• State Verified Answer
  • Replies 4 replies
  • Subscribers 87 subscribers
  • Views 186 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 356326
Options

Crash on psa_export_key

Tom H.

Hello,

In my project, I use both a Bluetooth interface for communication and the PSA functionalities to store and read/use keys.
I use the following configuration (excerpt) for the respective functionality:

CONFIG_MAIN_STACK_SIZE=8192

CONFIG_BT=y
CONFIG_BT_SMP=y
CONFIG_BT_SETTINGS=y
CONFIG_BT_RX_STACK_SIZE=4096
CONFIG_BT_PERIPHERAL=y
CONFIG_BT_MAX_PAIRED=9

CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C=y
CONFIG_MBEDTLS_HEAP_SIZE=8192
CONFIG_PSA_WANT_ALG_CTR=y
CONFIG_TFM_ITS_ENCRYPTED=y
CONFIG_HEAP_MEM_POOL_SIZE=8192

CONFIG_FLASH=y
CONFIG_FLASH_PAGE_LAYOUT=y
CONFIG_FLASH_MAP=y
CONFIG_NVS=y
CONFIG_SETTINGS=y
CONFIG_SETTINGS_NVS=y
CONFIG_TRUSTED_STORAGE=y

Both implementations (BLE, PSA) store their keys or settings in the ITS (Internal Trusted Storage).
The ITS is mapped to the internal flash. The following configuration is created in pm_static.yml for the corresponding partition:

settings_storage:
  address: 0xf0000
  end_address: 0x100000
  region: flash_primary
  size: 0x10000

During initial startup, keys are stored in the ITS via the PSA_ functions on my device. These are then used for authentication later on.
It can be assumed that the device with the error was paired with several devices via Bluetooth.

One device (out of several others) crashes (presumably with an exception) when I try to read a key with psa_export_key in order to use it later on.
The error can be fixed by calling bt_unpair for all bonding information on the device. From this point on, psa_export_key runs normally and also returns the expected key.

Unfortunately, I am unable to debug the code on the devices where the error occurs. And I have not yet been able to reproduce the error artificially.
I have already increased (doubled) the heap and stack on a trial basis, but this did not fix the error.

Has anyone here already experienced a crash with psa_export_key?

I don't understand:
- Is the error due to fragmentation of the memory area?
- What causes fragmentation of the ITS?
- Why can the error be fixed by calling bt_unpair?
- Are there any ideas on how I can artificially provoke the error?

Thanks in advance.

BR, Tom

  • 0

    Does your code call settings_save() or settings_load() somewhere near the export? These functions call handlers for BTLE stuff, and these can fail when BT was still disabled. Can also cause more stack usage and thus a stack overflow.

    The bt_unpair() call deletes BT information from settings storage and thus would limit BT handler calls and stack usage.

  • 0 in reply to Turbo J

    Thanks for your reply.

    When the application is started, the following functions are called in the order listed below:

    settings_subsys_init()
    bt_enable()
    settings_load()
    psa_crypto_init()


    I don't call settings_save() in my code.


    The init calls are not near the psa_export_key call. This call gets triggered in a CAN frame event that I trigger manually.

    BR, Tom

  • 0

    Hi Tom, 

    Could you explain exactly how BLE store keys /bond info in ITS ? 

    I don't see it in the settings_storage configuration, could you send the partitions.yml file in your build folder ? 

    Do you have any log that can show to us ? 

    My understanding is that you haven't managed to reproduce the issue? How long has the device that showed the issue deployed until it crashed ? 

  • +1

    Thanks for your replies guys. I found the issue.

    The ITS indeed got fragmented. Because I wanted to change the Bluetooth device name dynamically I called "bt_set_name" on every startup with a default name and changed it on runtime again. Every time this "bt_set_name" call happens the name gets stored in the ITS.

Related
Terms of service