From 7316207c683167222d8f98d48a13149b71d8776d Mon Sep 17 00:00:00 2001
From: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Date: Wed, 9 Jul 2025 16:54:34 +0200
Subject: [PATCH 1/3] cmake/sysbuild/image_signing: added --rom-fixed for any
 image

From now each image has populated fixed rom address in its header.
This sets fixed-rom flag and populated ih_load_address field in
the header.
This value can be used by MCUboot for deciding on image.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
---
 cmake/sysbuild/b0_mcuboot_signing.cmake |  5 +++--
 cmake/sysbuild/image_signing.cmake      | 11 +++++------
 sysbuild/CMakeLists.txt                 |  2 ++
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/cmake/sysbuild/b0_mcuboot_signing.cmake b/cmake/sysbuild/b0_mcuboot_signing.cmake
index 8116ffb7df3b..aa39fbdd36fc 100644
--- a/cmake/sysbuild/b0_mcuboot_signing.cmake
+++ b/cmake/sysbuild/b0_mcuboot_signing.cmake
@@ -26,6 +26,7 @@ function(ncs_secure_boot_mcuboot_sign application bin_files signed_targets prefi
   sysbuild_get(CONFIG_BUILD_OUTPUT_HEX IMAGE ${application} VAR CONFIG_BUILD_OUTPUT_HEX KCONFIG)
 
   string(TOUPPER "${application}" application_uppercase)
+  set(imgtool_rom_command --rom-fixed $<TARGET_PROPERTY:partition_manager,${prefix}PM_${application_uppercase}_ADDRESS>)
   set(imgtool_sign ${PYTHON_EXECUTABLE} ${IMGTOOL} sign --version ${SB_CONFIG_SECURE_BOOT_MCUBOOT_VERSION} --align 4 --slot-size $<TARGET_PROPERTY:partition_manager,${prefix}PM_${application_uppercase}_SIZE> --pad-header --header-size ${SB_CONFIG_PM_MCUBOOT_PAD})
 
   if(SB_CONFIG_MCUBOOT_HARDWARE_DOWNGRADE_PREVENTION)
@@ -70,7 +71,7 @@ function(ncs_secure_boot_mcuboot_sign application bin_files signed_targets prefi
       # Hence, if a programmer is given this hex file, it will flash it
       # to the secondary slot, and upon reboot mcuboot will swap in the
       # contents of the hex file.
-      ${imgtool_sign} ${imgtool_extra} ${CMAKE_BINARY_DIR}/signed_by_b0_${application}.bin ${output}.bin
+      ${imgtool_sign} ${imgtool_extra} ${imgtool_rom_command} ${CMAKE_BINARY_DIR}/signed_by_b0_${application}.bin ${output}.bin
 
       DEPENDS
       ${application}_extra_byproducts
@@ -93,7 +94,7 @@ function(ncs_secure_boot_mcuboot_sign application bin_files signed_targets prefi
       # Hence, if a programmer is given this hex file, it will flash it
       # to the secondary slot, and upon reboot mcuboot will swap in the
       # contents of the hex file.
-      ${imgtool_sign} ${imgtool_extra} ${CMAKE_BINARY_DIR}/signed_by_b0_${application}.hex ${output}.hex
+      ${imgtool_sign} ${imgtool_extra} ${imgtool_rom_command} ${CMAKE_BINARY_DIR}/signed_by_b0_${application}.hex ${output}.hex
 
       DEPENDS
       ${application}_extra_byproducts
diff --git a/cmake/sysbuild/image_signing.cmake b/cmake/sysbuild/image_signing.cmake
index c3e0013c23ae..bbe32a6bfef1 100644
--- a/cmake/sysbuild/image_signing.cmake
+++ b/cmake/sysbuild/image_signing.cmake
@@ -76,6 +76,8 @@ function(zephyr_mcuboot_tasks)
       else()
         set(imgtool_rom_command --rom-fixed @PM_MCUBOOT_PRIMARY_ADDRESS@)
       endif()
+    else()
+      set(imgtool_rom_command --rom-fixed @PM_MCUBOOT_PRIMARY_ADDRESS@)
     endif()
 
