• State Not Answered
  • Replies 4 replies
  • Subscribers 86 subscribers
  • Views 257 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 355500
Options

Thingy91X - HMAC

andychess

Hi,

We're trying to implement HMAC signing on a Thingy91X but getting stuck each time on -134 errors.  Having read the resource on your docs AI I'm aware of the limitations on TF-M on the Thingy91X, but am not quite clear why it is possible to run the crypto/hmac sample on the nrf9151dk but not on the Thingy91X.

Our final attempt was to load the key from NVS and although the key seems to load, the call to psa_import_key fails again with -134.  The docs AI couldn't find anything obviously wrong with the code, so I'm turning to a human for help:-).

Here is my code snippet and prj.conf.  Any help would be appreciated.

Thanks in advance,
[00:00:00.847,595] <inf> mqtt: PSA Crypto initialised.
[00:00:00.940,521] <inf> fs_nvs: 2 Sectors of 4096 bytes
[00:00:00.940,521] <inf> fs_[00:00:10.943,206] <inf> mqtt: Loaded HMAC key from NVS (32 bytes)
[00:00:10.943,237] <inf> mqtt: key len: 32 bytes
[00:00:10.943,359] <err> mqtt: Failed to import HMAC key to PSA: -134
[00:00:10.943,389] <err> application: MQTT init failed!
[00:00:10.943,389] <err> main: Application init failed!// Import key from NVS as volatile PSA key

psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_set_key_usage_flags(&attributes, (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH));
psa_set_key_algorithm(&attributes, PSA_ALG_HMAC(PSA_ALG_SHA_256));
psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_VOLATILE);
psa_set_key_bits(&attributes, key_len * 8);
LOG_INF("key len: %d bytes", (key_len));
psa_key_id_t key_id;
status = psa_import_key(&attributes, reinterpret_cast<const uint8_t*>(device_secret), key_len, &key_id);
psa_reset_key_attributes(&attributes);

// Clear secret from RAM
memset(device_secret, 0, sizeof(device_secret));

if (status != PSA_SUCCESS) {
LOG_ERR("Failed to import HMAC key to PSA: %d", status);
return false;
}


# Application
CONFIG_MAIN_STACK_SIZE=8192
CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=3072
CONFIG_HEAP_MEM_POOL_SIZE=40960
CONFIG_AT_MONITOR_HEAP_SIZE=1024
CONFIG_EVENTS=y

# C++
CONFIG_CPP=y
CONFIG_STD_CPP20=y
CONFIG_REQUIRES_FULL_LIBCPP=n
CONFIG_MINIMAL_LIBCPP=n

# Modem library
CONFIG_MODEM_KEY_MGMT=y
CONFIG_MODEM_INFO=y
CONFIG_MODEM_INFO_ADD_NETWORK=y
CONFIG_NRF_MODEM_LIB=y
CONFIG_NRF_MODEM_LIB_ON_FAULT_RESET_MODEM=y
CONFIG_NRF_MODEM_LIB_TRACE=n
CONFIG_NRF_MODEM_LIB_HEAP_SIZE=4096

# Networking - Mixed offloaded (modem) and native (WiFi)
CONFIG_NETWORKING=y
CONFIG_NET_NATIVE=y
CONFIG_NET_SOCKETS=y
CONFIG_NET_SOCKETS_OFFLOAD=y
CONFIG_NET_TCP=y
CONFIG_NET_IPV4=y
CONFIG_NET_IPV6=n
CONFIG_POSIX_API=y

# LTE link control
CONFIG_LTE_LINK_CONTROL=y
CONFIG_LTE_NETWORK_MODE_LTE_M_GPS=y

# MQTT
CONFIG_MQTT_LIB=y
CONFIG_MQTT_LIB_TLS=y
CONFIG_MQTT_CLEAN_SESSION=y


# GPIO and PWM
CONFIG_GPIO=y
CONFIG_PWM=y
CONFIG_GPIO_NRFX=y

# Logging
CONFIG_LOG=y
CONFIG_LOG_DEFAULT_LEVEL=3
CONFIG_USE_SEGGER_RTT=y
CONFIG_LOG_BACKEND_RTT=y
CONFIG_LOG_BACKEND_UART=n
CONFIG_LOG_TIMESTAMP_64BIT=y
CONFIG_LOG_BUFFER_SIZE=4096

