• State Not Answered
  • Replies 11 replies
  • Subscribers 86 subscribers
  • Views 512 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 357314
Options

nRF9151 TF-M Boot Hang When Enabling NVS for Onomondo SoftSIM

luqman

Hardware:

nRF9151 DK
Board: nrf9151dk/nrf9151/ns

  • nRF Connect SDK version: 3.2.1
  • Zephyr version: 0.17

Issue Description:

I have a working LWM2M application with TF-M enabled. When I integrate Onomondo SoftSIM library, it requires CONFIG_NVS=y to be enabled. However, as soon as I enable NVS, the device hangs during boot and never reaches main().

Broken Configuration (with NVS):

CONFIG_BUILD_WITH_TFM=y
CONFIG_LWM2M_CLIENT_UTILS=y
CONFIG_NVS=y
CONFIG_PM_PARTITION_SIZE_NVS_STORAGE=0x8000
CONFIG_SOFTSIM=y

Partition Layout:

The partition layout appears correct with no overlaps. NVS is in non-secure region:

nvs_storage:
  address: 0xe8000
  end_address: 0xf0000
  region: flash_primary
  size: 0x8000

tfm_its:
  address: 0xf8000
  size: 0x2000

tfm_otp_nv_counters:
  address: 0xfa000
  size: 0x2000

tfm_nonsecure:
  address: 0x18000
  end_address: 0x78000
  size: 0x60000

Questions:

  1. Is this a known SPU (System Protection Unit) permissions issue where NVS tries to access flash before TF-M configures the regions as non-secure?
  2. How can I configure TF-M to allow the NVS flash region (0xe8000-0xf0000) to be accessible from non-secure code during early boot?
  3. Is there a recommended initialization order or additional TF-M configuration needed when combining TF-M + NVS on nRF9151?

Any guidance would be greatly appreciated.

Parents
  • 0

    Hello,

    can you provide .config file, and partitions.yml found in the build directory?

  • 0 in reply to Hakon

    Hi, 

    Thank you for the response.

    Here is partitions.yml.

    EMPTY_0:
  address: 0xc000
  end_address: 0x10000
  placement:
    before:
    - mcuboot_pad
  region: flash_primary
  size: 0x4000
EMPTY_1:
  address: 0xfa000
  end_address: 0x100000
  placement:
    after:
    - settings_storage
  region: flash_primary
  size: 0x6000
app:
  address: 0x18000
  end_address: 0x80000
  region: flash_primary
  size: 0x68000
mcuboot:
  address: 0x0
  end_address: 0xc000
  placement:
    align:
      end: 0x1000
    before:
    - mcuboot_primary
  region: flash_primary
  size: 0xc000
mcuboot_pad:
  address: 0x10000
  end_address: 0x10200
  placement:
    align:
      start: 0x8000
    before:
    - mcuboot_primary_app
  region: flash_primary
  size: 0x200
mcuboot_primary:
  address: 0x10000
  end_address: 0x80000
  orig_span: &id001
  - app
  - tfm
  - mcuboot_pad
  region: flash_primary
  sharers: 0x1
  size: 0x70000
  span: *id001
mcuboot_primary_app:
  address: 0x10200
  end_address: 0x80000
  orig_span: &id002
  - app
  - tfm
  region: flash_primary
  size: 0x6fe00
  span: *id002
mcuboot_secondary:
  address: 0x80000
  end_address: 0xf0000
  placement:
    after:
    - mcuboot_primary
    align:
      start: 0x8000
  region: flash_primary
  share_size:
  - mcuboot_primary
  size: 0x70000
mcuboot_sram:
  address: 0x20000000
  end_address: 0x20008000
  orig_span: &id003
  - tfm_sram
  region: sram_primary
  size: 0x8000
  span: *id003
nonsecure_storage:
  address: 0xf0000
  end_address: 0xfa000
  orig_span: &id004
  - settings_storage
  - nvs_storage
  region: flash_primary
  size: 0xa000
  span: *id004
nrf_modem_lib_ctrl:
  address: 0x20008000
  end_address: 0x200084e8
  inside:
  - sram_nonsecure
  placement:
    after:
    - tfm_sram
    - start
  region: sram_primary
  size: 0x4e8
nrf_modem_lib_rx:
  address: 0x2000a568
  end_address: 0x2000c568
  inside:
  - sram_nonsecure
  placement:
    after:
    - nrf_modem_lib_tx
  region: sram_primary
  size: 0x2000
nrf_modem_lib_sram:
  address: 0x20008000
  end_address: 0x2000c568
  orig_span: &id005
  - nrf_modem_lib_ctrl
  - nrf_modem_lib_tx
  - nrf_modem_lib_rx
  region: sram_primary
  size: 0x4568
  span: *id005
nrf_modem_lib_tx:
  address: 0x200084e8
  end_address: 0x2000a568
  inside:
  - sram_nonsecure
  placement:
    after:
    - nrf_modem_lib_ctrl
  region: sram_primary
  size: 0x2080
nvs_storage:
  address: 0xf0000
  end_address: 0xf8000
  inside:
  - nonsecure_storage
  placement:
    align:
      start: 0x8000
    before:
    - settings_storage
  region: flash_primary
  size: 0x8000
otp:
  address: 0xff8108
  end_address: 0xff83fc
  region: otp
  size: 0x2f4
settings_storage:
  address: 0xf8000
  end_address: 0xfa000
  inside:
  - nonsecure_storage
  placement:
    align:
      start: 0x8000
    before:
    - end
  region: flash_primary
  size: 0x2000
sram_nonsecure:
  address: 0x20008000
  end_address: 0x20040000
  orig_span: &id006
  - sram_primary
  - nrf_modem_lib_ctrl
  - nrf_modem_lib_tx
  - nrf_modem_lib_rx
  region: sram_primary
  size: 0x38000
  span: *id006
sram_primary:
  address: 0x2000c568
  end_address: 0x20040000
  region: sram_primary
  size: 0x33a98
sram_secure:
  address: 0x20000000
  end_address: 0x20008000
  orig_span: &id007
  - tfm_sram
  region: sram_primary
  size: 0x8000
  span: *id007
tfm:
  address: 0x10200
  end_address: 0x18000
  inside:
  - mcuboot_primary_app
  placement:
    before:
    - app
  region: flash_primary
  size: 0x7e00
tfm_nonsecure:
  address: 0x18000
  end_address: 0x80000
  orig_span: &id008
  - app
  region: flash_primary
  size: 0x68000
  span: *id008
tfm_secure:
  address: 0x10000
  end_address: 0x18000
  orig_span: &id009
  - mcuboot_pad
  - tfm
  region: flash_primary
  size: 0x8000
  span: *id009
tfm_sram:
  address: 0x20000000
  end_address: 0x20008000
  inside:
  - sram_secure
  placement:
    after:
    - start
  region: sram_primary
  size: 0x8000

