• State Not Answered
  • Replies 10 replies
  • Subscribers 87 subscribers
  • Views 691 views
  • Users 0 members are here
Attachments (3) Download All
Nordic Case Info
  • Case ID: 348586
Options

Appcore rng sample build fails with NRF5340 + MCUBOOT + CONFIG_NRF_SECURITY with SDK2.9.1

Dustin Stahlback

Using nrf sample from v2.9.1/nrf/samples/crpyto/rng
Configure build with v2.9.1 SDK/Toolchain
Configure build with board target: nrf5340dk/nrf5340/cpuapp
Add MCUBOOT support via sysbuild config


Appcore Build fails with

warning: MBEDTLS_SHA256 (defined at C:/ncs/v2.9.1/zephyr/modules/mbedtls\Kconfig.tls-generic:349, modules\mbedtls\Kconfig.tls-generic:349) has direct dependencies (!(NRF_SECURITY || NORDIC_SECURITY_BACKEND) && MBEDTLS_BUILTIN && MBEDTLS_CFG_FILE = "config-tls-generic.h" && MBEDTLS) || (!(NRF_SECURITY || NORDIC_SECURITY_BACKEND) && MBEDTLS_BUILTIN && MBEDTLS_CFG_FILE = "config-tls-generic.h" && MBEDTLS && 0) with value n, but is currently being y-selected by the following symbols:
- FLASH_AREA_CHECK_INTEGRITY_MBEDTLS (defined at subsys/storage/flash_map/Kconfig:58), with value y, direct dependencies <choice FLASH_AREA_CHECK_INTEGRITY_BACKEND> (value: y), and select condition <choice FLASH_AREA_CHECK_INTEGRITY_BACKEND> (value: y)

error: Aborting due to Kconfig warnings


Attached is the full project minus the build directory

rng - Copy.zip




Parents
  • 0

    Hello,

    Yes, I have enabled MCUboot in my sysbuild.config, and I am able to build the sample without issues. Please see the logs below, although there are some warnings from MCUboot during the build, I don’t see any critical errors. It’s possible that your custom application has some conflicting configurations enabled. From my side, I don’t see any issue with enabling both MCUboot and NRF_SECURITY.

    I recommend checking the generated .config folder to see if there are any conflicting configurations.

    Executing task: nRF Connect: Generate config nrf5340dk/nrf5340/cpuapp for c:\ncs\v3.0.2\nrf\samples\crypto\rng 

Building rng
C:\WINDOWS\system32\cmd.exe /d /s /c "west build --build-dir c:/ncs/v3.0.2/nrf/samples/crypto/rng/build c:/ncs/v3.0.2/nrf/samples/crypto/rng --pristine --board nrf5340dk/nrf5340/cpuapp --sysbuild -- -DBOARD_ROOT=c:/ncs/v3.0.2/nrf/samples/crypto/rng"

-- west build: generating a build system
Loading Zephyr module(s) (Zephyr base): sysbuild_default
-- Found Python3: C:/ncs/toolchains/0b393f9e1b/opt/bin/python.exe (found suitable version "3.12.4", minimum required is "3.10") found components: Interpreter 
-- Cache files will be written to: C:/ncs/v3.0.2/zephyr/.cache
-- Found west (found suitable version "1.2.0", minimum required is "0.14.0")
-- Board: nrf5340dk, qualifiers: nrf5340/cpuapp
Parsing C:/ncs/v3.0.2/zephyr/share/sysbuild/Kconfig
Loaded configuration 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/_sysbuild/empty.conf'
Merged configuration 'c:/ncs/v3.0.2/nrf/samples/crypto/rng/sysbuild.conf'
Configuration saved to 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/zephyr/.config'
Kconfig header saved to 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/_sysbuild/autoconf.h'
-- 
   *****************************
   * Running CMake for mcuboot *
   *****************************