# Random number generator
CONFIG_ENTROPY_GENERATOR=y

# Debugging
CONFIG_DEBUG=n
CONFIG_DEBUG_OPTIMIZATIONS=n
CONFIG_DEBUG_THREAD_INFO=n

# Lightweight AT command visibility
CONFIG_AT_MONITOR=y
CONFIG_AT_MONITOR_LOG_LEVEL_INF=n

# Stack monitoring and debugging
CONFIG_INIT_STACKS=n
CONFIG_THREAD_STACK_INFO=n
CONFIG_THREAD_MONITOR=n
CONFIG_THREAD_NAME=y
CONFIG_THREAD_ANALYZER=n
CONFIG_THREAD_ANALYZER_USE_PRINTK=n
CONFIG_THREAD_ANALYZER_AUTO=n

# ===== GNSS Configuration =====
CONFIG_GNSS=y

# nRF Cloud for A-GNSS and WiFi positioning
CONFIG_NRF_CLOUD=y
CONFIG_NRF_CLOUD_MQTT=y
CONFIG_NRF_CLOUD_REST=n
CONFIG_NRF_CLOUD_COAP=n
CONFIG_NRF_CLOUD_AGNSS=y
CONFIG_NRF_CLOUD_LOCATION=y
CONFIG_NRF_CLOUD_CLIENT_ID_SRC_RUNTIME=y
CONFIG_NRF_CLOUD_PROVISION_CERTIFICATES=n
CONFIG_NRF_CLOUD_LOG_LEVEL_DBG=n

# Date/time (required for A-GNSS)
CONFIG_DATE_TIME=y

# JSON parsing for cloud responses
CONFIG_CJSON_LIB=y

# Enable TF-M Crypto module
CONFIG_TFM_CRYPTO_RNG_MODULE_ENABLED=y

# Settings subsystem for nRF Cloud with TF-M
CONFIG_SETTINGS=y
CONFIG_FCB=y
CONFIG_SETTINGS_FCB=y
CONFIG_SETTINGS_RUNTIME=y

# Flash support (TF-M aware)
CONFIG_FLASH=y
CONFIG_FLASH_MAP=y
CONFIG_FLASH_PAGE_LAYOUT=y
CONFIG_NVS=y
CONFIG_MPU_ALLOW_FLASH_WRITE=y

# Settings subsystem (NVS backend)
CONFIG_SETTINGS=y
CONFIG_SETTINGS_NVS=y

# NVS configuration
CONFIG_NVS_LOG_LEVEL_DBG=n

# TF-M specific
CONFIG_BUILD_WITH_TFM=y

# ===== Location library =====
CONFIG_LOCATION=y
CONFIG_LOCATION_METHOD_GNSS=y
CONFIG_LOCATION_METHOD_WIFI=y
CONFIG_LOCATION_METHOD_CELLULAR=y

# ===== WiFi Configuration =====
CONFIG_WIFI=y
CONFIG_WIFI_NRF70=y

# Network management for WiFi
CONFIG_NET_L2_ETHERNET=y
CONFIG_NET_MGMT=y
CONFIG_NET_MGMT_EVENT=y
CONFIG_NET_MGMT_EVENT_STACK_SIZE=4096

# Network buffers (required for native WiFi stack)
CONFIG_NET_BUF=y
CONFIG_NET_PKT_RX_COUNT=4
CONFIG_NET_PKT_TX_COUNT=4
CONFIG_NET_BUF_RX_COUNT=8
CONFIG_NET_BUF_TX_COUNT=8
CONFIG_NET_BUF_DATA_SIZE=128

# WiFi credentials
CONFIG_WIFI_CREDENTIALS=n

# Nordic Security Backend (provides actual crypto implementation)
CONFIG_NRF_SECURITY=y
CONFIG_MBEDTLS_PSA_CRYPTO_C=y
CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
CONFIG_PSA_WANT_KEY_TYPE_HMAC=y
CONFIG_PSA_WANT_ALG_HMAC=y
CONFIG_PSA_WANT_ALG_SHA_256=y

# Heap monitoring
CONFIG_SYS_HEAP_RUNTIME_STATS=y
CONFIG_SYS_HEAP_LISTENER=y

Parents
  • 0

    Hello,

    The docs AI couldn't find anything obviously wrong with the code, so I'm turning to a human for help:-).