    The .config 

    SB_CONFIG_BOARD="nrf9151dk"
SB_CONFIG_BOARD_REVISION=""
SB_CONFIG_BOARD_NRF9151DK=y
SB_CONFIG_BOARD_NRF9151DK_NRF9151_NS=y
SB_CONFIG_BOARD_QUALIFIERS="nrf9151/ns"
SB_CONFIG_SOC="nrf9151"
SB_CONFIG_SOC_SERIES="nrf91"
SB_CONFIG_SOC_FAMILY="nordic_nrf"
SB_CONFIG_SOC_FAMILY_NORDIC_NRF=y
SB_CONFIG_SOC_SERIES_NRF91X=y
SB_CONFIG_SOC_NRF9120=y
SB_CONFIG_SOC_NRF9151_LACA=y

#
# Sysbuild image configuration
#

#
# Modules
#

#
# Available modules.
#
SB_CONFIG_ZEPHYR_PROXICURE_FIRMWARE_MODULE=y

#
# nrf (D:/ProxiCure/Firmware/nrf)
#
SB_CONFIG_PARTITION_MANAGER=y
SB_CONFIG_PM_MCUBOOT_PAD=0x200
# SB_CONFIG_PM_EXTERNAL_FLASH_MCUBOOT_SECONDARY is not set
# SB_CONFIG_PM_OVERRIDE_EXTERNAL_DRIVER_CHECK is not set
SB_CONFIG_BUILD_OUTPUT_BIN=y
SB_CONFIG_BUILD_OUTPUT_HEX=y
SB_CONFIG_BOARD_IS_NON_SECURE=y
SB_CONFIG_APPCORE_REMOTE_BOARD_TARGET_CPUCLUSTER="cpuapp"
SB_CONFIG_APPCORE_REMOTE_DOMAIN="CPUAPP"

#
# Secure Bootloader
#
# SB_CONFIG_SECURE_BOOT_APPCORE is not set
# end of Secure Bootloader

#
# MCUboot configuration
#
# SB_CONFIG_MCUBOOT_HARDWARE_DOWNGRADE_PREVENTION is not set
SB_CONFIG_MCUBOOT_EXTRA_IMAGES=0
SB_CONFIG_MCUBOOT_MAX_UPDATEABLE_IMAGES=4
SB_CONFIG_MCUBOOT_MIN_UPDATEABLE_IMAGES=1
SB_CONFIG_MCUBOOT_MIN_ADDITIONAL_UPDATEABLE_IMAGES=0
SB_CONFIG_MCUBOOT_UPDATEABLE_IMAGES=1
SB_CONFIG_MCUBOOT_ADDITIONAL_UPDATEABLE_IMAGES=0
SB_CONFIG_MCUBOOT_APP_SYNC_UPDATEABLE_IMAGES=y
# SB_CONFIG_MCUBOOT_USE_ALL_AVAILABLE_RAM is not set
# end of MCUboot configuration

# SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_BUILD is not set
SB_CONFIG_SUPPORT_QSPI_XIP=y

#
# Bluetooth Fair Pair
#
SB_CONFIG_BT_FAST_PAIR_MODEL_ID=0x1000000
SB_CONFIG_BT_FAST_PAIR_ANTI_SPOOFING_PRIVATE_KEY=""
# end of Bluetooth Fair Pair

SB_CONFIG_DFU_ZIP=y
SB_CONFIG_DFU_ZIP_APP=y
# SB_CONFIG_DFU_ZIP_BLUETOOTH_MESH_METADATA is not set
# SB_CONFIG_MATTER is not set

#
# Wi-Fi
#
# SB_CONFIG_WIFI_NRF70 is not set
# end of Wi-Fi

# SB_CONFIG_APPROTECT_USE_UICR is not set
# SB_CONFIG_APPROTECT_LOCK is not set
# SB_CONFIG_APPROTECT_USER_HANDLING is not set
SB_CONFIG_APPROTECT_NO_SYSBUILD=y
# SB_CONFIG_SECURE_APPROTECT_USE_UICR is not set
# SB_CONFIG_SECURE_APPROTECT_LOCK is not set
# SB_CONFIG_SECURE_APPROTECT_USER_HANDLING is not set
SB_CONFIG_SECURE_APPROTECT_NO_SYSBUILD=y
# SB_CONFIG_LWM2M_CARRIER_DIVIDED_DFU is not set

#
# TF-M
#
# SB_CONFIG_TFM_OTP_PSA_CERTIFICATE_REFERENCE is not set
# end of TF-M

SB_CONFIG_SUPPORT_FIRMWARE_LOADER_BLE_MCUMGR=y
SB_CONFIG_ZEPHYR_NRF_MODULE=y
# end of nrf (D:/ProxiCure/Firmware/nrf)

SB_CONFIG_ZEPHYR_HOSTAP_MODULE=y
SB_CONFIG_ZEPHYR_MCUBOOT_MODULE=y
SB_CONFIG_ZEPHYR_MBEDTLS_MODULE=y
SB_CONFIG_ZEPHYR_OBERON_PSA_CRYPTO_MODULE=y
SB_CONFIG_ZEPHYR_TRUSTED_FIRMWARE_M_MODULE=y
SB_CONFIG_ZEPHYR_PSA_ARCH_TESTS_MODULE=y
SB_CONFIG_ZEPHYR_CJSON_MODULE=y
SB_CONFIG_ZEPHYR_AZURE_SDK_FOR_C_MODULE=y
SB_CONFIG_ZEPHYR_CIRRUS_LOGIC_MODULE=y
SB_CONFIG_ZEPHYR_OPENTHREAD_MODULE=y
SB_CONFIG_ZEPHYR_MEMFAULT_FIRMWARE_SDK_MODULE=y
SB_CONFIG_ZEPHYR_COREMARK_MODULE=y
SB_CONFIG_ZEPHYR_CANOPENNODE_MODULE=y
SB_CONFIG_ZEPHYR_CHRE_MODULE=y
SB_CONFIG_ZEPHYR_LZ4_MODULE=y
SB_CONFIG_ZEPHYR_TF_M_TESTS_MODULE=y
SB_CONFIG_ZEPHYR_ZSCILIB_MODULE=y
SB_CONFIG_ZEPHYR_CMSIS_MODULE=y
SB_CONFIG_ZEPHYR_CMSIS_DSP_MODULE=y
SB_CONFIG_ZEPHYR_CMSIS_NN_MODULE=y
SB_CONFIG_ZEPHYR_CMSIS_6_MODULE=y
SB_CONFIG_ZEPHYR_FATFS_MODULE=y
SB_CONFIG_ZEPHYR_HAL_NORDIC_MODULE=y
SB_CONFIG_ZEPHYR_HAL_ST_MODULE=y
SB_CONFIG_ZEPHYR_HAL_TDK_MODULE=y
SB_CONFIG_ZEPHYR_HAL_WURTHELEKTRONIK_MODULE=y
SB_CONFIG_ZEPHYR_LIBLC3_MODULE=y
SB_CONFIG_ZEPHYR_LIBMETAL_MODULE=y
SB_CONFIG_ZEPHYR_LITTLEFS_MODULE=y
SB_CONFIG_ZEPHYR_LORAMAC_NODE_MODULE=y
SB_CONFIG_ZEPHYR_LVGL_MODULE=y
SB_CONFIG_ZEPHYR_MIPI_SYS_T_MODULE=y
SB_CONFIG_ZEPHYR_NANOPB_MODULE=y
SB_CONFIG_ZEPHYR_NRF_WIFI_MODULE=y
SB_CONFIG_ZEPHYR_OPEN_AMP_MODULE=y
SB_CONFIG_ZEPHYR_PERCEPIO_MODULE=y
SB_CONFIG_ZEPHYR_PICOLIBC_MODULE=y
SB_CONFIG_ZEPHYR_SEGGER_MODULE=y
SB_CONFIG_ZEPHYR_UOSCORE_UEDHOC_MODULE=y
SB_CONFIG_ZEPHYR_ZCBOR_MODULE=y

