Add Raspberry Pi Compute Module 4 (BCM2711) target#824
Open
dgarske wants to merge 2 commits into
Open
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a new wolfBoot target for the Raspberry Pi Compute Module 4 (BCM2711 / Cortex-A72), including a dedicated HAL, linker script, build flags, example configs, and target documentation to support firmware-loading wolfBoot as kernel8.img and verifying a signed RAM-boot payload.
Changes:
- Introduces a CM4 HAL (
hal/cm4.c/.h/.ld) with PL011 UART console support, RAM-boot partition addresses, and optional SDHCI (eMMC/SD) glue. - Extends AArch64 build configuration for
TARGET=cm4with Cortex-A72+crypto flags and ensures the startup path includes the CM4 HAL header. - Adds CM4 example configs and a new documentation section describing build/sign/flash/boot flow.
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| test-app/app_cm4.c | Adds a CM4-specific minimal bare-metal test application entry point. |
| src/boot_aarch64_start.S | Includes the CM4 HAL header when building for TARGET_cm4. |
| Makefile | Declares wolfboot.bin as the primary build artifact for TARGET=cm4. |
| hal/cm4.ld | Adds a CM4 linker script aligned to the firmware load address and fixed partition map. |
| hal/cm4.h | Defines CM4 target startup macros and BCM2711 MMIO base. |
| hal/cm4.c | Implements the CM4 HAL (UART + RAM boot addresses + optional SDHCI platform glue). |
| docs/Targets.md | Documents CM4 build/sign/flash steps and expected boot output. |
| config/examples/cm4.config | Provides a RAM-boot CM4 example configuration (ECC384/SHA384). |
| config/examples/cm4_sdcard.config | Provides an (unvalidated) disk-updater CM4 configuration scaffold for eMMC/SD A/B. |
| arch.mk | Adds Cortex-A72+crypto compiler flags for TARGET=cm4 and enables ARMv8 crypto ASM path. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add Raspberry Pi Compute Module 4 (BCM2711) target + wolfCrypt FIPS 140-3
Summary
Adds a wolfBoot target for the Raspberry Pi Compute Module 4 (CM4) - Broadcom BCM2711, quad-core Cortex-A72 (AArch64). wolfBoot replaces the second-stage OS loader (e.g. U-Boot): the VideoCore firmware loads wolfBoot as
kernel8.img, and wolfBoot verifies the signed application image before booting it, extending the platform root of trust into the OS. It can optionally perform that verification with the wolfCrypt FIPS 140-3 module.CM4 target and authenticated boot
cm4HAL (hal/cm4.c/.h/.ld) for BCM2711: PL011 UART console at the BCM2711 MMIO base (0xFE000000), RAM-boot image handoff, and a fixed load map matching the firmware's0x80000entry.arch.mk(-mcpu=cortex-a72+crypto,-mstrict-alignfor MMU-off operation).config/examples/cm4.config(RAM boot,SIGN=ECC384 HASH=SHA384).Root of trust:
eMMC / SD A/B updates
config/examples/cm4_sdcard.configdrives the BCM2711 EMMC2 controller (0xFE340000) through the generic SDHCI driver for A/B image partitions on the boot medium. Bring-up scaffolding, not yet hardware-validated.wolfCrypt FIPS 140-3
FIPS=1build option (options.mk) that rebuilds the wolfcrypt object list as the validated module boundary in link order (wolfcrypt_first...fips/fips_test...wolfcrypt_last), pointingWOLFBOOT_LIB_WOLFSSLat a FIPS wolfSSL tree.include/user_settings.hFIPS gate: enables the module's algorithm set, keeps the RNG/DRBG enabled, and provides a DRBG entropy seed (/dev/urandomon sim, BCM2711 RNG200 hardware TRNG on CM4).src/loader.cruns the power-on self-test at boot (fipsEntry, since bare-metal has no.init_array) and refuses to boot unless the module is operational; on a self-test failure it prints the runtime in-core hash to seal intoverifyCore[].config/examples/sim-fips.configandconfig/examples/cm4-fips.config.Documentation
docs/Targets.md: CM4 section covering build, signing,config.txt, flashing (microSD / eMMC via rpiboot), and boot output.docs/FIPS.md: building with FIPS, DRBG entropy, in-core hash sealing, and bare-metal notes.Testing
aarch64-none-elf-andaarch64-linux-gnu-.simtarget withSIGN=ECC384 HASH=SHA384.sim-fips.configbuilds, the module reaches operational state (in-core integrity + POST/CASTs pass), and wolfBoot performs FIPS-backed integrity + signature verification and A/B updates.Notes
docs/FIPS.md.