Nordic nrf54l port (with and without TrustZone)

Author: mattia-moffa

CMakeLists.txt

@@ -395,6 +395,7 @@ if(NOT DEFINED ARM_TARGETS)
                             nrf52840
                             nrf5340
                             nrf5340_net
+                            nrf54l
                             rp2350
                             sama5d3
                             same51

arch.mk

@@ -805,6 +805,12 @@ ifeq ($(TARGET),nrf5340)
   endif
 endif
 
+ifeq ($(TARGET),nrf54l)
+  ifneq ($(TZEN), 1)
+    LSCRIPT_IN=hal/$(TARGET)-ns.ld
+  endif
+endif
+
 ifeq ($(TARGET),nrf5340_net)
   # Net core doesn't support DSP and FP
   CFLAGS+=-mcpu=cortex-m33+nodsp+nofp

config/examples/nrf54l15-wolfcrypt-tz.config

@@ -0,0 +1,65 @@
+ARCH?=ARM
+TZEN?=1
+TARGET?=nrf54l
+SIGN?=ECC384
+HASH?=SHA384
+WOLFBOOT_VERSION?=1
+VTOR?=1
+CORTEX_M0?=0
+CORTEX_M33?=1
+NO_ASM?=0
+NO_MPU=1
+ALLOW_DOWNGRADE?=0
+NVM_FLASH_WRITEONCE?=0
+DELTA_UPDATES?=1
+
+SPMATH?=1
+RAM_CODE?=1
+
+DUALBANK_SWAP?=0
+FLAGS_HOME=0
+DISABLE_BACKUP=0
+EXT_FLASH?=0
+SPI_FLASH?=0
+QSPI_FLASH?=0
+UART_FLASH?=0
+
+WOLFCRYPT_TZ?=1
+WOLFCRYPT_TZ_PKCS11?=1
+
+# 4096 sector size (the RRAM doesn't have an intrinsic page size)
+WOLFBOOT_SECTOR_SIZE?=0x1000
+
+# Flash layout
+#
+#   0x00000000 - 0x0004EFFF  wolfBoot (316 KB)         secure
+#   0x0004F000 - 0x00064FFF  Keyvault (88 KB)          secure
+#   0x00065000 - 0x00065FFF  NSC region (4 KB)         non-secure callable
+#   0x00066000 - 0x000F0FFF  Boot partition (556 KB)   non-secure
+#   0x000F1000 - 0x0017BFFF  Update partition (556 KB) secure
+#   0x0017C000 - 0x0017CFFF  Swap area (4 KB)          secure
+#
+# The update partition is meant to be written to via wolfBoot's NSC veneers
+
+WOLFBOOT_KEYVAULT_ADDRESS?=0x4F000
+WOLFBOOT_KEYVAULT_SIZE?=0x16000
+
+WOLFBOOT_NSC_ADDRESS?=0x65000
+WOLFBOOT_NSC_SIZE?=0x1000
+
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x66000
+WOLFBOOT_PARTITION_SIZE?=0x8B000
+
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0xF1000
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x17C000
+
+V?=0
+DEBUG?=0
+DEBUG_UART?=1
+USE_GCC=1
+OPTIMIZATION_LEVEL=2
+
+# Use larger block size for swapping sectors (performance improvement)
+CFLAGS_EXTRA+=-DFLASHBUFFER_SIZE=0x1000
+
+#CFLAGS_EXTRA+=-DDEBUG_FLASH