    Thanks for giving a shot and providing more input to our AI support. There are unfortunately some limitations. Good thing to reach out to us after searching first. 

    We're trying to implement HMAC signing on a Thingy91X but getting stuck each time on -134 errors.
    What version of nRF Connect SDK are you working on?

    #define     NRF_ENOTSUP 134 /**< Not supported */
    or in this case PSA_ERROR_NOT_SUPPORTED from modules/crypto/mbedtls/include/psa/crypto_values.h
    /** The requested operation or a parameter is not supported
 * by this implementation.
 *
 * Implementations should return this error code when an enumeration
 * parameter such as a key type, algorithm, etc. is not recognized.
 * If a combination of parameters is recognized and identified as
 * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)-134)

     
    The Thingy:91 X has some extra configurations and a pm_static that defines some memory regions for the HW which ensures that when you program the firmware through USB, it works correctly without updating the MCUboot bootloader.
    This is why it is not directly supported out of the box. 
    That said, if it works on the nRF9151DK it should work on the Thingy:91 X. 
    One setting that could throw the PSA_ERROR_NOT_SUPPORTED is the lack of heap size i.e. 
    CONFIG_MBEDTLS_HEAP_SIZE
    Looking at the board files in under boards folder, the Thingy:91 X is missing. You can try to copy nrf/samples/crypto/hmac/boards/nrf9151dk_nrf9151.conf and nrf9151dk_nrf9151_ns.conf and rename to thingy91x_nrf9151.conf and thingy91x_nrf9151_ns.conf respectively. These files may include the settings needed. 
     
    I'm not able to build the sample at all for the Thingy:91 X. Are you able to share you're project?

    Kind regards,
    Øyvind
  • 0 in reply to Øyvind

    Hi Øyvind,

    Thanks for the quick response.

    Apologies for not mentioning that I'm working with SDK v3.1.0 (and modem firmware 2.0.3). 

    We're using the Thing91x as a prototype for a commercial product and the final version will have a simpler structure (nrf9151 + nrf7000) so it's not critical to have HMAC working at this stage.  That said, as the Thingy91x is marketed as a prototyping device for cellular products, I would expect to be able to use most sdk features that we plan for the final design.

    Øyvind said:
     
    The Thingy:91 X has some extra configurations and a pm_static that defines some memory regions for the HW which ensures that when you program the firmware through USB, it works correctly without updating the MCUboot bootloader.

    We're logging and programming through RTT.  Does this give an opportunity to simplify things at all?  Can you point me to some resource on the subject, if it exists?

    Once we started hitting the -134 error in our own code, I simply built the nrf9151dk version in the samples folder (nrf/samples/crypto/hmac) and saw that it worked.  I then naively copied the board .conf file for the dk as you suggested.  This overruns the RAM by 300% on the Thingy91x, caused it seems by   

    CONFIG_TFM_PROFILE_TYPE_NOT_SET=y

    Removing this and adding the HEAP_SIZE settings gives thingy91x_nrf9151_ns.conf as below:

    CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y

    # Mbedtls configuration
    CONFIG_MBEDTLS_ENABLE_HEAP=y
    CONFIG_MBEDTLS_HEAP_SIZE=8192

    This builds, but gives the output that we were getting in our own code.

