Integrate wolfHAL into wolfBoot. Provide stm32wb example.#718
Open
AlexLanzano wants to merge 1 commit intowolfSSL:masterfrom
Open
Integrate wolfHAL into wolfBoot. Provide stm32wb example.#718AlexLanzano wants to merge 1 commit intowolfSSL:masterfrom
AlexLanzano wants to merge 1 commit intowolfSSL:masterfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Integrates wolfHAL as an alternate wolfBoot HAL backend, adding an STM32WB55 Nucleo example plus build/linker plumbing to support optional RAM-based flash driver execution.
Changes:
- Added STM32WB wolfHAL-based HAL and a Nucleo board configuration (clock/flash, optional GPIO/UART).
- Updated STM32WB linker script + build system to support
RAM_CODE=1via build-time linker-script placeholders. - Added a wolfHAL STM32WB test app, documentation, submodule, and CI build job.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| test-app/app_wolfhal_stm32wb.c | New bare-metal STM32WB55 Nucleo test app using wolfHAL GPIO/UART with wolfBoot update flow. |
| test-app/Makefile | Adds section GC flags and wolfHAL STM32WB target object list + board object build rule. |
| lib/wolfHAL | Adds wolfHAL submodule pointer. |
| hal/wolfhal_stm32wb.c | New wolfHAL-backed STM32WB wolfBoot HAL implementation (flash ops + optional UART). |
| hal/stm32wb.ld | Adds build-time placeholders to move wolfHAL flash driver into RAM when RAM_CODE=1. |
| hal/boards/stm32wb_nucleo.c | New STM32WB55 Nucleo wolfHAL board configuration (clock/flash, optional UART). |
| docs/wolfHAL.md | New integration guide documenting targets/boards, RAM_CODE mechanism, and test app. |
| config/examples/wolfhal_stm32wb_nucleo.config | New example config selecting wolfHAL STM32WB + Nucleo board. |
| arch.mk | Adds wolfhal_stm32wb target block and defaults for linker placeholder substitutions. |
| Makefile | Extends linker-script generation to substitute wolfHAL-related placeholders. |
| .gitmodules | Registers wolfHAL submodule. |
| .github/workflows/test-configs.yml | Adds CI build job for the new example config. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+107
to
+108
| char enc_key[] = "0123456789abcdef0123456789abcdef" | ||
| "0123456789abcdef"; |
There was a problem hiding this comment.
The encryption key material is compiled into the binary unconditionally (even when EXT_ENCRYPTED is not enabled) and is a non-static writable global. To reduce accidental key exposure and avoid bloating non-encrypted builds, gate the definition with #if EXT_ENCRYPTED (matching its use site), and make it static const so it lands in read-only memory and is not externally visible.
Suggested change
| char enc_key[] = "0123456789abcdef0123456789abcdef" | |
| "0123456789abcdef"; | |
| #if EXT_ENCRYPTED | |
| static const char enc_key[] = "0123456789abcdef0123456789abcdef" | |
| "0123456789abcdef"; | |
| #endif |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
NOTE: my original PR for wolfHAL integration is here #674 . I have since closed it since I made some significant refactors.
Adds wolfHAL as an alternative HAL backend
for wolfBoot, with STM32WB as the first supported target.
Motivation
wolfBoot's existing HAL implementations hardcode board-specific configuration
(clock speeds, flash geometry, pin assignments) directly in the driver code via
macros and register values. When a customer needs to bring up wolfBoot on custom
hardware using the same MCU family, they must either modify the existing HAL
source or duplicate it — even if the only differences are clock parameters or pin
mappings. In some cases, the required configuration macros may not even be present
in the existing implementation.
wolfHAL separates the driver logic (per MCU family, maintained upstream) from
the board configuration (per board, owned by the customer). With this
integration, porting wolfBoot to a new board in a supported MCU family reduces to
creating a single board config file (
hal/boards/<board>.c) with clock parameters,flash geometry, and pin assignments — no driver code changes required.
Since wolfHAL drivers are maintained as a standalone library, the same drivers used
by wolfBoot can be reused in the application firmware and other wolfSSL projects
(e.g. wolfHAL, wolfTPM, wolfMQTT), giving customers a consistent hardware
abstraction across their entire stack.
Changes
hal/wolfhal_stm32wb.c— wolfBoot HAL implementation using wolfHAL'sSTM32WB drivers. Maps
hal_flash_write/erase/lock/unlockto wolfHALflash driver calls, with
RAMFUNCTIONsupport forRAM_CODE=1.hal/boards/stm32wb_nucleo.c— board configuration for STM32WB55 Nucleo.Defines device instances for clock (64 MHz PLL from MSI), flash, and optionally
GPIO/UART (
DEBUG_UART=1).hal/stm32wb.ld— linker script updated with build-time placeholders forconditional
EXCLUDE_FILErules, enabling the wolfHAL flash driver to be placedin RAM when
RAM_CODE=1.arch.mk— newwolfhal_stm32wbtarget block with wolfHAL include paths,WHAL_CFG_DIRECT_CALLBACKSfor zero-overhead driver dispatch, and conditionalRAM_CODElinker script substitutions.test-app/app_wolfhal_stm32wb.c— test application demonstrating wolfHALGPIO (LED) and UART usage alongside wolfBoot update mechanism.
test-app/Makefile— test-app compiles its own board object with-DDEBUG_UARTso the clock vtable includesGetRatefor UART baud ratecalculation, independent of the bootloader's
DEBUG_UARTsetting. Also adds-ffunction-sections -fdata-sectionsto all test apps for gc-sections support.docs/wolfHAL.md— integration guide covering board setup, new MCU familyporting,
RAM_CODEsupport, and test application details.CI — added
wolfhal_stm32wb_testbuild job.Image Size (vs stock stm32wb, flash bytes)