Loading Zephyr default modules (Zephyr base).
-- Application: C:/ncs/v3.0.2/bootloader/mcuboot/boot/zephyr
-- CMake version: 3.21.0
-- Found Python3: C:/ncs/toolchains/0b393f9e1b/opt/bin/python.exe (found suitable version "3.12.4", minimum required is "3.10") found components: Interpreter 
-- Cache files will be written to: C:/ncs/v3.0.2/zephyr/.cache
-- Zephyr version: 4.0.99 (C:/ncs/v3.0.2/zephyr)
-- Found west (found suitable version "1.2.0", minimum required is "0.14.0")
-- Board: nrf5340dk, qualifiers: nrf5340/cpuapp
-- Found host-tools: zephyr 0.17.0 (C:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk)
-- Found toolchain: zephyr 0.17.0 (C:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk)
-- Found Dtc: C:/ncs/toolchains/0b393f9e1b/opt/bin/dtc.exe (found suitable version "1.4.7", minimum required is "1.4.6") 
-- Found BOARD.dts: C:/ncs/v3.0.2/zephyr/boards/nordic/nrf5340dk/nrf5340dk_nrf5340_cpuapp.dts
-- Found devicetree overlay: C:/ncs/v3.0.2/bootloader/mcuboot/boot/zephyr/app.overlay
-- Generated zephyr.dts: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/zephyr.dts
-- Generated pickled edt: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/edt.pickle
-- Generated zephyr.dts: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/zephyr.dts
-- Generated devicetree_generated.h: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/include/generated/zephyr/devicetree_generated.h
-- Including generated dts.cmake file: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/dts.cmake
Parsing C:/ncs/v3.0.2/bootloader/mcuboot/boot/zephyr/Kconfig
Loaded configuration 'C:/ncs/v3.0.2/zephyr/boards/nordic/nrf5340dk/nrf5340dk_nrf5340_cpuapp_defconfig'
Merged configuration 'C:/ncs/v3.0.2/bootloader/mcuboot/boot/zephyr/prj.conf'
Merged configuration 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/.config.sysbuild'
Configuration saved to 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/.config'
Kconfig header saved to 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/include/generated/zephyr/autoconf.h'
-- Found GnuLd: c:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk/arm-zephyr-eabi/arm-zephyr-eabi/bin/ld.bfd.exe (found version "2.38") 
-- The C compiler identification is GNU 12.2.0
-- The CXX compiler identification is GNU 12.2.0
-- The ASM compiler identification is GNU
-- Found assembler: C:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc.exe
MCUBoot bootloader key file: C:/ncs/v3.0.2/bootloader/mcuboot/root-rsa-2048.pem
CMake Warning at CMakeLists.txt:393 (message):
  WARNING: Using default MCUboot signing key file, this file is for debug use
  only and is not secure!


-- Configuring done
-- Generating done
-- Build files have been written to: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot
-- 
   *************************
   * Running CMake for rng *
   *************************

Loading Zephyr default modules (Zephyr base).
-- Application: C:/ncs/v3.0.2/nrf/samples/crypto/rng
-- CMake version: 3.21.0
-- Found Python3: C:/ncs/toolchains/0b393f9e1b/opt/bin/python.exe (found suitable version "3.12.4", minimum required is "3.10") found components: Interpreter 
-- Cache files will be written to: C:/ncs/v3.0.2/zephyr/.cache
-- Zephyr version: 4.0.99 (C:/ncs/v3.0.2/zephyr)
-- Found west (found suitable version "1.2.0", minimum required is "0.14.0")
-- Board: nrf5340dk, qualifiers: nrf5340/cpuapp
-- Found host-tools: zephyr 0.17.0 (C:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk)
-- Found toolchain: zephyr 0.17.0 (C:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk)
-- Found Dtc: C:/ncs/toolchains/0b393f9e1b/opt/bin/dtc.exe (found suitable version "1.4.7", minimum required is "1.4.6") 
-- Found BOARD.dts: C:/ncs/v3.0.2/zephyr/boards/nordic/nrf5340dk/nrf5340dk_nrf5340_cpuapp.dts
-- Generated zephyr.dts: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/zephyr.dts
-- Generated pickled edt: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/edt.pickle
-- Generated zephyr.dts: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/zephyr.dts
-- Generated devicetree_generated.h: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/include/generated/zephyr/devicetree_generated.h
-- Including generated dts.cmake file: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/dts.cmake

warning: UPDATEABLE_IMAGE_NUMBER (defined at
C:/ncs/v3.0.2/nrf\samples\common\mcumgr_bt_ota_dfu/Kconfig:99, subsys/dfu/Kconfig:96) was assigned
the value '1' but got the value ''. Check these unsatisfied dependencies:
(((BOARD_THINGY53_NRF5340_CPUAPP || BOARD_THINGY53_NRF5340_CPUAPP_NS) && SOC_SERIES_NRF53X &&
NCS_SAMPLE_MCUMGR_BT_OTA_DFU) || (!MCUBOOT && IMG_MANAGER)) (=n). See
http://docs.zephyrproject.org/latest/kconfig.html#CONFIG_UPDATEABLE_IMAGE_NUMBER and/or look up
UPDATEABLE_IMAGE_NUMBER in the menuconfig/guiconfig interface. The Application Development Primer,
Setting Configuration Values, and Kconfig - Tips and Best Practices sections of the manual might be
helpful too.