    [00:00:00.258,026] <inf> spi_nor: GD25LE255E@0: 32 MiBy flash
    *** Booting nRF Connect SDK v3.1.0-6c6e5b32496e ***
    *** Using Zephyr OS v4.1.99-1612683d4010 ***
    [00:00:00.299,346] <inf> hmac: Starting HMAC example...
    [00:00:00.299,346] <inf> hmac: Generating random HMAC key...
    [00:00:00.299,468] <inf> hmac: psa_generate_key failed! (Error: -134)
    [00:00:00.299,468] <inf> hmac: Example exited with error!

    I would really like to understand the issue here and the underlying cause. I failed to find a single source in the documentation that gives a comprehensive overview of TF-M beyond the very basics.  Most of the information on specific CONFIGs seems to be quite scattered. 

    Best regards,
    Andy

  • 0 in reply to andychess

    Hi Andy, sorry for the late reply. Could you test building the project with the following: west build -b thingy91x/nrf9151/ns -- -DSB_CONFIG_THINGY91X_NO_PREDEFINED_LAYOUT=y

    This will only work if you are using an external programmer i.e. programming through RTT.

    Kind regards,
    Øyvind

  • 0 in reply to Øyvind

    Hi Øyvind,

    Also from me, apologies for the late reply. 

    I tried you suggestion and the result is the same.  



    The second boot was with NO_DEFINED_LAYOUT.

    Here is the build output:

    west build -p -b thingy91x/nrf9151/ns -- -DSB_CONFIG_THINGY91X_NO_PREDEFINED_LAYOUT=y
    -- west build: making build dir /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build pristine
    -- west build: generating a build system
    Loading Zephyr module(s) (Zephyr base): sysbuild_default
    -- Found Python3: /Users/andy/nrfenv/bin/python3.13 (found suitable version "3.13.9", minimum required is "3.10") found components: Interpreter
    -- Cache files will be written to: /Users/andy/Library/Caches/zephyr
    -- Found west (found suitable version "1.4.0", minimum required is "0.14.0")
    -- Board: thingy91x, qualifiers: nrf9151/ns
    Parsing /Users/andy/nordic/ncs/v3.1.0/zephyr/share/sysbuild/Kconfig
    Loaded configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/_sysbuild/empty.conf'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/_sysbuild/empty.conf'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/zephyr/misc/generated/extra_kconfig_options.conf'
    Configuration saved to '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/zephyr/.config'
    Kconfig header saved to '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/_sysbuild/autoconf.h'
    --
    **************************
    * Running CMake for hmac *
    **************************

    Loading Zephyr default modules (Zephyr base).
    -- Application: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac
    -- CMake version: 4.1.2
    -- Found Python3: /Users/andy/nrfenv/bin/python (found suitable version "3.13.9", minimum required is "3.10") found components: Interpreter
    -- Cache files will be written to: /Users/andy/Library/Caches/zephyr
    -- Zephyr version: 4.1.99 (/Users/andy/nordic/ncs/v3.1.0/zephyr)
    -- Found west (found suitable version "1.4.0", minimum required is "0.14.0")
    -- Board: thingy91x, qualifiers: nrf9151/ns
    -- Found host-tools: zephyr 0.17.0 (/opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk)
    -- Found toolchain: zephyr 0.17.0 (/opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk)
    -- Found Dtc: /opt/homebrew/bin/dtc (found suitable version "1.7.2", minimum required is "1.4.6")
    -- Found BOARD.dts: /Users/andy/nordic/ncs/v3.1.0/nrf/boards/nordic/thingy91x/thingy91x_nrf9151_ns.dts
    -- Generated zephyr.dts: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/zephyr.dts
    -- Generated pickled edt: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/edt.pickle
    -- Generated devicetree_generated.h: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/include/generated/zephyr/devicetree_generated.h

    warning: PM_DEVICE_RUNTIME (defined at soc/nordic/nrf54h/Kconfig.defconfig:40,
    subsys/pm/Kconfig:119) was assigned the value 'y' but got the value 'n'. Check these unsatisfied
    dependencies: ((PM_DEVICE && SOC_SERIES_NRF54HX && SOC_FAMILY_NORDIC_NRF) || PM_DEVICE) (=n). See
    docs.zephyrproject.org/.../kconfig.html and/or look up
    PM_DEVICE_RUNTIME in the menuconfig/guiconfig interface. The Application Development Primer, Setting
    Configuration Values, and Kconfig - Tips and Best Practices sections of the manual might be helpful
    too.