#
# softsim (D:/ProxiCure/Firmware/modules/lib/onomondo-softsim)
#

#
# Onomondo SoftSIM Options
#
# SB_CONFIG_SOFTSIM_BUNDLE_TEMPLATE_HEX is not set
# end of Onomondo SoftSIM Options

SB_CONFIG_ZEPHYR_SOFTSIM_MODULE=y
# end of softsim (D:/ProxiCure/Firmware/modules/lib/onomondo-softsim)

SB_CONFIG_ZEPHYR_NRFXLIB_MODULE=y
SB_CONFIG_ZEPHYR_NRF_HW_MODELS_MODULE=y
SB_CONFIG_ZEPHYR_CONNECTEDHOMEIP_MODULE=y

#
# Unavailable modules, please install those via the project manifest.
#
# end of Modules

# SB_CONFIG_WARN_EXPERIMENTAL is not set
SB_CONFIG_WARN_DEPRECATED=y
SB_CONFIG_SUPPORT_BOOTLOADER=y
SB_CONFIG_SUPPORT_BOOTLOADER_MCUBOOT_ZEPHYR=y
# SB_CONFIG_BOOTLOADER_NONE is not set
SB_CONFIG_BOOTLOADER_MCUBOOT=y
# SB_CONFIG_MCUBOOT_MODE_SINGLE_APP is not set
# SB_CONFIG_MCUBOOT_MODE_SWAP_USING_OFFSET is not set
SB_CONFIG_MCUBOOT_MODE_SWAP_USING_MOVE=y
# SB_CONFIG_MCUBOOT_MODE_SWAP_WITHOUT_SCRATCH is not set
# SB_CONFIG_MCUBOOT_MODE_SWAP_SCRATCH is not set
# SB_CONFIG_MCUBOOT_MODE_OVERWRITE_ONLY is not set
# SB_CONFIG_MCUBOOT_MODE_DIRECT_XIP is not set
# SB_CONFIG_MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT is not set
# SB_CONFIG_MCUBOOT_MODE_RAM_LOAD is not set
# SB_CONFIG_MCUBOOT_MODE_RAM_LOAD_WITH_REVERT is not set
# SB_CONFIG_MCUBOOT_MODE_FIRMWARE_UPDATER is not set
# SB_CONFIG_MCUBOOT_MODE_SINGLE_APP_RAM_LOAD is not set
SB_CONFIG_SIGNATURE_TYPE="ECDSA_P256"
# SB_CONFIG_BOOT_SIGNATURE_TYPE_NONE is not set
# SB_CONFIG_BOOT_SIGNATURE_TYPE_RSA is not set
SB_CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=y
# SB_CONFIG_BOOT_SIGNATURE_TYPE_ED25519 is not set
SB_CONFIG_BOOT_SIGNATURE_KEY_FILE="D:/ProxiCure/Firmware/bootloader/mcuboot/root-ec-p256.pem"
SB_CONFIG_SUPPORT_BOOT_ENCRYPTION=y
# SB_CONFIG_BOOT_ENCRYPTION is not set
SB_CONFIG_SUPPORT_FIRMWARE_LOADER_SMP_SVR=y

#
# Build options
#
# SB_CONFIG_COMPILER_WARNINGS_AS_ERRORS is not set
# end of Build options

  • 0 in reply to luqman

    Hi,

    Is there any test done on your side I'm looking for your test

  • 0 in reply to luqman

    Yes, I have tested this now and reproduced the issue. I will give this priority now and will notify you if I figure something out.

  • 0 in reply to luqman

    I have done some more testing, and it very much looks like there is a bug going on. Unfortunately I don't have a workaround for this at the moment, but I will report the bug internally and come back with more information later on.

  • 0 in reply to Hakon

    Thank you, 

    Looking forward to some progress on this issue

Reply Children
No Data
Related
Terms of service