     # Split fields, imgtool_sign_sysbuild is stored in cache which will have fields updated by
@@ -86,12 +88,9 @@ function(zephyr_mcuboot_tasks)
     set(imgtool_sign_sysbuild --slot-size @PM_MCUBOOT_PRIMARY_SIZE@ --pad-header --header-size @PM_MCUBOOT_PAD_SIZE@ ${imgtool_rom_command} CACHE STRING "imgtool sign sysbuild replacement")
     set(imgtool_sign ${PYTHON_EXECUTABLE} ${IMGTOOL} sign --version ${CONFIG_MCUBOOT_IMGTOOL_SIGN_VERSION} --align ${write_block_size} ${imgtool_sign_sysbuild})
   else()
-    set(imgtool_rom_command)
-    if(CONFIG_MCUBOOT_BOOTLOADER_MODE_DIRECT_XIP_WITH_REVERT OR CONFIG_MCUBOOT_BOOTLOADER_MODE_DIRECT_XIP)
-      dt_chosen(code_partition PROPERTY "zephyr,code-partition")
-      dt_partition_addr(code_partition_offset PATH "${code_partition}" REQUIRED)
-      set(imgtool_rom_command --rom-fixed ${code_partition_offset})
-    endif()
+    dt_chosen(code_partition PROPERTY "zephyr,code-partition")
+    dt_partition_addr(code_partition_offset PATH "${code_partition}" REQUIRED)
+    set(imgtool_rom_command --rom-fixed ${code_partition_offset})
     set(imgtool_sign ${PYTHON_EXECUTABLE} ${IMGTOOL} sign --version ${CONFIG_MCUBOOT_IMGTOOL_SIGN_VERSION} --align ${write_block_size} --slot-size ${slot_size} --header-size ${CONFIG_ROM_START_OFFSET} ${imgtool_rom_command})
   endif()
 
diff --git a/sysbuild/CMakeLists.txt b/sysbuild/CMakeLists.txt
index e7a04d18dbbb..33c47a6705f7 100644
--- a/sysbuild/CMakeLists.txt
+++ b/sysbuild/CMakeLists.txt
@@ -802,6 +802,8 @@ function(${SYSBUILD_CURRENT_MODULE_NAME}_post_cmake)
     if(SB_CONFIG_MCUBOOT_MODE_DIRECT_XIP OR SB_CONFIG_MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT)
       get_property(PM_MCUBOOT_PRIMARY_ADDRESS TARGET partition_manager PROPERTY PM_MCUBOOT_PRIMARY_ADDRESS)
       get_property(PM_MCUBOOT_SECONDARY_ADDRESS TARGET partition_manager PROPERTY PM_MCUBOOT_SECONDARY_ADDRESS)
+    else()
+      get_property(PM_MCUBOOT_PRIMARY_ADDRESS TARGET partition_manager PROPERTY PM_MCUBOOT_PRIMARY_ADDRESS)
     endif()
 
     if(SB_CONFIG_MATTER_FACTORY_DATA_GENERATE)

From 0151a82269310f7b64aeeab795c80966d80227fe Mon Sep 17 00:00:00 2001
From: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Date: Thu, 24 Jul 2025 11:42:33 +0200
Subject: [PATCH 2/3] cmake/sysbuild/image_signing_firmware_loader: fix missing
 img address value

signing script on loader misses exact value for --rom-fixed parameter.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
---
 cmake/sysbuild/image_signing_firmware_loader.cmake | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cmake/sysbuild/image_signing_firmware_loader.cmake b/cmake/sysbuild/image_signing_firmware_loader.cmake
index f8b1b0367c1f..963ed101984c 100644
--- a/cmake/sysbuild/image_signing_firmware_loader.cmake
+++ b/cmake/sysbuild/image_signing_firmware_loader.cmake
@@ -69,6 +69,7 @@ function(zephyr_mcuboot_tasks)
   # from being updated without a pristine build
   # TODO: NCSDK-28461 sysbuild PM fields cannot be updated without a pristine build, will become
   # invalid if a static PM file is updated without pristine build
+  set(imgtool_rom_command --rom-fixed @PM_MCUBOOT_SECONDARY_ADDRESS@)
   set(imgtool_sign_sysbuild --slot-size @PM_MCUBOOT_SECONDARY_SIZE@ --pad-header --header-size @PM_MCUBOOT_PAD_SIZE@ ${imgtool_rom_command} CACHE STRING "imgtool sign sysbuild replacement")
   set(imgtool_sign ${PYTHON_EXECUTABLE} ${IMGTOOL} sign --version ${CONFIG_MCUBOOT_IMGTOOL_SIGN_VERSION} --align ${write_block_size} ${imgtool_sign_sysbuild})
 

From e56bb8bc2af9fb94dd0fc6d1dfe0a7047eac557e Mon Sep 17 00:00:00 2001
From: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Date: Wed, 9 Jul 2025 17:27:54 +0200
Subject: [PATCH 3/3] manifest: update mcuboot

version which can use rom-fixed address for recognizing images.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
---
 west.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/west.yml b/west.yml
index e1803a9e8165..98a18d3e42db 100644
--- a/west.yml
+++ b/west.yml
@@ -128,7 +128,7 @@ manifest:
           compare-by-default: true
     - name: mcuboot
       repo-path: sdk-mcuboot
-      revision: 6256d9f6df644231fd196c94a5a92f23c1ad24d4
+      revision: pull/461/head
       path: bootloader/mcuboot
     - name: qcbor
       url: https://github.com/laurencelundblade/QCBOR