    Parsing /Users/andy/nordic/ncs/v3.1.0/zephyr/Kconfig
    Loaded configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/boards/nordic/thingy91x/thingy91x_nrf9151_ns_defconfig'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/prj.conf'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/boards/thingy91x_nrf9151_ns.conf'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/.config.sysbuild'
    Configuration saved to '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/.config'
    Kconfig header saved to '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/include/generated/zephyr/autoconf.h'
    -- Found GnuLd: /opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk/arm-zephyr-eabi/arm-zephyr-eabi/bin/ld.bfd (found version "2.38")
    -- The C compiler identification is GNU 12.2.0
    -- The CXX compiler identification is GNU 12.2.0
    -- The ASM compiler identification is GNU
    -- Found assembler: /opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc
    =========== Generating psa_crypto_config ===============
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_C: False
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
    Backup: CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT: False
    Backup: CONFIG_MBEDTLS_THREADING_C: True
    Backup: CONFIG_MBEDTLS_THREADING_ALT: False
    =========== Checkpoint: backup ===============
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_C: False
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
    Restore: CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT: False
    Restore: CONFIG_MBEDTLS_THREADING_C: True
    Restore: CONFIG_MBEDTLS_THREADING_ALT: False
    =========== End psa_crypto_config ===============
    =========== Generating psa_crypto_library_config ===============
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_C: False
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
    Backup: CONFIG_MBEDTLS_USE_PSA_CRYPTO: True
    Backup: CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT: False
    Backup: CONFIG_MBEDTLS_THREADING_C: True
    Backup: CONFIG_MBEDTLS_THREADING_ALT: False
    =========== Checkpoint: backup ===============
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_C: False
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
    Restore: CONFIG_MBEDTLS_USE_PSA_CRYPTO: True
    Restore: CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT: False
    Restore: CONFIG_MBEDTLS_THREADING_C: True
    Restore: CONFIG_MBEDTLS_THREADING_ALT: False
    =========== End psa_crypto_library_config ===============
    -- Using ccache: /opt/homebrew/bin/ccache
    -- Found gen_kobject_list: /Users/andy/nordic/ncs/v3.1.0/zephyr/scripts/build/gen_kobject_list.py
    -- Configuring done (3.1s)
    -- Generating done (0.2s)
    -- Build files have been written to: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac
    Dropping partition 'nrf_modem_lib_trace' since its size is 0.
    Dropping partition 'nonsecure_storage' since it is empty.
    -- Configuring done (5.0s)
    -- Generating done (0.0s)
    -- Build files have been written to: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build
    -- west build: building application
    [5/10] Performing build step for 'hmac'
    [1/278] Preparing syscall dependency handling

    [6/278] Generating include/generated/zephyr/version.h
    -- Zephyr version: 4.1.99 (/Users/andy/nordic/ncs/v3.1.0/zephyr), build: ncs-v3.1.0
    [12/278] Generating ../../tfm/CMakeCache.txt
    -- Found Git: /usr/bin/git (found version "2.50.1 (Apple Git-155)")
    -- The C compiler identification is GNU 12.2.0
    -- The CXX compiler identification is GNU 12.2.0
    -- The ASM compiler identification is GNU
    -- Found assembler: /opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc
    -- Found Python3: /Users/andy/nrfenv/bin/python (found version "3.13.9") found components: Interpreter
    -- Found Python3: /Users/andy/nrfenv/bin/python (found suitable version "3.13.9", minimum required is "3.10") found components: Interpreter
    -- Cache files will be written to: /Users/andy/Library/Caches/zephyr
    CMake Warning (dev) at /Users/andy/nordic/ncs/v3.1.0/nrf/modules/trusted-firmware-m/tfm_boards/nrf9120/CMakeLists.txt:24 (install):
    Policy CMP0177 is not set: install() DESTINATION paths are normalized. Run
    "cmake --help-policy CMP0177" for policy details. Use the cmake_policy
    command to set the policy and suppress this warning.
    This warning is for project developers. Use -Wno-dev to suppress it.

