Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for Raspberry-pi pico2 (rp2350) #524

Draft
wants to merge 10 commits into
base: master
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -227,6 +227,13 @@ IDE/Renesas/e2studio/RX72N/app_RenesasRX01/src/smc_gen
IDE/Renesas/e2studio/RX72N/wolfBoot/HardwareDebug
IDE/Renesas/e2studio/RX72N/wolfBoot/src/smc_gen

# IDE pico-sdk build directories
IDE/pico-sdk/rp2350/wolfboot/build
IDE/pico-sdk/rp2350/test-app/build

# Third party test application distributed off-tree
IDE/pico-sdk/rp2350/test-app/blink.c

# Renesas Libraries
lib/r_bsp
lib/r_config
Expand Down
95 changes: 95 additions & 0 deletions IDE/pico-sdk/rp2350/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
## wolfBoot port for rp2350 (Raspberry pi pico 2)

### Requirements

#### External debugger

As the two images (bootloader + application) are stored in different areas in
the flash memory, a SWD connector is required to upload the binary images into
the flash, as opposed to the default bootloader, allowing to upload non-signed
applications into a storage device

#### PicoSDK

Clone the repository from raspberrypi's github:

```
git clone https://github.com/raspberrypi/pico-sdk.git
```

Export the `PICO_SDK_PATH` environment variable to point to the pico-sdk directory:

```
export PICO_SDK_PATH=/path/to/pico-sdk
```

### Configuring wolfBoot to build with pico-sdk

From wolfBoot root directory, copy the example configuration:

```
cp config/examples/rp2350.config .config
```

By default, the config file indicates the following partition layout:

```
wolfBoot partition: 256 KB, at address 0x10000000 to 0x1003FFFF
Boot partition: 768 KB, at address 0x10040000 to 0x1007FFFF
Update partition: 768 KB, at address 0x10100000 to 0x1013FFFF
Swap space: 4 KB, at address 0x101C0000 to 0x101C0FFF
Unused flash space: 252 KB, at address 0x101C1000 to 0x101FFFFF
```

You can now edit the .config file to change partition sizes/offsets, algorithms,
add/remove features, etc.

When the configuration is complete, run `make`. This will:

- Build the key tools (keygen & sign):
- Generate the configuration header `target.h`
- Generate a new keypair (only once), and place the public key in the
keystore

The environment has now been prepared to build and flash the two images
(wolfBoot + test application).

### Building and uploading wolfBoot.bin

After preparing the configuration and creating the keypair,
return to this directory and run:

```
cd wolfboot
./build-wolfboot.sh
```

The script above will compile wolfboot as rp2350 second-stage bootloader.
This version of wolfboot incorporates the `.boot2` sequence needed to enable
the QSPI device, provided by the pico-sdk and always embedded in all
applications.

wolfboot.bin contains the bootloader, configured as follows:

### Building and uploading the application

```
cd test-app
./build-signed-app.sh
```
The script above will compile the test application and sign it with the
wolfBoot private key. The signed application is then uploaded to the boot
partition of the flash memory, at address 0x10040000.

The linker script included is modified to change the application entry point
from 0x10000000 to 0x10040400, which is the start of the application code,
taking into account the wolfBoot header size.


### Testing the application

The application is a simple blinky example, which toggles the LED on the board
every 500ms.

If the above steps are successful, the LED on the board should start blinking.

25 changes: 25 additions & 0 deletions IDE/pico-sdk/rp2350/test-app/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
cmake_minimum_required(VERSION 3.13)
set(WOLFBOOT_PATH ../../../../)
set(CMAKE_CXX_COMPILER arm-none-eabi-gcc)

include(${PICO_SDK_PATH}/pico_sdk_init.cmake)

set(PICOTOOL_FETCH_FROM_GIT_PATH ../wolfboot/build/picotool)
set(BOOT_STAGE2_FILE ${CMAKE_CURRENT_LIST_DIR}/boot2_empty.S)

project(blink)

# initialize the Raspberry Pi Pico SDK
pico_sdk_init()


add_executable(blink
blink.c
)

pico_set_linker_script(blink ../../../../../hal/rp2350-app.ld)
target_link_libraries(blink pico_stdlib)

# create map/bin/hex/uf2 file etc.
pico_add_extra_outputs(blink)

17 changes: 17 additions & 0 deletions IDE/pico-sdk/rp2350/test-app/build-signed-app.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/bin/bash

mkdir -p build
cd build
cmake .. -DPICO_SDK_PATH=$PICO_SDK_PATH -DPICO_PLATFORM=rp2350

# Get off-tree source file from raspberry pico-examples
curl -o blink.c https://raw.githubusercontent.com/raspberrypi/pico-examples/refs/tags/sdk-2.1.0/blink/blink.c

make clean && make

IMAGE_HEADER_SIZE=1024 ../../../../../tools/keytools/sign --sha256 --ecc256 blink.bin \
../../../../../wolfboot_signing_private_key.der 1

cd ..