warning: MCUBOOT_UPDATE_FOOTER_SIZE (defined at subsys/dfu/Kconfig:55) was assigned the value
'0x2000' but got the value ''. Check these unsatisfied dependencies: MCUBOOT_IMG_MANAGER (=n),
IMG_MANAGER (=n). See
http://docs.zephyrproject.org/latest/kconfig.html#CONFIG_MCUBOOT_UPDATE_FOOTER_SIZE and/or look up
MCUBOOT_UPDATE_FOOTER_SIZE in the menuconfig/guiconfig interface. The Application Development
Primer, Setting Configuration Values, and Kconfig - Tips and Best Practices sections of the manual
might be helpful too.

Parsing C:/ncs/v3.0.2/zephyr/Kconfig
Loaded configuration 'C:/ncs/v3.0.2/zephyr/boards/nordic/nrf5340dk/nrf5340dk_nrf5340_cpuapp_defconfig'
Merged configuration 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/prj.conf'
Merged configuration 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/boards/nrf5340dk_nrf5340_cpuapp.conf'
Merged configuration 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/.config.sysbuild'
Configuration saved to 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/.config'
Kconfig header saved to 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/include/generated/zephyr/autoconf.h'
-- Found GnuLd: c:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk/arm-zephyr-eabi/arm-zephyr-eabi/bin/ld.bfd.exe (found version "2.38") 
-- The C compiler identification is GNU 12.2.0
-- The CXX compiler identification is GNU 12.2.0
-- The ASM compiler identification is GNU
-- Found assembler: C:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc.exe
=========== Generating psa_crypto_config ===============
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_C: True
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
Backup: CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT: True
Backup: CONFIG_MBEDTLS_THREADING: False
Backup: CONFIG_MBEDTLS_THREADING_ALT: True
=========== Checkpoint: backup ===============
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_C: True
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
Restore: CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT: True
Restore: CONFIG_MBEDTLS_THREADING: False
Restore: CONFIG_MBEDTLS_THREADING_ALT: True
=========== End psa_crypto_config ===============
=========== Generating psa_crypto_library_config ===============
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_C: True
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
Backup: CONFIG_MBEDTLS_USE_PSA_CRYPTO: True
Backup: CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT: False
Backup: CONFIG_MBEDTLS_THREADING: False
Backup: CONFIG_MBEDTLS_THREADING_ALT: True
=========== Checkpoint: backup ===============
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_C: True
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
Restore: CONFIG_MBEDTLS_USE_PSA_CRYPTO: True
Restore: CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT: False
Restore: CONFIG_MBEDTLS_THREADING: False
Restore: CONFIG_MBEDTLS_THREADING_ALT: True
=========== End psa_crypto_library_config ===============
-- Including signing script: C:/ncs/v3.0.2/nrf/cmake/sysbuild/image_signing.cmake
-- Configuring done
-- Generating done
-- Build files have been written to: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng
CMake Warning at C:/ncs/v3.0.2/nrf/cmake/sysbuild/partition_manager.cmake:121 (message):
  

        ---------------------------------------------------------------------
        --- WARNING: Using a bootloader without pm_static.yml.            ---
        --- There are cases where a deployed product can consist of       ---
        --- multiple images, and only a subset of these images can be     ---
        --- upgraded through a firmware update mechanism. In such cases,  ---
        --- the upgradable images must have partitions that are static    ---
        --- and are matching the partition map used by the bootloader     ---
        --- programmed onto the device.                                   ---
        ---------------------------------------------------------------------
        

Call Stack (most recent call first):
  C:/ncs/v3.0.2/nrf/cmake/sysbuild/partition_manager.cmake:620 (partition_manager)
  C:/ncs/v3.0.2/nrf/sysbuild/CMakeLists.txt:779 (include)
  cmake/modules/sysbuild_extensions.cmake:583 (nrf_POST_CMAKE)
  cmake/modules/sysbuild_extensions.cmake:583 (cmake_language)
  cmake/modules/sysbuild_images.cmake:46 (sysbuild_module_call)
  cmake/modules/sysbuild_default.cmake:21 (include)
  C:/ncs/v3.0.2/zephyr/share/zephyr-package/cmake/ZephyrConfig.cmake:75 (include)
  C:/ncs/v3.0.2/zephyr/share/zephyr-package/cmake/ZephyrConfig.cmake:92 (include_boilerplate)
  C:/ncs/v3.0.2/zephyr/share/sysbuild-package/cmake/SysbuildConfig.cmake:8 (include)
  template/CMakeLists.txt:10 (find_package)