    -- Configuring done (0.5s)
    -- Generating done (0.0s)
    -- Build files have been written to: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/tfm
    [17/278] Performing build step for 'tfm'
    [137/141] Linking C executable bin/tfm_s.axf
    Memory region Used Size Region Size %age Used
    FLASH: 32092 B 32 KB 97.94%
    RAM: 10692 B 40 KB 26.10%
    [141/141] Linking C static library secure_fw/libtfm_s_veneers.a
    [19/278] Performing install step for 'tfm'
    -- Install configuration: "MinSizeRel"
    ----- Installing platform NS -----
    [278/278] Linking C executable zephyr/zephyr.elf
    Memory region Used Size Region Size %age Used
    FLASH: 70260 B 992 KB 6.92%
    RAM: 25104 B 203416 B 12.34%
    IDT_LIST: 0 GB 32 KB 0.00%
    Generating files from /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/zephyr.elf for board: thingy91x
    [10/10] Generating ../merged.hex

    nrfenv  12:09  andy  ~/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac  ◈ v3.1.0  west flash --recover
    -- west flash: rebuilding
    [0/5] Performing build step for 'hmac'
    [0/14] Performing build step for 'tfm'
    ninja: no work to do.
    [2/3] Performing install step for 'tfm'
    -- Install configuration: "MinSizeRel"
    ----- Installing platform NS -----
    [3/3] Completed 'tfm'
    [4/5] cd /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/_sysbuild && /opt/homebrew/bin/cmake -E true
    -- west flash: using runner nrfutil
    -- runners.nrfutil: reset after flashing requested
    Using board 000853003346
    -- runners.nrfutil: Recovering and erasing all flash memory.
    -- runners.nrfutil: Flashing file: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/merged.hex
    -- runners.nrfutil: Connecting to probe
    -- runners.nrfutil: Recover
    -- runners.nrfutil: Erasing address ranges touched by firmware
    -- runners.nrfutil: Programming image
    -- runners.nrfutil: Verifying image
    -- runners.nrfutil: Reset
    -- runners.nrfutil: Board(s) with serial number(s) 853003346 flashed successfully.

     

Reply
  • 0 in reply to Øyvind

    Hi Øyvind,

    Also from me, apologies for the late reply. 

    I tried you suggestion and the result is the same.  



    The second boot was with NO_DEFINED_LAYOUT.

    Here is the build output:

    west build -p -b thingy91x/nrf9151/ns -- -DSB_CONFIG_THINGY91X_NO_PREDEFINED_LAYOUT=y
    -- west build: making build dir /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build pristine
    -- west build: generating a build system
    Loading Zephyr module(s) (Zephyr base): sysbuild_default
    -- Found Python3: /Users/andy/nrfenv/bin/python3.13 (found suitable version "3.13.9", minimum required is "3.10") found components: Interpreter
    -- Cache files will be written to: /Users/andy/Library/Caches/zephyr
    -- Found west (found suitable version "1.4.0", minimum required is "0.14.0")
    -- Board: thingy91x, qualifiers: nrf9151/ns
    Parsing /Users/andy/nordic/ncs/v3.1.0/zephyr/share/sysbuild/Kconfig
    Loaded configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/_sysbuild/empty.conf'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/_sysbuild/empty.conf'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/zephyr/misc/generated/extra_kconfig_options.conf'
    Configuration saved to '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/zephyr/.config'
    Kconfig header saved to '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/_sysbuild/autoconf.h'
    --
    **************************
    * Running CMake for hmac *
    **************************