JLinkExe -Device RP2350_M33_0 -If swd -Speed 4000 -CommanderScript flash_app.jlink
6 changes: 6 additions & 0 deletions IDE/pico-sdk/rp2350/test-app/flash_app.jlink
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
connect
r
loadfile build/blink_v1_signed.bin 0x10040000
r
g
exit
5 changes: 5 additions & 0 deletions IDE/pico-sdk/rp2350/wolfboot/.gdbinit
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
tar rem:3333
file build/wolfboot.elf
add-symbol-file ../test-app/build/blink.elf
foc c

73 changes: 73 additions & 0 deletions IDE/pico-sdk/rp2350/wolfboot/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
cmake_minimum_required(VERSION 3.13)
set(WOLFBOOT_PATH ../../../..)
set(CMAKE_CXX_COMPILER arm-none-eabi-gcc)

include(${PICO_SDK_PATH}/pico_sdk_init.cmake)

set(PICOTOOL_FETCH_FROM_GIT_PATH build/picotool)

project(wolfboot)

# initialize the Raspberry Pi Pico SDK
pico_sdk_init()


add_executable(wolfboot
${WOLFBOOT_PATH}/src/image.c
${WOLFBOOT_PATH}/src/loader.c
${WOLFBOOT_PATH}/src/update_flash.c
${WOLFBOOT_PATH}/src/keystore.c
${WOLFBOOT_PATH}/src/libwolfboot.c
${WOLFBOOT_PATH}/src/boot_arm.c

${WOLFBOOT_PATH}/hal/rp2350.c

${WOLFBOOT_PATH}/lib/wolfssl/wolfcrypt/src/sp_int.c
${WOLFBOOT_PATH}/lib/wolfssl/wolfcrypt/src/sp_cortexm.c
${WOLFBOOT_PATH}/lib/wolfssl/wolfcrypt/src/memory.c
${WOLFBOOT_PATH}/lib/wolfssl/wolfcrypt/src/random.c
${WOLFBOOT_PATH}/lib/wolfssl/wolfcrypt/src/sha256.c
${WOLFBOOT_PATH}/lib/wolfssl/wolfcrypt/src/sha512.c
${WOLFBOOT_PATH}/lib/wolfssl/wolfcrypt/src/aes.c
${WOLFBOOT_PATH}/lib/wolfssl/wolfcrypt/src/ecc.c
)

# Add cflags
target_compile_options(wolfboot PRIVATE
-D__WOLFBOOT
-D__ARM_ARCH_6M__
-DWOLFSSL_USER_SETTINGS
-mcpu=cortex-m33
-DCORTEX_M33
-DWOLFSSL_SP_ASM
-DWOLFSSL_SP_ARM_CORTEX_M_ASM
-DWOLFSSL_ARM_ARCH=8
-DARCH_FLASH_OFFSET=0x10000000
-DWOLFBOOT_ORIGIN=0x10000000
-DBOOTLOADER_PARTITION_SIZE=0x40000
-DWOLFBOOT_ARCH_ARM
-DTARGET_rp2350
-DWOLFBOOT_SIGN_ECC256
-DRAM_CODE
-DFILL_BYTE=0xFF
-Os
-DWOLFBOOT_NO_MPU
-DWOLFBOOT_HASH_SHA256
-DIMAGE_HEADER_SIZE=1024
-Wstack-usage=7632
)


target_include_directories(wolfboot PRIVATE
${WOLFBOOT_PATH}/include
${WOLFBOOT_PATH}/lib/wolfssl
)

target_link_libraries(wolfboot pico_stdlib hardware_flash)
pico_set_linker_script(wolfboot ../../../../../hal/rp2350.ld)

pico_enable_stdio_usb(wolfboot 1)
pico_enable_stdio_uart(wolfboot 0)


pico_add_extra_outputs(wolfboot)
10 changes: 10 additions & 0 deletions IDE/pico-sdk/rp2350/wolfboot/build-wolfboot.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
#!/bin/bash
#cd ../../../.. && make keytools && make src/keystore.c && cd -
cd ../../../.. && make include/target.h && cd -
mkdir -p build
cd build
cmake .. -DPICO_SDK_PATH=$PICO_SDK_PATH -DPICO_PLATFORM=rp2350
make clean && make
cd ..
JLinkExe -Device RP2350_M33_0 -If swd -Speed 4000 -CommanderScript erase.jlink
JLinkExe -Device RP2350_M33_0 -If swd -Speed 4000 -CommanderScript flash_wolfboot.jlink
2 changes: 2 additions & 0 deletions IDE/pico-sdk/rp2350/wolfboot/debug.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
#!/bin/bash
JLinkGDBServer -Device RP2350_M33_0 -If swd -Speed 4000 -port 3333
6 changes: 6 additions & 0 deletions IDE/pico-sdk/rp2350/wolfboot/erase.jlink
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
connect
r
erase
r
h
exit
6 changes: 6 additions & 0 deletions IDE/pico-sdk/rp2350/wolfboot/flash_wolfboot.jlink
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
connect
r
loadfile build/wolfboot.bin 0x10000000
r
g
exit
7 changes: 7 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,10 @@ ifeq ($(TARGET),sama5d3)
MAIN_TARGET:=wolfboot.bin test-app/image_v1_signed.bin
endif

ifeq ($(TARGET),rp2350)
MAIN_TARGET:=include/target.h keytools wolfboot_signing_private_key.der pico-sdk-info
endif


ifeq ($(FLASH_OTP_KEYSTORE),1)
MAIN_TARGET+=tools/keytools/otp/otp-keystore-primer.bin
Expand Down Expand Up @@ -447,6 +451,9 @@ secondary: $(SECONDARY_PRIVATE_KEY)
@echo "\t[AS-$(ARCH)] $@"
$(Q)$(CC) $(CFLAGS) -c $(OUTPUT_FLAG) $@ $^

pico-sdk-info: FORCE
@echo "To complete the build, check IDE/pico-sdk/rp2350"

FORCE:

.PHONY: FORCE clean keytool_check
17 changes: 16 additions & 1 deletion arch.mk
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,21 @@ ifeq ($(ARCH),ARM)
SPI_TARGET=stm32
endif

ifeq ($(TARGET),rp2350)
CORTEX_M33=1
CFLAGS+=-Ihal
ARCH_FLASH_OFFSET=0x10000000
WOLFBOOT_ORIGIN=0x10000000
ifeq ($(TZEN),1)
LSCRIPT_IN=hal/$(TARGET).ld
else
LSCRIPT_IN=hal/$(TARGET)-ns.ld
endif
SPI_TARGET=raspberrypi_pico
CFLAGS+=-DPICO_SDK_PATH=$(PICO_SDK_PATH)
CFLAGS+=-I$(PICO_SDK_PATH)/src/common/pico_stdlib_headers/include
endif

ifeq ($(TARGET),sama5d3)
CORTEX_A5=1
UPDATE_OBJS:=src/update_ram.o
Expand Down Expand Up @@ -1070,7 +1085,7 @@ ifeq ($(TARGET),sim)
CFLAGS+=-DWOLFSSL_SP_DIV_WORD_HALF
endif
ifeq ($(WOLFHSM_CLIENT),1)
WOLFHSM_CLIENT_OBJS += $(LIBDIR)/wolfHSM/port/posix/posix_transport_tcp.o
WOLFHSM_CLIENT_OBJS += $(LIBDIR)/wolfHSM/port/posix/posix_transport_tcp.o
endif
endif

Expand Down
25 changes: 25 additions & 0 deletions config/examples/rp2350.config
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
ARCH?=ARM
TZEN?=0
TARGET?=rp2350
SIGN?=ECC256
HASH?=SHA256
DEBUG?=0
VTOR?=1
CORTEX_M33?=1
NO_ASM?=0
NO_MPU=1
EXT_FLASH?=0
SPI_FLASH?=0
ALLOW_DOWNGRADE?=0
SPMATH?=1
RAM_CODE?=1
WOLFBOOT_PARTITION_SIZE?=0xC0000
WOLFBOOT_SECTOR_SIZE?=0x2000
WOLFBOOT_PARTITION_BOOT_ADDRESS=0x10040000
WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x10100000
WOLFBOOT_PARTITION_SWAP_ADDRESS=0x101C0000

PICO_SDK_PATH=/home/dan/src/pico-sdk

# Use a larger image header size to enforce alignment requirements for the interrupt vector table
IMAGE_HEADER_SIZE?=1024
5 changes: 5 additions & 0 deletions docs/Targets.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ This README describes configuration of supported targets.
* [NXP T1024 PPC](#nxp-qoriq-t1024-ppc)
* [NXP T2080 PPC](#nxp-qoriq-t2080-ppc)
* [Qemu x86-64 UEFI](#qemu-x86-64-uefi)
* [Raspberry Pi pico 2 (rp2350)](#raspberry-pi-pico-rp2350)
* [Renesas RA6M4](#renesas-ra6m4)
* [Renesas RX65N](#renesas-rx65n)
* [Renesas RX72N](#renesas-rx72n)
Expand Down Expand Up @@ -2510,6 +2511,10 @@ make test-sim-internal-flash-with-update
Note: This also works on Mac OS, but `objcopy` does not exist. Install with `brew install binutils` and make using `OBJCOPY=/usr/local/Cellar//binutils/2.41/bin/objcopy make`.


## Raspberry Pi Pico rp2350

See instructions in [IDE/pico-sdk/rp2350/README.md](/IDE/pico-sdk/rp2350/README.md)

## Renesas RX65N

Tested on the:
Expand Down
6 changes: 3 additions & 3 deletions hal/stm32_tz.h → hal/armv8m_tz.h
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
/* stm32_tz.h
/* armv8m_tz.h
*
* Copyright (C) 2024 wolfSSL Inc.
*
Expand All @@ -19,8 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/

#ifndef STM32_TZ_INCLUDED
#define STM32_TZ_INCLUDED
#ifndef TZ_INCLUDED
#define TZ_INCLUDED
#include <stdint.h>

/* SAU registers, used to define memory mapped regions */
Expand Down
Loading