modules: tf-m: rework output file generation #98730
Conversation
JordanYates
added
area: TF-M
zephyrbot
requested review from
57300,
Vge0rge,
d3zd3z,
ithinuel,
jeremybettis,
nashif,
nordicjm,
tejlmand,
tomi-font,
valeriosetti and
wearyzen
JordanYates
force-pushed
the
251102_tfm_files
branch
from
0cd0379 to
0afe6fc
Compare
|
Hi @JordanYates , I did not look in deep your changes but I would like to reinfoce: 1- The image that is flashed in production and in development (HEX FILE) MUST be confirmed.
That said, my original intention was (following your recommendation in the original PR) create valid names to differentiate the confirmed vs non-confirmed image. First should be used in production and second in FOTA. In my eyes, at least in your last commit, it seems that you are providing the binary confirmed - which violates [2]. So, if there are different use cases that requires the BIN to be already confirmed we need to provide a way to fulfill that requirement in all scenarios. |
This is a frustrating comment. If you haven't looked at the details why bring up points that you have no idea whether they are relevant or not. It just wastes everyones time.
Great, absolutely nothing has changed with respect to
Great, that is the purpose of
Not to be rude, but it sounds like you understood my recommendation and then ignored it.
The correct file to use for OTA updates (As explicitly said in the PR description) is |
I wish I had the proper amount of time to proper evaluate and you are talking about frustration. Frustration is working for months to get issues fixed and the PR got merged in the last day because someone don't came back. When I had a setup and time to evaluate where were you? Now in the RC-2 you want people be available to you as nothing happened. You could at least tag me to double check, which in my humble opinion, is the minimal to be professional. But thank you for clarify my concerns. I was looking in the docs and they need to be changed to not create confusion. 
I think it will be necessary to state what are the new artifacts to make clear to everyone. Proper naming convention could be necessary to easy follow the main idea. You want to have BIN files generated as same as HEX, I think this should be conditioned to the Kconfig option that states to generate bin files copies. |
I did nack the original PR twice and commented over a few weeks the same issues, which were not resolved.
That's my bad, I assumed Github would automatically notify you since you so recently made changes, but didn't initially check. I did see that you were tagged two hours after the PR was opened, there didn't seem much reason to tag you again.
Yes
I want to have file names mean something |
There are other textual updates, but this is the key table I am proposing. |
JordanYates
force-pushed
the
251102_tfm_files
branch
from
4eddd41 to
179ec23
Compare
Also just to address this, I know its not ideal, but it takes me time to update my fork to newer releases and start testing, which then requires finding and fixing issues before a PR can be opened. You may notice this PR was opened on a Sunday evening, I'm trying to raise and fix issues as quickly as possible. It may be RC2, but its only 5 business days after RC1, the first call for testing. |
nordicjm
left a comment
nordicjm
left a comment
There was a problem hiding this comment.
it should be noted that what happens in this file is (and was) wrong, there are Kconfigs for specifying the output file formats, CONFIG_BUILD_OUTPUT_HEX and CONFIG_BUILD_OUTPUT_BIN, neither of which seem to be checked or used here
Stop `--output-bin` from consuming the first trailing argument that should have been in `input_files`. Signed-off-by: Jordan Yates <jordan@embeint.com>
Fix formatting errors that cause CI to complain. Signed-off-by: Jordan Yates <jordan@embeint.com>
`S_NS_CONFIRMED_HEX_FILE` was never generating a confirmed file, just the same file contents as `S_NS_HEX_FILE`. Since no logic needs a confirmed merge of `tfm_s.hex` and `zephyr.hex`, just remove the logic instead of fixing it. Signed-off-by: Jordan Yates <jordan@embeint.com>
Generate a binary version of `tfm_s_zephyr_ns_signed.hex` with objcopy. This file is valid for performing OTA upgrades, unlike `tfm_merged.bin`, which contains BL2. Signed-off-by: Jordan Yates <jordan@embeint.com>
Since `tfm_merged.bin` now contains BL2, it can only be used for the same purposes as `tfm_merged.hex` (intial firmware loading). Therefore it should be using the confirmed images that `tfm_merged.hex` does. Since the only difference between the two files with that change is now the output format, we can directly generate `tfm_merged.bin` from `tfm_merged.hex` with `objcopy` instead of going through `mergehex.py`. Signed-off-by: Jordan Yates <jordan@embeint.com>
Document the useful output files that exist, which files they are constructed from, and what they can be used for. Update other sections that are no longer correct with changes. Signed-off-by: Jordan Yates <jordan@embeint.com>
JordanYates
force-pushed
the
251102_tfm_files
branch
from
179ec23 to
e410e2d
Compare
That's a good point, but unless I am mistaken respecting those options requires this PR. |
The files used for generating them should be the same, yes, but the hex should not be generated if the Kconfig is not selected but the bin file should be :) |
|
Do you want that as part of this PR? I would leave it for the next feature cycle |
Not for this PR but a future task, this fixes a bug and the behaviour has not changed in this PR in regards to that from the existing behaviour so it's been a bug for a while |
1- I think the output content is correct. |
Maybe we open an issue to be addressed in future and not to forget ? |
Great
I don't pretend to know every possible upgrade mechanism, maybe there is some custom thing that wants a hex file uploaded to the cloud and it handles processing it to some other form. The file is available there, with the same logical contents as the
I tweaked the table after the screenshot, every file in the table has a
Probably, but the file has been called |
|
so what is the point here, I unfortunately never used tf-m. |
Fixing the linked issue |
|
If I interpret it right, instead of combining bin and hex separate, the merged bin files is now created from the merged hex files |
No. |
@nordicjm correct, but for the TF-M then zephyr/modules/trusted-firmware-m/Kconfig.tfm Lines 39 to 44 in dbcfb77 |
tejlmand
left a comment
tejlmand
left a comment
There was a problem hiding this comment.
Approving this PR as it does fixes issues related to earlier merged PR.
That said, I do think its unfortunate that bin output is depending on hex output, but as TF-M enforces hex output, then this is not an issue in practice.
| help="What to do when files overlap (error, ignore, replace). " | ||
| "See IntelHex.merge() for more info.") | ||
| parser.add_argument("--output-bin", default=False, | ||
| parser.add_argument("--output-bin", action='store_true', |
There was a problem hiding this comment.
I do know that some of this are just trying to patch what was done in #94470 with regards to how mergehex is used to create bin file.
One can discuss if script name / purpose should be updated.
That said, this change fixes an immediate issue which is good 👍
| $<$<NOT:$<BOOL:${CONFIG_TFM_BL1}>>:$<TARGET_PROPERTY:tfm,BL2_HEX_FILE>> | ||
| ${S_NS_SIGNED_CONFIRMED_HEX_FILE} | ||
|
|
||
| COMMAND ${CMAKE_OBJCOPY} --input-target=ihex --output-target=binary ${MERGED_HEX_FILE} ${MERGED_BIN_FILE} |
There was a problem hiding this comment.
I agree that because mergehex already works on the hex files in order to produce the bin binary, then there is no reason for going through an extra mergehex path.
The question regarding bin output depending on hex output, and thus mergehex producing bin output is another (though important) discussion, is something which I don't think belong here.
Thus approving this change.
nandojve
left a comment
nandojve
left a comment
There was a problem hiding this comment.
Thank you for the fixing @JordanYates
7 participants
Stop
mergehex.pyargument--output-binfrom consuming the first trailing argument that should have been ininput_files.S_NS_CONFIRMED_HEX_FILEwas never generating a confirmed file, just the same file contents asS_NS_HEX_FILE. Since no logic needs a confirmed merge oftfm_s.hexandzephyr.hex, just remove the logic instead of fixing it.Generate a binary version of
tfm_s_zephyr_ns_signed.hexwith objcopy. This file is valid for performing OTA upgrades, unliketfm_merged.bin, which now contains BL2.Generate
tfm_merged.binfromtfm_merged.hexwith objcopy.Fixes #98728
After this PR, the correct file to use for OTA upgrades with
CONFIG_TFM_MCUBOOT_IMAGE_NUMBER=1istfm_s_zephyr_ns_signed.bin, nottfm_merged.bin.