    Loading Zephyr default modules (Zephyr base).
    -- Application: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac
    -- CMake version: 4.1.2
    -- Found Python3: /Users/andy/nrfenv/bin/python (found suitable version "3.13.9", minimum required is "3.10") found components: Interpreter
    -- Cache files will be written to: /Users/andy/Library/Caches/zephyr
    -- Zephyr version: 4.1.99 (/Users/andy/nordic/ncs/v3.1.0/zephyr)
    -- Found west (found suitable version "1.4.0", minimum required is "0.14.0")
    -- Board: thingy91x, qualifiers: nrf9151/ns
    -- Found host-tools: zephyr 0.17.0 (/opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk)
    -- Found toolchain: zephyr 0.17.0 (/opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk)
    -- Found Dtc: /opt/homebrew/bin/dtc (found suitable version "1.7.2", minimum required is "1.4.6")
    -- Found BOARD.dts: /Users/andy/nordic/ncs/v3.1.0/nrf/boards/nordic/thingy91x/thingy91x_nrf9151_ns.dts
    -- Generated zephyr.dts: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/zephyr.dts
    -- Generated pickled edt: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/edt.pickle
    -- Generated devicetree_generated.h: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/include/generated/zephyr/devicetree_generated.h

    warning: PM_DEVICE_RUNTIME (defined at soc/nordic/nrf54h/Kconfig.defconfig:40,
    subsys/pm/Kconfig:119) was assigned the value 'y' but got the value 'n'. Check these unsatisfied
    dependencies: ((PM_DEVICE && SOC_SERIES_NRF54HX && SOC_FAMILY_NORDIC_NRF) || PM_DEVICE) (=n). See
    docs.zephyrproject.org/.../kconfig.html and/or look up
    PM_DEVICE_RUNTIME in the menuconfig/guiconfig interface. The Application Development Primer, Setting
    Configuration Values, and Kconfig - Tips and Best Practices sections of the manual might be helpful
    too.

    Parsing /Users/andy/nordic/ncs/v3.1.0/zephyr/Kconfig
    Loaded configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/boards/nordic/thingy91x/thingy91x_nrf9151_ns_defconfig'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/prj.conf'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/boards/thingy91x_nrf9151_ns.conf'
    Merged configuration '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/.config.sysbuild'
    Configuration saved to '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/.config'
    Kconfig header saved to '/Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/include/generated/zephyr/autoconf.h'
    -- Found GnuLd: /opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk/arm-zephyr-eabi/arm-zephyr-eabi/bin/ld.bfd (found version "2.38")
    -- The C compiler identification is GNU 12.2.0
    -- The CXX compiler identification is GNU 12.2.0
    -- The ASM compiler identification is GNU
    -- Found assembler: /opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc
    =========== Generating psa_crypto_config ===============
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_C: False
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
    Backup: CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT: False
    Backup: CONFIG_MBEDTLS_THREADING_C: True
    Backup: CONFIG_MBEDTLS_THREADING_ALT: False
    =========== Checkpoint: backup ===============
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_C: False
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
    Restore: CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT: False
    Restore: CONFIG_MBEDTLS_THREADING_C: True
    Restore: CONFIG_MBEDTLS_THREADING_ALT: False
    =========== End psa_crypto_config ===============
    =========== Generating psa_crypto_library_config ===============
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_C: False
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
    Backup: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
    Backup: CONFIG_MBEDTLS_USE_PSA_CRYPTO: True
    Backup: CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT: False
    Backup: CONFIG_MBEDTLS_THREADING_C: True
    Backup: CONFIG_MBEDTLS_THREADING_ALT: False
    =========== Checkpoint: backup ===============
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_C: False
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER: False
    Restore: CONFIG_MBEDTLS_PSA_CRYPTO_SPM: False
    Restore: CONFIG_MBEDTLS_USE_PSA_CRYPTO: True
    Restore: CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT: False
    Restore: CONFIG_MBEDTLS_THREADING_C: True
    Restore: CONFIG_MBEDTLS_THREADING_ALT: False
    =========== End psa_crypto_library_config ===============
    -- Using ccache: /opt/homebrew/bin/ccache
    -- Found gen_kobject_list: /Users/andy/nordic/ncs/v3.1.0/zephyr/scripts/build/gen_kobject_list.py
    -- Configuring done (3.1s)
    -- Generating done (0.2s)
    -- Build files have been written to: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac
    Dropping partition 'nrf_modem_lib_trace' since its size is 0.
    Dropping partition 'nonsecure_storage' since it is empty.
    -- Configuring done (5.0s)
    -- Generating done (0.0s)
    -- Build files have been written to: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build
    -- west build: building application
    [5/10] Performing build step for 'hmac'
    [1/278] Preparing syscall dependency handling

