Problems on enabling TF-M's BL2

Hi,

BL2 is not supported with TF-M right now. You can use BOOTLOADER_MCUBOOT instead for now. Can you elaborate on what you mean by MCUBoot not being well aligned to TF-M?

Regarding nrf_security, the CryptoCell is enabled by default when you use TF-M. Checking the build/tfm/build.ninja file will show the linking commands with the crypto libraries.

We are thinking to use the firmware update secure partition from TF-M to do the firmware update in the future, which means the Zephyr application will use the firmware update TF-M APIs to populate new firmware data to the secondary partitions. What's your suggestions for this feature? 

Okay, I'll open a new ticket for other questions for nrf_security. 

We are thinking to use the firmware update secure partition from TF-M to do the firmware update in the future, which means the Zephyr application will use the firmware update TF-M APIs to populate new firmware data to the secondary partitions. What's your suggestions for this feature? 

Okay, I'll open a new ticket for other questions for nrf_security. 

Hi,

We do not currently have any solution for updating only the secure partition. I have asked the team working on it to look into it.

For now, you can either enable serial recovery in MCUBoot or use the dfu_target_mcuboot APIs or direct flash read/write to secondary partition (dfu_target_mcuboot.c). Or see in dfu_target_stream.c how it's implemented there with flash read/writes. Then to set the image as active you would have to use mcuboot.h if you use flash write/read operations directly.

Einar, 

You mean you haven't enabled the firmware update secure partitions (FWU) for firmware update? So, what's Nordic's plan to support FWU? You will use another approach instead of FWU provided by TF-M? 

Hi,

Yes, we do not have a solution for FWU for secure partitions only at the moment. Support for TF-M in nRF Connect SDK is still experimental and some important functionality is still missing. I cannot say which approach we will use for firmware upgrades of secure partitions at the moment, but the team is looking into this.

Edit: Note that we use a swapping mechanism with MCUboot so that the banked update is stored in a non-secure area. Therefore the application can write the update itself without using a secure service. We bundle TF-M together with the app image, so the current mechanism can be used to update both together.