Skip to content

Conversation

nandojve
Copy link
Member

@nandojve nandojve commented Aug 22, 2025

Introduce the TF-M support in the nucleo_u5a5zj_q board. It proposes an out-of-tree development reference without a board inside TF-M mainline. It shows how to customize all the keys and otp_provision allowing FOTA.

Highlights:

  • TF-M board is defined inside Zephyr board. This means that we atomically can change both without requiring changes in the TF-M mainline
  • Brings scripts to be used to generate the custom otp_provision for each customer board.

Core dependency:

FOTA dependencies:

CC: @etienne-lms

@github-actions github-actions bot added manifest manifest-trusted-firmware-m DNM (manifest) This PR should not be merged (controlled by action-manifest) labels Aug 22, 2025
@nandojve nandojve requested a review from etienne-lms August 28, 2025 07:06
@nandojve nandojve force-pushed the tfm/introduce_tfm_on_nucleo_u5a5zj_q branch from b299664 to a40c688 Compare September 9, 2025 20:43
@zephyrproject-rtos zephyrproject-rtos deleted a comment from github-actions bot Sep 9, 2025
@zephyrproject-rtos zephyrproject-rtos deleted a comment from sonarqubecloud bot Sep 9, 2025
@nandojve nandojve removed the DNM (manifest) This PR should not be merged (controlled by action-manifest) label Sep 9, 2025
@nandojve nandojve force-pushed the tfm/introduce_tfm_on_nucleo_u5a5zj_q branch from a40c688 to a2e3510 Compare September 11, 2025 06:21
@zephyrproject-rtos zephyrproject-rtos deleted a comment from sonarqubecloud bot Sep 11, 2025
Add TFM_USE_TRUSTZONE to UNDEF_KCONFIG_ALLOWLIST. This is necessary
when a TF-M board is defined inside Zephyr boards, which configure
an Out-Of-Tree board.

Signed-off-by: BUDKE Gerson Fernando <[email protected]>
The USB is a peripheral that can be used by S and NS images. This move
USB node from S to common dtsi file. The same it is not valid about
random functions. In the S image the random can be enabled but for NS
image the random MUST come from PSA API.

Signed-off-by: BUDKE Gerson Fernando <[email protected]>
Add the TF-M S image code dedicated to the board, which uses an
Out-Of-Tree approach. This can be used as example to customers
interested in this technology and don't have an initial idea
how to do it. This will avoid that customers will try the easy
script copy over TF-M folder patch.

Signed-off-by: BUDKE Gerson Fernando <[email protected]>
Introduce the TF-M support for the stm32u5a5xx SoC.

Signed-off-by: BUDKE Gerson Fernando <[email protected]>
@nandojve nandojve force-pushed the tfm/introduce_tfm_on_nucleo_u5a5zj_q branch from a2e3510 to 5e69989 Compare September 11, 2025 09:47
Copy link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant