boards: arm: nrf: explicitly set Load size for strictly Secure builds

This commit adds a patch in the Kconfig.defconfig file of nRF9160_pca10090 board, that instructs the linker to restrict the Secure image to the size of its code partition, if the image is to be combined with a Non-Secure image. Secure images without accompanying Non-Secure firmware (i.e. with symbol TRUSTED_EXECUTION_SECURE not set) can use the entire flash. Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
2019-02-22 12:24:27 +01:00 · 2019-02-22 12:24:27 +01:00 · 0122bacd2c
commit 0122bacd2c
parent 8506e8f912
1 changed files with 12 additions and 2 deletions
--- a/boards/arm/nrf9160_pca10090/Kconfig.defconfig
+++ b/boards/arm/nrf9160_pca10090/Kconfig.defconfig
@ -38,12 +38,22 @@ config SPI_3
 endif # SPI

 # For the secure version of the board the firmware is linked at the beginning
-# of the flash, or in the code-partition defined in DT if it is intended to
-# be loaded by MCUboot. For the non-secure version of the board, the firmware
+# of the flash, or into the code-partition defined in DT if it is intended to
+# be loaded by MCUboot. If the secure firmware is to be combined with a non-
+# secure image (TRUSTED_EXECUTION_SECURE=y), the secure FW image shall always
+# be restricted to the size of its code partition.
+# For the non-secure version of the board, the firmware
 # must be linked into the code-partition (non-secure) defined in DT, regardless.
 # Apply this configuration below by setting the Kconfig symbols used by
 # the linker according to the information extracted from DT partitions.

+if BOARD_NRF9160_PCA10090 && TRUSTED_EXECUTION_SECURE
+
+config FLASH_LOAD_SIZE
+	default $(dt_hex_val,DT_CODE_PARTITION_SIZE)
+
+endif # BOARD_NRF9160_PCA10090 && TRUSTED_EXECUTION_SECURE
+
 if BOARD_NRF9160_PCA10090NS

 config FLASH_LOAD_OFFSET