RP2350 ====== Introduction ------------ RP2350 features a dual-core Arm Cortex-M33 processor with 520 kiB on-chip SRAM, support for up to 16 MB of off-chip flash and a wide range of flexible I/O option including I2C, SPI, and - uniquely - Programmable I/O (PIO). With its security features RP2350 offers significant enhancements over RP2040. This platform port supports TF-M regression tests (Secure and Non-Secure) with Isolation Level 1 and 2. .. note:: Only the GNU toolchain is supported. .. note:: Only the "profile_medium" predefined profile is supported. Building TF-M ------------- Follow the generic build instructions in :doc:`Building instructions ` and specify the platform name by setting ``-DTFM_PLATFORM=rpi/rp2350``. .. note:: This platform port relies on the `Raspberry Pi Pico SDK `__. Make sure it is either cloned locally or available to download during build. SDK version used for testing: ``SDK 2.1.1 release``. To use a different version of the SDK than the one your version of TF-M uses by default, you can pass ``-DPICO_SDK_PATH=/path/to/pico-sdk`` to CMake. You may also need to patch this SDK to work with the TF-M build system. If required, the patch is available in the ``platform/ext/target/rpi/rp2350/pico-sdk.patch`` file from a TF-M version that uses the SDK version you want to use, and it can be applied with ``git apply /platform/ext/target/rpi/rp2350/pico-sdk.patch``. For example, to use SDK version 2.1.1, you can take the ``pico-sdk.patch`` file from TF-M version 2.1.2 and apply it to the SDK version 2.1.1. .. note:: Building the default platform configuration requires the board to be provisioned first. For this the provision bundle needs to be built and run on the board with ``-DPLATFORM_DEFAULT_PROVISIONING=OFF``. The binary must be placed in flash at the start address defined by ``PROVISIONING_BUNDLE_START``. One way to do this is to generate a `.uf2` file containing the bundle at the start address and copy it to the board. There is an example in the provided `pico_uf2.sh` script and in the description below. If ``-DPLATFORM_DEFAULT_PROVISIONING=OFF`` and ``-DTFM_DUMMY_PROVISIONING=ON`` then the keys in the ``/platform/ext/common/provisioning_bundle/provisioning_config.cmake`` and the default MCUboot signing keys will be used for provisioning. If ``-DPLATFORM_DEFAULT_PROVISIONING=OFF`` and ``-DTFM_DUMMY_PROVISIONING=OFF`` are set then unique assets can be used for provisioning. The keys and seeds can be changed by passing the new values to the build command, or by setting the ``-DPROVISIONING_KEYS_CONFIG`` config option to point to a `.cmake` config file that contains the keys. An example config file is available at ``/platform/ext/common/provisioning_bundle/provisioning_config.cmake``, otherwise new random values are going to be generated and used. For the image signing the ``${MCUBOOT_KEY_S}`` and ``${MCUBOOT_KEY_NS}`` will be used. These variables should point to `.pem` files that contain the private keys for signing the code. The respective public keys (or hashes of them) are going to be written in the provisioning data, i.e. in the autogenerated ``provisioning_data.c``. If ``-DMCUBOOT_GENERATE_SIGNING_KEYPAIR=ON`` is set then a new private key is going to be generated and used to sign the binaries. The new generated key can be found in the ``/bin`` directory or in the ``/image_signing/keys`` after installation. The generated ``provisioning_data.c`` file can be found at ``/platform/target/provisioning/provisioning_data.c`` .. note:: The provisioning bundle generation depends on ``pyelftools`` that has to be installed before running the commands described above:: pip3 install pyelftools Example of build instructions for regression tests with dummy keys: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Building Secure side with provisioning bundle: .. note:: Add optionally: - ``-DTFM_MULTI_CORE_TOPOLOGY=ON`` for multicore support - ``-DPICO_SDK_PATH=`` for a pre-fetched Pico SDK .. code-block:: bash cmake -S /tests_reg/spe \ -B /tests_reg/spe/build_rpi_single \ -DTFM_PLATFORM=rpi/rp2350 \ -DTFM_TOOLCHAIN_FILE=/toolchain_GNUARM.cmake \ -DCONFIG_TFM_SOURCE_PATH= \ -DTFM_PROFILE=profile_medium \ -DPLATFORM_DEFAULT_PROVISIONING=OFF \ -DTEST_S=ON \ -DTEST_NS=ON .. code-block:: bash cmake --build /tests_reg/spe/build_rpi_single -- -j8 install Building Non-Secure side: .. code-block:: bash cmake -S /tests_reg \ -B /tests_reg/build_rpi_single \ -DCONFIG_SPE_PATH=/tests_reg/spe/build_rpi_single/api_ns \ -DTFM_TOOLCHAIN_FILE=/tests_reg/spe/build_rpi_single/api_ns/cmake/toolchain_ns_GNUARM.cmake .. code-block:: bash cmake --build /tests_reg/build_rpi_single -- -j8 Binaries need to be converted with a small script ``pico_uf2.sh``. It uses `uf2conv.py `__ and it depends on `uf2families.json `__: both those files need to be copied into the same place where ``pico_uf2.sh`` runs. Also, you may need to give executable permissions to both ``pico_uf2.sh`` and ``uf2conv.py``. The tool takes the combined and signed S and NS images in `.bin` format, and outputs `.uf2`. It also generates the `.uf2` for the bootloader (`bl2.uf2`) and the provisioning bundle. .. code-block:: bash pico_uf2.sh build_rpi_single Then just copy the `bl2.uf2` and `tfm_s_ns_signed.uf2` files to the board, one at a time. It will run the BL2, S and NS tests and print the results to the UART (Baud rate must be set to 115200). If the board needs to be provisioned, the `.uf2` file containing the provisioning bundle needs to be copied before `tfm_s_ns_signed.uf2`. It only needs to be done once. .. note:: If a different application was copied to the board before, erasing the flash might be necessary. Erasing the flash ----------------- Generating flash sized image of zeros can be done with the truncate command, then it can be converted to the ```uf2`` format with the ``uf2conv.py`` utility. The resulting ``uf2`` file then needs to be copied to the board. Current platform flash size is 2 MB, please adjust size based on your board specs, i.e. ``PICO_FLASH_SIZE_BYTES``: .. code-block:: bash truncate -s 2M nullbytes2M.bin uf2conv.py nullbytes2M.bin --base 0x10000000 --convert --output nullbytes2M.uf2 --family 0xe48bff59 ------------- *SPDX-License-Identifier: BSD-3-Clause* *SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors*