-----Original Message----- From: David Brown david.brown@linaro.org Sent: Thursday, March 14, 2019 4:25 PM To: Christopher Brand chris.brand@cypress.com Cc: tf-m@lists.trustedfirmware.org Subject: Re: [TF-M] [RFC] twin cpu bootloader design document
On Thu, Mar 14, 2019 at 06:51:04PM +0000, Christopher Brand via TF-M wrote:
I've posted a design document for bootloader changes to support twin cpu at https://developer.trustedfirmware.org/w/tf_m/design/twin-
cpu/bootloader
/
There are efforts underway to get the TF-M changes to the bootloader contributed back to the upstream MCUboot project.
Is there a timeframe for this?
We should be trying to make sure that we continue this effort, as well as to make sure that any efforts to extend the bootloader are done upstream, and not in the TF-M-specific branch.
Ultimately, this is a single additional call into platform-specific code to start the non-secure CPU (the other changes will be in the early secure and non-secure TF-M code), so it's a small change. Seems to me that it makes sense to coordinate it with the upstreaming of the MCUboot changes - if the TF-M changes have already been merged into the upstream MCUboot project by the time the twin CPU support is merged then I'm happy to push this change there separately. If they haven't, then this change should be included with the other TF-M changes to MCUboot. Does that make sense?
Are you expecting to be running the non-secure CPU before the secure CPU has finished verifying the images?
The plan is to add a call to start the non-secure CPU after both verifying the image and setting up any hardware protection.
David
Chris
This message and any attachments may contain confidential information from Cypress or its subsidiaries. If it has been received in error, please advise the sender and immediately delete this message.