    [6/278] Generating include/generated/zephyr/version.h
    -- Zephyr version: 4.1.99 (/Users/andy/nordic/ncs/v3.1.0/zephyr), build: ncs-v3.1.0
    [12/278] Generating ../../tfm/CMakeCache.txt
    -- Found Git: /usr/bin/git (found version "2.50.1 (Apple Git-155)")
    -- The C compiler identification is GNU 12.2.0
    -- The CXX compiler identification is GNU 12.2.0
    -- The ASM compiler identification is GNU
    -- Found assembler: /opt/nordic/ncs/toolchains/5c0d382932/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc
    -- Found Python3: /Users/andy/nrfenv/bin/python (found version "3.13.9") found components: Interpreter
    -- Found Python3: /Users/andy/nrfenv/bin/python (found suitable version "3.13.9", minimum required is "3.10") found components: Interpreter
    -- Cache files will be written to: /Users/andy/Library/Caches/zephyr
    CMake Warning (dev) at /Users/andy/nordic/ncs/v3.1.0/nrf/modules/trusted-firmware-m/tfm_boards/nrf9120/CMakeLists.txt:24 (install):
    Policy CMP0177 is not set: install() DESTINATION paths are normalized. Run
    "cmake --help-policy CMP0177" for policy details. Use the cmake_policy
    command to set the policy and suppress this warning.
    This warning is for project developers. Use -Wno-dev to suppress it.

    -- Configuring done (0.5s)
    -- Generating done (0.0s)
    -- Build files have been written to: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/tfm
    [17/278] Performing build step for 'tfm'
    [137/141] Linking C executable bin/tfm_s.axf
    Memory region Used Size Region Size %age Used
    FLASH: 32092 B 32 KB 97.94%
    RAM: 10692 B 40 KB 26.10%
    [141/141] Linking C static library secure_fw/libtfm_s_veneers.a
    [19/278] Performing install step for 'tfm'
    -- Install configuration: "MinSizeRel"
    ----- Installing platform NS -----
    [278/278] Linking C executable zephyr/zephyr.elf
    Memory region Used Size Region Size %age Used
    FLASH: 70260 B 992 KB 6.92%
    RAM: 25104 B 203416 B 12.34%
    IDT_LIST: 0 GB 32 KB 0.00%
    Generating files from /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/hmac/zephyr/zephyr.elf for board: thingy91x
    [10/10] Generating ../merged.hex

    nrfenv  12:09  andy  ~/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac  ◈ v3.1.0  west flash --recover
    -- west flash: rebuilding
    [0/5] Performing build step for 'hmac'
    [0/14] Performing build step for 'tfm'
    ninja: no work to do.
    [2/3] Performing install step for 'tfm'
    -- Install configuration: "MinSizeRel"
    ----- Installing platform NS -----
    [3/3] Completed 'tfm'
    [4/5] cd /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/_sysbuild && /opt/homebrew/bin/cmake -E true
    -- west flash: using runner nrfutil
    -- runners.nrfutil: reset after flashing requested
    Using board 000853003346
    -- runners.nrfutil: Recovering and erasing all flash memory.
    -- runners.nrfutil: Flashing file: /Users/andy/nordic/ncs/v3.1.0/nrf/samples/crypto/hmac/build/merged.hex
    -- runners.nrfutil: Connecting to probe
    -- runners.nrfutil: Recover
    -- runners.nrfutil: Erasing address ranges touched by firmware
    -- runners.nrfutil: Programming image
    -- runners.nrfutil: Verifying image
    -- runners.nrfutil: Reset
    -- runners.nrfutil: Board(s) with serial number(s) 853003346 flashed successfully.

     

Children
No Data
Related
Terms of service