config/examples/nrf54l15.config

@@ -0,0 +1,60 @@
+ARCH?=ARM
+TZEN?=0
+TARGET?=nrf54l
+SIGN?=ECC384
+HASH?=SHA384
+WOLFBOOT_VERSION?=1
+VTOR?=1
+CORTEX_M0?=0
+CORTEX_M33?=1
+NO_ASM?=0
+NO_MPU=1
+ALLOW_DOWNGRADE?=0
+NVM_FLASH_WRITEONCE?=0
+DELTA_UPDATES?=1
+
+SPMATH?=1
+RAM_CODE?=1
+
+DUALBANK_SWAP?=0
+FLAGS_HOME=0
+DISABLE_BACKUP=0
+EXT_FLASH?=0
+SPI_FLASH?=0
+QSPI_FLASH?=0
+UART_FLASH?=0
+
+# 4096 sector size (the RRAM doesn't have an intrinsic page size)
+WOLFBOOT_SECTOR_SIZE?=0x1000
+
+# Reserve the first 64KB of internal flash for wolfBoot itself
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x10000
+
+# Application partition spans the remainder of the 1524K internal flash
+# (1524K - 64K - 4K) / 2 = 728K = 0xB6000
+WOLFBOOT_PARTITION_SIZE?=0xB6000
+
+# Flash offset for application update image
+# (64K + 728K) = 792K = 0xC6000
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0xC6000
+
+# Flash offset for swap area
+# (1524K - 4K) = 1520K = 0x17C000
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x17C000
+
+V?=0
+DEBUG?=0
+DEBUG_UART?=1
+USE_GCC=1
+OPTIMIZATION_LEVEL=2
+
+# Use larger block size for swapping sectors (performance improvement)
+CFLAGS_EXTRA+=-DFLASHBUFFER_SIZE=0x1000
+
+# SPI flash hookup for the DK radio shield
+#CFLAGS_EXTRA+=-DSPI_CS_PORT=0  -DSPI_CS_PIN=25
+#CFLAGS_EXTRA+=-DSPI_SCK_PORT=0 -DSPI_SCK_PIN=29
+#CFLAGS_EXTRA+=-DSPI_MOSI_PORT=0 -DSPI_MOSI_PIN=28
+#CFLAGS_EXTRA+=-DSPI_MISO_PORT=0 -DSPI_MISO_PIN=27
+
+#CFLAGS_EXTRA+=-DDEBUG_FLASH

