Skip to content

soc: ironside: add min and max values for update #96972

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 7, 2025
+26 −0
Merged

soc: ironside: add min and max values for update #96972

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions samples/boards/nordic/nrf_ironside/update/src/main.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@

LOG_MODULE_REGISTER(app, LOG_LEVEL_INF);

BUILD_ASSERT(CONFIG_UPDATE_BLOB_ADDRESS >= IRONSIDE_UPDATE_MIN_ADDRESS);
BUILD_ASSERT(CONFIG_UPDATE_BLOB_ADDRESS <= IRONSIDE_UPDATE_MAX_ADDRESS);

int main(void)
{
int err;
Expand Down
18 changes: 18 additions & 0 deletions soc/nordic/ironside/include/nrf_ironside/update.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,27 @@
#define IRONSIDE_UPDATE_ERROR_NOT_PERMITTED (1)
/** Failed to write the update metadata to SICR. */
#define IRONSIDE_UPDATE_ERROR_SICR_WRITE_FAILED (2)
/** Update candidate is placed outside of valid range */
#define IRONSIDE_UPDATE_ERROR_INVALID_ADDRESS (3)

/**
* @}
*/

/** Size of the update blob */
#ifdef CONFIG_SOC_SERIES_NRF54HX
#define IRONSIDE_UPDATE_BLOB_SIZE (160 * 1024)
#elif CONFIG_SOC_SERIES_NRF92X
#define IRONSIDE_UPDATE_BLOB_SIZE (160 * 1024)
#else
#error "Missing update blob size"
#endif

/** Min address used for storing the update candidate */
#define IRONSIDE_UPDATE_MIN_ADDRESS (0x0e100000)
/** Max address used for storing the update candidate */
#define IRONSIDE_UPDATE_MAX_ADDRESS (0x0e200000 - IRONSIDE_UPDATE_BLOB_SIZE)

/** Length of the update manifest in bytes */
#define IRONSIDE_UPDATE_MANIFEST_LENGTH (256)
/** Length of the update public key in bytes. */
Expand Down Expand Up @@ -62,6 +78,8 @@ struct ironside_update_blob {
* @param update Pointer to update blob
*
* @retval 0 on a successful request (although the update itself may still fail).
* @retval -IRONSIDE_UPDATE_ERROR_INVALID_ADDRESS if the address of the update is outside of the
* accepted range.
* @retval -IRONSIDE_UPDATE_ERROR_NOT_PERMITTED if missing access to the update candidate.
* @retval -IRONSIDE_UPDATE_ERROR_SICR_WRITE_FAILED if writing update parameters to SICR failed.
* @retval Positive error status if reported by IronSide call (see error codes in @ref call.h).
Expand Down
5 changes: 5 additions & 0 deletions soc/nordic/ironside/update.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,11 @@ int ironside_update(const struct ironside_update_blob *update)
int err;
struct ironside_call_buf *const buf = ironside_call_alloc();

if ((uintptr_t)update < IRONSIDE_UPDATE_MIN_ADDRESS ||
(uintptr_t)update > IRONSIDE_UPDATE_MAX_ADDRESS) {
return -IRONSIDE_UPDATE_ERROR_INVALID_ADDRESS;
}

buf->id = IRONSIDE_CALL_ID_UPDATE_SERVICE_V0;
buf->args[IRONSIDE_UPDATE_SERVICE_UPDATE_PTR_IDX] = (uintptr_t)update;

Expand Down