Add wolfBoot port for STM32N6 (NUCLEO-N657X0-Q)

[aidangarske]

Summary

Add TrustZone (TZEN=1) support for the STM32N6 port with proper secure/non-secure SAU configuration, firmware update swap support, and an enhanced test application with UART output.

Features

• TrustZone support (TZEN=1): wolfBoot runs from secure SRAM (0x24000000) using secure peripheral aliases. SAU configured with proper secure/non-secure regions. Application boots into non-secure state.
• Non-TrustZone mode (TZEN=0): wolfBoot runs from non-secure SRAM (0x34000000) with blanket SAU NSC region for full memory access.
• Firmware update (A/B swap): Full sector-by-sector swap working with PART_BOOT_EXT to handle shared XSPI2 NOR flash between boot and update partitions.
• Enhanced test application: UART output with firmware version, partition state, boot status, and automatic wolfBoot_success() handling for TESTING state. LED indicates firmware version (blue=v1, red=v2+).
• New config: config/examples/stm32n6-tz.config for TrustZone-enabled builds.
• CI: Added stm32n6 and stm32n6-tz build tests to test-configs.yml.
• Flash script: --test-update mode now writes update trigger magic (pBOOT) and auto-detects TZEN for correct SRAM load address.

Fixes

• UART clock: Corrected PCLK2 frequency from 300 MHz to 200 MHz (IC2=400 MHz / AHB prescaler 2).
• uart_write linkage: Removed static qualifier and fixed signature to match printf.h (unsigned int len).
• SAU configuration: Added SAU init to hal_init() — without it, the IDAU blocks secure CPU access to XSPI2 memory-mapped region (0x70000000), causing bus faults during image verification.
• Shared flash (PART_BOOT_EXT): Boot and update partitions share the same XSPI2 NOR flash. Without PART_BOOT_EXT, the update swap reads boot partition data via XIP while XSPI2 is in SPI command mode, causing bus faults. The ext_flash_* functions now translate absolute memory-mapped addresses to device-relative offsets.
• XIP write buffer: nor_flash_write() copies source data to a stack buffer before issuing SPI commands, since the source pointer may reference XIP flash that becomes inaccessible when XSPI2 leaves memory-mapped mode.
• dcache ordering: Moved dcache_enable() after octospi_init() to prevent caching stale data from the flash region before memory-mapped mode is configured.
• Boot path for Cortex-M55: Excluded STM32N6 from blxns non-secure boot path and non-secure VTOR, since the CPU security state depends on the SRAM alias used (IDAU-based), not a runtime TrustZone transition.
• OpenOCD: Requires upstream openocd-org/openocd (not ST fork) for target/stm32n6x.cfg support.

Test Results (NUCLEO-N657X0-Q hardware)

Test	TZEN=0	TZEN=1
Build	Pass	Pass
Basic boot (v1)	Pass	Pass
UART output	Pass	Pass
Firmware update swap (v1→v2)	Pass	Pass
Test-app auto-success	Pass	Pass
TrustZone state	Off	Secure

• Boot from cold power on

[dgarske]

Great work! I haven't tested on hardware yet, but have looked over each line.

[Copilot]

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.

[dgarske]

This PR is in good shape, but the boot ROM from QSPI isn't working. @aidangarske please work on it. Not rush on this, it can be post release. I think it does require some OTP registers to be set, but I tried setting OTA124 and it didn't change the results. Note you also have to set BOOT0/BOOT1 jumpers to switch between boot modes.