• State Verified Answer
  • Replies 4 replies
  • Subscribers 93 subscribers
  • Views 322 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 359989
Options

Nrf desktop hid mcuboot development

CJL

I want to expand the flash allocated to mcuboot on the NRF desktop, but it failed to start after compilation

The following is a flash layout that can be successfully launched

# 原始分区(mcuboot 28KB)
app:
address: 0x7800
region: flash_primary
size: 0xb8800
mcuboot:
address: 0x0
region: flash_primary
size: 0x7000
mcuboot_pad:
address: 0x7000
region: flash_primary
size: 0x800
mcuboot_primary:
address: 0x7000
orig_span: &id001
- app
- mcuboot_pad
region: flash_primary
size: 0xb9000
span: *id001
mcuboot_primary_app:
address: 0x7800
orig_span: &id002
- app
region: flash_primary
size: 0xb8800
span: *id002
mcuboot_secondary:
address: 0xc0000
orig_span: &id003
- mcuboot_secondary_pad
- mcuboot_secondary_app
region: flash_primary
size: 0xb9000
span: *id003
mcuboot_secondary_pad:
region: flash_primary
address: 0xc0000
size: 0x800
mcuboot_secondary_app:
region: flash_primary
address: 0xc0800
size: 0xb8800
settings_storage:
address: 0x179000
region: flash_primary
size: 0x4000

I couldn't start after enlarging the mcuboot partition to 64kb, and at the same time, I opened the mcuboot log

app:
address: 0x10800
region: flash_primary
size: 0xb4000

mcuboot:
address: 0x0
region: flash_primary
size: 0x10000

mcuboot_pad:
address: 0x10000
region: flash_primary
size: 0x800

mcuboot_primary:
address: 0x10000
orig_span: &id001
- app
- mcuboot_pad
region: flash_primary
size: 0xb4800 # ← 必须是 0x800 + 0xb4000
span: *id001

mcuboot_primary_app:
address: 0x10800
orig_span: &id002
- app
region: flash_primary
size: 0xb4000
span: *id002

mcuboot_secondary:
address: 0xc4800
orig_span: &id003
- mcuboot_secondary_pad
- mcuboot_secondary_app
region: flash_primary
size: 0xb4800 # ← 必须与 primary 相同
span: *id003

mcuboot_secondary_pad:
region: flash_primary
address: 0xc4800
size: 0x800

mcuboot_secondary_app:
region: flash_primary
address: 0xc5000
size: 0xb4000

settings_storage:
address: 0x179000
region: flash_primary
size: 0x4000

The mcuboot log output is as follows

00> [00:13:16.873,432] <dbg> mcuboot: main: Starting Direct-XIP bootloader 00> [00:13:16.873,609] <dbg> mcuboot: boot_get_slot_usage: Primary slot: version=3.1.1+0 00> [00:13:16.873,794] <dbg> mcuboot: boot_get_slot_usage: Secondary slot: version=3.1.1+0 00> [00:13:16.873,983] <dbg> mcuboot: boot_version_cmp: boot_version_cmp: ver1 3.1.1.0 vs ver2 3.1.1.0 00> [00:13:16.874,192] <dbg> mcuboot: boot_validate_slot: boot_validate_slot: slot 0, expected_swap_type 0 00> [00:13:16.874,374] <dbg> mcuboot: bootutil_img_validate: bootutil_img_validate: flash area 0x7ce4 00> [00:13:16.874,550] <dbg> mcuboot: bootutil_tlv_iter_begin: bootutil_tlv_iter_begin: type 37, prot == 0 00> [00:13:16.874,744] <dbg> mcuboot: bootutil_tlv_iter_next: bootutil_tlv_iter_next: searching for 37 (65535 is any) starting at 348760 ending at 348969 00> [00:13:16.874,995] <dbg> mcuboot: bootutil_tlv_iter_next: bootutil_tlv_iter_next: TLV 16624 found at 348832 (size 1) 00> [00:13:16.875,205] <dbg

Could you please help me take a look at this issue? It has been bothering me for a long time

Parents
  • 0

    Hi Jiale,

    It is a known issue. FPROTECT can support locking up to 62 KB of RRAM on nRF54L SoCs when used by immutable MCUboot. Either the partition declared for MCUboot or its size might be too large for using FPROTECT. Your MCUboot partition is 64 KB (0x10000), which exceeds the supported limit. The RRAMC hardware on nRF54L only provides two regions (3 and 4) for protection:

    • Up to 31 KB → uses RRAMC region 4 alone
    • Between 31 KB and 62 KB → uses both regions 3 and 4 (requires CONFIG_FPROTECT_ALLOW_COMBINED_REGIONS)
    • Above 62 KB → not supported, causes a static assertion failure

    Refer: https://nrfconnectdocs.nordicsemi.com/ncs/latest/nrf/app_dev/device_guides/nrf54l/dfu_config.html#nvm-protections 

    You will either need to decrease the partition size to less than 62 KB or Disable FPROTECT as you did. You can disable it by setting CONFIG_FPROTECT=n in your MCUboot configuration, but this removes write protection from the bootloader region, which is a security risk in production firmware.

    Best Regards,

    Swathy

Reply
  • 0

    Hi Jiale,

    It is a known issue. FPROTECT can support locking up to 62 KB of RRAM on nRF54L SoCs when used by immutable MCUboot. Either the partition declared for MCUboot or its size might be too large for using FPROTECT. Your MCUboot partition is 64 KB (0x10000), which exceeds the supported limit. The RRAMC hardware on nRF54L only provides two regions (3 and 4) for protection:

    • Up to 31 KB → uses RRAMC region 4 alone
    • Between 31 KB and 62 KB → uses both regions 3 and 4 (requires CONFIG_FPROTECT_ALLOW_COMBINED_REGIONS)
    • Above 62 KB → not supported, causes a static assertion failure

    Refer: https://nrfconnectdocs.nordicsemi.com/ncs/latest/nrf/app_dev/device_guides/nrf54l/dfu_config.html#nvm-protections 

    You will either need to decrease the partition size to less than 62 KB or Disable FPROTECT as you did. You can disable it by setting CONFIG_FPROTECT=n in your MCUboot configuration, but this removes write protection from the bootloader region, which is a security risk in production firmware.

    Best Regards,

    Swathy

Children
No Data
Related
Terms of service