docs/Targets.md

@@ -17,6 +17,7 @@ This README describes configuration of supported targets.
 * [Microchip SAME51](#microchip-same51)
 * [Nordic nRF52840](#nordic-nrf52840)
 * [Nordic nRF5340](#nordic-nrf5340)
+* [Nordic nRF54L15](#nordic-nrf54l15)
 * [NXP iMX-RT](#nxp-imx-rt)
 * [NXP Kinetis](#nxp-kinetis)
 * [NXP LPC54xxx](#nxp-lpc54xxx)
@@ -4060,6 +4061,120 @@ c
 ```
 
 
+## Nordic nRF54L15
+
+Tested with the Nordic nRF54L15-DK. This device features a 128MHz Arm Cortex-M33 application
+processor with TrustZone support, a 128MHz RISC-V coprocessor (VPR) used as a SoftPeripheral,
+1524KB of RRAM (Resistive RAM), and 256KB of RAM. wolfBoot runs on the Cortex-M33 only and does
+not interact with the RISC-V coprocessor.
+
+Two configurations are available at `config/examples`:
+
+- `nrf54l15.config`: TrustZone disabled; wolfBoot and the application always run in secure mode.
+  Delta updates are enabled.
+
+- `nrf54l15-wolfcrypt-tz.config`: TrustZone enabled; wolfBoot runs in secure mode and boots the
+  application as non-secure code. Includes a non-secure callable (NSC) wolfPKCS11 API for
+  cryptographic operations via wolfCrypt, and a secure keyvault managed by wolfBoot. The update
+  partition is in secure memory and is intended to be written via wolfBoot's NSC veneers from the
+  non-secure application. See the "NSC API" section in `docs/API.md`.
+
+### Flash Memory Layout
+
+#### nrf54l15.config
+
+```
+0x00000000 - 0x0000FFFF  wolfBoot        (64 KB)
+0x00010000 - 0x000C5FFF  Boot partition  (728 KB)
+0x000C6000 - 0x0017BFFF  Update partition (728 KB)
+0x0017C000 - 0x0017CFFF  Swap area       (4 KB)
+```
+
+#### nrf54l15-wolfcrypt-tz.config
+
+```
+0x00000000 - 0x0004EFFF  wolfBoot         (316 KB)  secure
+0x0004F000 - 0x00064FFF  Keyvault          (88 KB)  secure
+0x00065000 - 0x00065FFF  NSC region         (4 KB)  non-secure callable
+0x00066000 - 0x000F0FFF  Boot partition    (556 KB)  non-secure
+0x000F1000 - 0x0017BFFF  Update partition  (556 KB)  secure
+0x0017C000 - 0x0017CFFF  Swap area          (4 KB)  secure
+```
+
+### UART
+
+Debug output is available on UART20, connected to the J-Link VCOM port (TX=P1.4, RX=P1.5).
+A secondary UART (UART30, TX=P0.0, RX=P0.1) is reserved for the `UART_FLASH` feature.
+
+### Building
+
+```sh
+cp config/examples/nrf54l15.config .config
+make clean
+make
+```
+
+Or, for the TrustZone + wolfCrypt variant:
+
+```sh
+cp config/examples/nrf54l15-wolfcrypt-tz.config .config
+make clean
+make
+```
+
+### Flashing
+
+Flash the factory image using JLink:
+
+```
+JLinkExe -device nRF54L15_xxAA -if SWD -speed 4000 -autoconnect 1
+loadbin factory.bin 0x0
+rnh
+```
+
+### Testing an Update
+
+Sign the test application as version 2, then write the update trigger magic (`pBOOT`)
+at the end of the partition.
+
+#### nrf54l15.config (partition size 0xB6000)
+
+```sh
+tools/keytools/sign --ecc384 --sha384 test-app/image.bin wolfboot_signing_private_key.der 2
+echo -n "pBOOT" > trigger_magic.bin
+./tools/bin-assemble/bin-assemble \
+  update.bin \
+    0x0      test-app/image_v2_signed.bin \
+    0xB5FFB  trigger_magic.bin
+```
+
+Flash the assembled image to the update partition:
+
+```
+JLinkExe -device nRF54L15_xxAA -if SWD -speed 4000 -autoconnect 1
+loadbin update.bin 0xC6000
+rnh
+```
+
+#### nrf54l15-wolfcrypt-tz.config (partition size 0x8B000)
+
+```sh
+tools/keytools/sign --ecc384 --sha384 test-app/image.bin wolfboot_signing_private_key.der 2
+echo -n "pBOOT" > trigger_magic.bin
+./tools/bin-assemble/bin-assemble \
+  update.bin \
+    0x0      test-app/image_v2_signed.bin \
+    0x8AFFB  trigger_magic.bin
+```
+
+Flash the assembled image to the update partition:
+
+```
+JLinkExe -device nRF54L15_xxAA -if SWD -speed 4000 -autoconnect 1
+loadbin update.bin 0xF1000
+rnh
+```
+
 ## Simulated
 
 You can create a simulated target that uses files to mimic an internal and

hal/nrf54l-ns.ld

@@ -0,0 +1,52 @@
+MEMORY
+{
+    FLASH (rx) :     ORIGIN = @ARCH_FLASH_OFFSET@, LENGTH = @BOOTLOADER_PARTITION_SIZE@
+    RAM (rwx) :      ORIGIN = 0x20000000, LENGTH = 256K
+}
+
+SECTIONS
+{
+    .text :
+    {
+        _start_text = .;
+        KEEP(*(.isr_vector))
+        *(.boot*)
+        *(.text*)
+        *(.rodata*)
+        *(.init*)
+        *(.fini*)
+        . = ALIGN(4);
+        _end_text = .;
+    } > FLASH
+
+    .edidx :
+    {
+        . = ALIGN(4);
+        *(.ARM.exidx*)
+    } > FLASH
+
+    _stored_data = .;
+
+    .data : AT (_stored_data)
+    {
+        _start_data = .;
+        KEEP(*(.data*))
+        . = ALIGN(4);
+        _end_data = .;
+    } > RAM
+
+    .bss (NOLOAD) :
+    {
+        _start_bss = .;
+        __bss_start__ = .;
+        *(.bss*)
+        *(COMMON)
+        . = ALIGN(4);
+        _end_bss = .;
+        __bss_end__ = .;
+        _end = .;
+    } > RAM
+    . = ALIGN(4);
+}
+
+END_STACK = ORIGIN(RAM) + LENGTH(RAM);