX_SECTORS} ${NS_APP_FILE} ${NS_SIGNED_FILE})
+      tfm_sign(sign_cmd_ns NS TRUE TRUE TRUE ${S_NS_MAX_SECTORS} ${NS_APP_FILE} ${NS_SIGNED_FILE})
     else()
-      tfm_sign(sign_cmd_ns NS FALSE TRUE ${S_NS_MAX_SECTORS} ${NS_APP_FILE} ${NS_SIGNED_FILE})
+      tfm_sign(sign_cmd_ns NS FALSE TRUE TRUE ${S_NS_MAX_SECTORS} ${NS_APP_FILE} ${NS_SIGNED_FILE})
     endif()
 
-    tfm_sign(sign_cmd_s S TRUE TRUE ${S_NS_MAX_SECTORS} $<TARGET_PROPERTY:tfm,TFM_S_HEX_FILE>
+    tfm_sign(sign_cmd_s S TRUE TRUE TRUE ${S_NS_MAX_SECTORS} $<TARGET_PROPERTY:tfm,TFM_S_HEX_FILE>
       ${S_SIGNED_FILE})
 
     #Create and sign for concatenated binary image, should align with the TF-M BL2
