• State Not Answered
  • Replies 3 replies
  • Subscribers 93 subscribers
  • Views 72 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 361166
Options

Problem with updatable MCUBoot + multi updatable images

tdfilip

Hello, 

I work on a zephyr project with updatable MCUBoot and two updatable images. This configuration ends up with an unbootable image. The reason is that the CONFIG_MCUBOOT_MCUBOOT_IMAGE_NUMBER ends up with value 1 while the SECURE_BOOT_APPCORE is enabled and MCUBOOT_UPDATEABLE_IMAGES > 1. The following patch seems to solve the issue:

diff --git a/sysbuild/CMakeLists.txt b/sysbuild/CMakeLists.txt
index 7abed9c84c..155f83be32 100644
--- a/sysbuild/CMakeLists.txt
+++ b/sysbuild/CMakeLists.txt
@@ -232,6 +232,17 @@ function(${SYSBUILD_CURRENT_MODULE_NAME}_pre_cmake)
       set(${current_cache_name} ${value} CACHE INTERNAL "" FORCE)
     endforeach()
 
+    if(SB_CONFIG_SECURE_BOOT_APPCORE)
+      math(EXPR correct_mcuboot_image_number "${mcuboot_total_images} - 1")
+      if(NOT ${NCS_MCUBOOT_MCUBOOT_IMAGE_NUMBER} EQUAL ${correct_mcuboot_image_number})
+        set(image_list b0;mcuboot;${updateable_images})
+        foreach(image ${image_list})
+          set_config_int(${image} CONFIG_MCUBOOT_MCUBOOT_IMAGE_NUMBER ${correct_mcuboot_image_number})
+        endforeach()
+        set(NCS_MCUBOOT_MCUBOOT_IMAGE_NUMBER ${correct_mcuboot_image_number} CACHE INTERNAL "" FORCE)
+      endif()
+    endif()
+
     # Assign image IDs for MCUboot extra images
     set(dfu_slots_application_kconfigs CONFIG_MCUBOOT_EXTRA_1_IMAGE_NUMBER;CONFIG_MCUBOOT_EXTRA_2_IMAGE_NUMBER)
     set(dfu_slots_cache_names NCS_MCUBOOT_EXTRA_1_IMAGE_NUMBER;NCS_MCUBOOT_EXTRA_2_IMAGE_NUMBER)

NCS v3.5.0-preview1
nRF54L15 DK

Could you confirm if you can reproduce the issue?

Regards,
Filip

Parents
  • 0

    Hi Filip, 

    Could you elaborate on the details of the reproduction?

    Regards,
    Amanda H.

  • 0 in reply to Amanda Hsieh

    Hi Amanda,

    To reproduce the issue, you need to build the following architecture:
    b0
    mcuboot (s0)
    mcuboot (s1)
    custom app 1 (mcuboot_primary)
    custom app 1 (mcuboot_secondary)
    custom app 2 (mcuboot_primary_1)
    custom app 2 (mcuboot_secondary_1)

    To achieve this, you need the following options:
    SB_CONFIG_SECURE_BOOT_APPCORE=y
    SB_CONFIG_BOOTLOADER_MCUBOOT=y
    SB_CONFIG_MCUBOOT_UPDATEABLE_IMAGES=2

    This log shows that the MCUBoot doesn't even see image index 2 (only 0 and 1). This ends up with unbootable primary image:

    Fprotect disabled. No protection applied.
LCS-awareness disabled.
Attempting to boot slot 0.
Attempting to boot from address 0x7800.
I: Trying to get Firmware version
I: Firmware signature verified.
Firmware version 1
I: Setting monotonic counter (version: 1, slot: 0)
*** Booting MCUboot v2.3.0-dev-b39452e9c7e8 ***
*** Using nRF Connect SDK v3.5.0-preview1-f62d6ecf1b15 ***
*** Using Zephyr OS v4.4.0-b1fd0755fc8e ***
I: Starting bootloader
I: LCS-awareness disabled, skipping LCS check
I: Primary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Secondary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Boot source: none
I: Image index: 0, Swap type: none
I: Primary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Secondary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Boot source: none
I: Image index: 1, Swap type: none
W: Cannot upgrade: not a compatible amount of sectors
E: Image in the primary slot is not valid!
E: Unable to find bootable image

    Here is the log after applying the patch I provided:

    Fprotect disabled. No protection applied.
LCS-awareness disabled.
Attempting to boot slot 0.
Attempting to boot from address 0x7800.
I: Trying to get Firmware version
I: Firmware signature verified.
Firmware version 1
I: Setting monotonic counter (version: 1, slot: 0)
*** Booting MCUboot v2.3.0-dev-b39452e9c7e8 ***
*** Using nRF Connect SDK v3.5.0-preview1-f62d6ecf1b15 ***
*** Using Zephyr OS v4.4.0-b1fd0755fc8e ***
I: Starting bootloader
I: LCS-awareness disabled, skipping LCS check
I: Primary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Secondary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Boot source: none
I: Image index: 0, Swap type: none
I: Primary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Secondary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Boot source: none
I: Image index: 1, Swap type: none
I: Primary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Secondary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Boot source: none
I: Image index: 2, Swap type: none
I: Bootloader chainload address offset: 0x23000
I: Image version: v0.0.0
I: Jumping to the first image slot
*** Booting nRF Connect SDK v3.5.0-preview1-f62d6ecf1b15 ***
*** Using Zephyr OS v4.4.0-b1fd0755fc8e ***

==============================
  Recovery App (nRF54L15 POC)
  NCS version: 3.5.0-preview1
==============================

Normal boot - chain-loading main app (image 1)...
Jumping to 0x000e8800 (MSP=0x200166e8, Reset=0x000f30fd)

*** Booting nRF Connect SDK v3.5.0-preview1-f62d6ecf1b15 ***
*** Using Zephyr OS v4.4.0-b1fd0755fc8e ***

==============================
  Main app - nRF54L15
  NCS version: 3.5.0-preview1
==============================

BLE advertising as "Main App"

    It now sees all 3 images and works fine.

    Regards,
    Filip

  • 0 in reply to tdfilip

    Thanks for the nice sharing. I have forwarded it to the internal team. 

Reply Children
No Data
Related
Terms of service