Backport 23527 to v3.1 branch #23868
Conversation
github-actions
bot
added
the
changelog-entry-required
CI InformationTo view the history of this post, clich the 'edited' button above Inputs:Sources:more detailsGithub labels
List of changed files detected by CI (0)Outputs:ToolchainVersion: Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped;
|
Memory footprint analysis revealed the following potential issuesapplications.hpf.gpio.icmsg[nrf54l15dk/nrf54l15/cpuflpr]: High RAM usage: 9090[B] - link (cc: @nrfconnect/ncs-ll-ursus) Note: This message is automatically posted and updated by the CI (latest/sdk-nrf/PR-23868/6) |
|
The following west manifest projects have changed revision in this Pull Request:
✅ All manifest checks OK Note: This message is automatically posted and updated by the Manifest GitHub Action. |
de-nordic
force-pushed
the
backport-23527-to-v3.1-branch
branch
from
028e6e2 to
66cf279
Compare
|
You can find the documentation preview for this PR here. |
de-nordic
force-pushed
the
backport-23527-to-v3.1-branch
branch
2 times, most recently
from
5a53a56 to
2dbb268
Compare
There was a problem hiding this comment.
test-sdk-mcuboot will fail on that PR, because release branch on test repo must be rebased. When this PR is merged, I will update test repo.
Tested locally and works ok.
Edit: created branch on test repo to apply changes required for that PR, all tests passed on test-sdk-mcuboot
|
Can be merge (after relevant updates) - see the Verification comment above. |
nordicjm
force-pushed
the
backport-23527-to-v3.1-branch
branch
from
2dbb268 to
c844ee9
Compare
Changes required to fix HMAC-SHA512 usage. Signed-off-by: Dominik Ermel <[email protected]>
Removing Kconfig for HMAC-SHA512 as currently it can be replaced with logic in CMake files and Kconfigs, so exposing direct control over it is not needed; specifically that the HMAC-SHA512 is now only enabled on NRF54L series with ECIES-X25519 key exchange, other platforms are left with originally selected HMAC-SHA256. This reverts commit 293252a. Signed-off-by: Dominik Ermel <[email protected]> (cherry picked from commit 91d93d0)
Uncommitted changes to image_signing.cmake prevented HMAC-SHA512 usage with ECIES-X25519, in image signing. Signed-off-by: Dominik Ermel <[email protected]> (cherry picked from commit c3e5321)
nordicjm
force-pushed
the
backport-23527-to-v3.1-branch
branch
from
c844ee9 to
4cbeba3
Compare
The PR reverts introduction of HMAC-SHA512 selector and adds code that relies on existing Kconfig options and CMake changes to enforce HMAC-SHA512, when X25519 is used, on NR54L series devices.
One of commits is manifest update with required MCUboot changes.
test_sdk_mcuboot: grch_23868_hmac_sha512