-- Configuring done
-- Generating done
-- Build files have been written to: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build
-- west build: building application
[0/1] Re-running CMake...
Loading Zephyr default modules (Zephyr base (cached)).
-- Application: C:/ncs/v3.0.2/nrf/samples/crypto/rng
-- CMake version: 3.21.0
-- Cache files will be written to: C:/ncs/v3.0.2/zephyr/.cache
-- Zephyr version: 4.0.99 (C:/ncs/v3.0.2/zephyr)
-- Found west (found suitable version "1.2.0", minimum required is "0.14.0")
-- Board: nrf5340dk, qualifiers: nrf5340/cpuapp
-- Found host-tools: zephyr 0.17.0 (C:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk)
-- Found toolchain: zephyr 0.17.0 (C:/ncs/toolchains/0b393f9e1b/opt/zephyr-sdk)
-- Found BOARD.dts: C:/ncs/v3.0.2/zephyr/boards/nordic/nrf5340dk/nrf5340dk_nrf5340_cpuapp.dts
-- Generated zephyr.dts: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/zephyr.dts
-- Generated pickled edt: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/edt.pickle
-- Generated zephyr.dts: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/zephyr.dts
-- Generated devicetree_generated.h: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/include/generated/zephyr/devicetree_generated.h
-- Including generated dts.cmake file: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/dts.cmake
Parsing C:/ncs/v3.0.2/zephyr/Kconfig
Loaded configuration 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/.config'
Merged configuration 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/.config.sysbuild'
No change to configuration in 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/.config'
No change to Kconfig header in 'C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/include/generated/zephyr/autoconf.h'
=========== Generating psa_crypto_config ===============
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_C: True
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
Backup: CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT: True
Backup: CONFIG_MBEDTLS_THREADING: False
Backup: CONFIG_MBEDTLS_THREADING_ALT: True
=========== Checkpoint: backup ===============
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_C: True
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
Restore: CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT: True
Restore: CONFIG_MBEDTLS_THREADING: False
Restore: CONFIG_MBEDTLS_THREADING_ALT: True
=========== End psa_crypto_config ===============
=========== Generating psa_crypto_library_config ===============
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_C: True
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
Backup: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
Backup: CONFIG_MBEDTLS_USE_PSA_CRYPTO: True
Backup: CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT: False
Backup: CONFIG_MBEDTLS_THREADING: False
Backup: CONFIG_MBEDTLS_THREADING_ALT: True
=========== Checkpoint: backup ===============
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_C: True
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
Restore: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
Restore: CONFIG_MBEDTLS_USE_PSA_CRYPTO: True
Restore: CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT: False
Restore: CONFIG_MBEDTLS_THREADING: False
Restore: CONFIG_MBEDTLS_THREADING_ALT: True
=========== End psa_crypto_library_config ===============
-- Including signing script: C:/ncs/v3.0.2/nrf/cmake/sysbuild/image_signing.cmake
-- Configuring done
-- Generating done
-- Build files have been written to: C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng
[4/199] Generating include/generated/zephyr/version.h
-- Zephyr version: 4.0.99 (C:/ncs/v3.0.2/zephyr), build: v4.0.99-ncs1-2
[199/199] Linking C executable zephyr\zephyr.elf
Memory region         Used Size  Region Size  %age Used
           FLASH:       42240 B     491008 B      8.60%
             RAM:       25792 B       448 KB      5.62%
        IDT_LIST:          0 GB        32 KB      0.00%
Generating files from C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/rng/zephyr/zephyr.elf for board: nrf5340dk
image.py: sign the payload
image.py: sign the payload
[6/292] Generating include/generated/zephyr/version.h
-- Zephyr version: 4.0.99 (C:/ncs/v3.0.2/zephyr), build: v4.0.99-ncs1-2
[292/292] Linking C executable zephyr\zephyr.elf
Memory region         Used Size  Region Size  %age Used
           FLASH:       39024 B        48 KB     79.39%
             RAM:       22760 B       448 KB      4.96%
        IDT_LIST:          0 GB        32 KB      0.00%
Generating files from C:/ncs/v3.0.2/nrf/samples/crypto/rng/build/mcuboot/zephyr/zephyr.elf for board: nrf5340dk
[20/20] Generating ../merged.hex
 *  Terminal will be reused by tasks, press any key to close it.

    Kind Regards,

    Abhijith

  • 0 in reply to Menon

    The problem was enabling the following in the prj.conf

    CONFIG_IMG_ENABLE_IMAGE_CHECK

    The attached settings were pulled from prior SDK builds with no issues.  

    Thank you for looking into this issue.
Reply Children
No Data
Related
Terms of service