Hi. Anton Komlev. I'm phillip kim (jonghyeok kim).
I have posted a new thread on https://lists.trustedfirmware.org/ But, I can't find my thread. I have heard this website had some problem.
The thread i posted is below.
=================================================================================================================
Hello all,
I'm developing the RSE Firmware based on rdv3r1. And I'm trying to use ADAC feature. I found conflicted ADAC Configuration.
Below file, the adac is app rot. \tf-m\cmake_build\rdv3r1\0\lib\ext\tf-m-extras-src\partitions\adac\CMakeLists
And Below file, the adac is psa rot. \tf-m\cmake_build\rdv3r1\0\lib\ext\tf-m-extras-src\partitions\adac\tfm_adac.yaml
Please explain about each two files.
1) Platform (arm neoverse RDV3R1 (RSE))
repo init -u https://git.gitlab.arm.com/infra-solutions/reference-design/infra-refdesign-... -m <manifest-file-name> -b refs/tags/<RELEASE_TAG> --depth=1
repo sync -c -j $(nproc) --fetch-submodules --force-sync --no-clone-bundle
manifest file: pinned-rdv3r1.xml
release tag: refs/tags/RD-INFRA-2025.07.03
2) Enabling the ADAC Parameter
set(PLATFORM_PSA_ADAC_SECURE_DEBUG TRUE CACHE BOOL "Whether to use psa-adac secure debug.") set(PLATFORM_PSA_ADAC_VERSION "cbd17d8" CACHE STRING "The version of psa-adac to use.") set(TFM_EXTRAS_REPO_EXTRA_PARTITIONS "adac;measured_boot;delegated_attestation;dice_protection_environment;scmi" CACHE STRING "List of extra secure partition directory name(s)")
set(TFM_EXTRAS_REPO_EXTRA_MANIFEST_LIST "partitions/adac/adac_manifest_list.yaml;partitions/measured_boot/measured_boot_manifest_list.yaml;partitions/delegated_attestation/delegated_attestation_manifest_list.yaml;partitions/dice_protection_environment/dpe_manifest_list.yaml" CACHE STRING "List of extra secure partition manifests")
set(TFM_PARTITION_ADAC ON CACHE BOOL "Whether to use psa-adac secure debug.")
3) Build Command ./build-scripts/build-test-uefi.sh -p rdv3r1 build
Thanks
Best Regards
Phillip =================================================================================================================
Thanks
Hello Phillip,
If I understand your concern correctly, you are seeing what looks like a conflict between these two files regarding the ADAC partition type:
https://git.trustedfirmware.org/plugins/gitiles/TF-M/tf-m-extras.git/+/refs/... https://git.trustedfirmware.org/plugins/gitiles/TF-M/tf-m-extras.git/+/refs/...
There isn’t actually a conflict. The manifest (tfm_adac.yaml) explicitly declares the partition type as "type": "PSA-ROT". The CMake file builds a target named tfm_psa_rot_partition_adac and links it into tfm_partitions, as a PSA RoT path. It is not an APP RoT.
So both files are aligned: ADAC is treated as a PSA RoT partition. The fact that it lives under tf-m-extras/partitions is just repository layout and doesn’t imply App RoT.
Hope this helps clarify things!
Best Regards, Maulik ________________________________ From: 김종혁 via TF-M tf-m@lists.trustedfirmware.org Sent: 27 January 2026 12:52 AM To: Anton Komlev via TF-M tf-m@lists.trustedfirmware.org Subject: [TF-M] Conflicted ADAC Configuration
Hi. Anton Komlev.
I'm phillip kim (jonghyeok kim).
I have posted a new thread on https://lists.trustedfirmware.org/
But, I can't find my thread.
I have heard this website had some problem.
The thread i posted is below.
=================================================================================================================
Hello all,
I'm developing the RSE Firmware based on rdv3r1.
And I'm trying to use ADAC feature.
I found conflicted ADAC Configuration.
Below file, the adac is app rot.
\tf-m\cmake_build\rdv3r1\0\lib\ext\tf-m-extras-src\partitions\adac\CMakeLists
And Below file, the adac is psa rot.
\tf-m\cmake_build\rdv3r1\0\lib\ext\tf-m-extras-src\partitions\adac\tfm_adac.yaml
Please explain about each two files.
1) Platform (arm neoverse RDV3R1 (RSE))
repo init -u https://git.gitlab.arm.com/infra-solutions/reference-design/infra-refdesign-... -m <manifest-file-name> -b refs/tags/<RELEASE_TAG> --depth=1
repo sync -c -j $(nproc) --fetch-submodules --force-sync --no-clone-bundle
manifest file: pinned-rdv3r1.xml
release tag: refs/tags/RD-INFRA-2025.07.03
2) Enabling the ADAC Parameter
set(PLATFORM_PSA_ADAC_SECURE_DEBUG TRUE CACHE BOOL "Whether to use psa-adac secure debug.")
set(PLATFORM_PSA_ADAC_VERSION "cbd17d8" CACHE STRING "The version of psa-adac to use.")
set(TFM_EXTRAS_REPO_EXTRA_PARTITIONS "adac;measured_boot;delegated_attestation;dice_protection_environment;scmi" CACHE STRING "List of extra secure partition directory name(s)")
set(TFM_EXTRAS_REPO_EXTRA_MANIFEST_LIST "partitions/adac/adac_manifest_list.yaml;partitions/measured_boot/measured_boot_manifest_list.yaml;partitions/delegated_attestation/delegated_attestation_manifest_list.yaml;partitions/dice_protection_environment/dpe_manifest_list.yaml" CACHE STRING "List of extra secure partition manifests")
set(TFM_PARTITION_ADAC ON CACHE BOOL "Whether to use psa-adac secure debug.")
3) Build Command
./build-scripts/build-test-uefi.sh -p rdv3r1 build
Thanks
Best Regards
Phillip
=================================================================================================================
Thanks
tf-m@lists.trustedfirmware.org
-
Maulik Patel -
김종혁