Skip to content

Commit a108a23

Browse files
nandojvenandojve
committed
trusted-firmware-m: Create bin files to FOTA
One fundamental use of trusted-firmware-m is to allow IoT applications to have security and the firmware upgrade is almost 100% mandatory in these applications. The current state of files signing process do not produce the necessary binaries to use with FWU because the hex images are not suitable for this use case. This introduces the missing signed binaries files to be used by FWU partition. Signed-off-by: BUDKE Gerson Fernando <[email protected]>
1 parent 88589b3 commit a108a23

File tree

1 file changed

+9
-0
lines changed

1 file changed

+9
-0
lines changed

modules/trusted-firmware-m/CMakeLists.txt

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -519,6 +519,8 @@ if (CONFIG_BUILD_WITH_TFM)
519519
set(S_NS_SIGNED_HEX_FILE ${CMAKE_BINARY_DIR}/zephyr/tfm_s_zephyr_ns_signed.hex)
520520
set(NS_SIGNED_HEX_FILE ${CMAKE_BINARY_DIR}/zephyr/zephyr_ns_signed.hex)
521521
set(S_SIGNED_HEX_FILE ${CMAKE_BINARY_DIR}/zephyr/tfm_s_signed.hex)
522+
set(NS_SIGNED_BIN_FILE ${CMAKE_BINARY_DIR}/zephyr/zephyr_ns_signed.bin)
523+
set(S_SIGNED_BIN_FILE ${CMAKE_BINARY_DIR}/zephyr/tfm_s_signed.bin)
522524

523525
if (CONFIG_TFM_USE_NS_APP)
524526
# Use the TF-M NS binary as the Non-Secure application firmware image
@@ -568,16 +570,21 @@ if (CONFIG_BUILD_WITH_TFM)
568570
else()
569571
if (CONFIG_TFM_USE_NS_APP)
570572
tfm_sign(sign_cmd_ns_hex NS TRUE TRUE TRUE ${NS_MAX_SECTORS} ${NS_APP_FILE} ${NS_SIGNED_HEX_FILE})
573+
tfm_sign(sign_cmd_ns_bin NS TRUE TRUE FALSE ${NS_MAX_SECTORS} ${NS_APP_FILE} ${NS_SIGNED_BIN_FILE})
571574
else()
572575
tfm_sign(sign_cmd_ns_hex NS FALSE TRUE TRUE ${NS_MAX_SECTORS} ${NS_APP_FILE} ${NS_SIGNED_HEX_FILE})
576+
tfm_sign(sign_cmd_ns_bin NS FALSE TRUE FALSE ${NS_MAX_SECTORS} ${NS_APP_FILE} ${NS_SIGNED_BIN_FILE})
573577
endif()
574578

575579
tfm_sign(sign_cmd_s_hex S TRUE TRUE TRUE ${S_MAX_SECTORS} $<TARGET_PROPERTY:tfm,TFM_S_HEX_FILE> ${S_SIGNED_HEX_FILE})
580+
tfm_sign(sign_cmd_s_bin S TRUE TRUE FALSE ${S_MAX_SECTORS} $<TARGET_PROPERTY:tfm,TFM_S_BIN_FILE> ${S_SIGNED_BIN_FILE})
576581

577582
#Create and sign for concatenated binary image, should align with the TF-M BL2
578583
set_property(GLOBAL APPEND PROPERTY extra_post_build_commands
579584
COMMAND ${sign_cmd_ns_hex}
585+
COMMAND ${sign_cmd_ns_bin}
580586
COMMAND ${sign_cmd_s_hex}
587+
COMMAND ${sign_cmd_s_bin}
581588

582589
COMMAND ${PYTHON_EXECUTABLE} ${ZEPHYR_BASE}/scripts/build/mergehex.py
583590
-o ${MERGED_HEX_FILE}
@@ -589,7 +596,9 @@ if (CONFIG_BUILD_WITH_TFM)
589596

590597
set_property(GLOBAL APPEND PROPERTY extra_post_build_byproducts
591598
${S_SIGNED_HEX_FILE}
599+
${S_SIGNED_BIN_FILE}
592600
${NS_SIGNED_HEX_FILE}
601+
${NS_SIGNED_BIN_FILE}
593602
${MERGED_HEX_FILE}
594603
)
595604
endif()

0 commit comments

Comments
 (0)