NRF9160 Memory partition

See /path/to/zephyr/boards/arm/nrf9160_pca10090.

In this folder you will find all files relating to the hardware set up of the PCA10090, the device tree structure.

In the files labeled nrf9160_pca10090_common.dts and nrf9160_pca10090_partition_conf.dts, you will find the partition setups for every area in the 1MB flash memory.

Edit the addresses to increase the size of the non-secure memory (I assume this is a non-secure space issue and not the secure side). For non-secure partition sizes, you are looking at slot0ns and slot1ns in the nrf9160_pca10090_partition_conf.dts. Increase the sizes of these regions and decrease the size of the others if necessary to make the space you need avaliable.

NOTE: slot0-slot1 and slot0ns-slot1ns MUST BE THE SAME SIZE. The secure and non-secure can be different sizes but the slots for each region must be equal as the slot numbered 0 is the secure/nonsecure application data and the slot numbered 1 is the secure/nonsecure update image storage for firmware updates and must be equal to slot 0

Scratch is the partition for copying data between slot 0s and slot1s

See https://docs.zephyrproject.org/1.12.0/devices/dts/flash_partitions.html for the Zephyr information on partitions.

EDIT: actually, looking at your post again, I think it's the secure size thats too small. Error was on SPM building which, unless I'm mistaken, goes in the secure partition.

I tried it, I have the same error.

Which one did you change? If you changed the size of the correct partition, the error would also change to overflow from a different value. Looking at the SRAM partition, slot0 is allocated 64KB of SRAM which is what your error shows as well so it should be slot0 that needs changed (i.e. the secure partition needs increased).

Did you remember to update the spm application as well? Any changes to the device tree requires you to rebuild the spm sample project for the changes to take effect, otherwise it will look like nothing changed.

Hi, thanks for your reply.

I attached my files. Could you check them?

nrf9160_pca10090_security_decreased.zip

nrf9160_pca10090_security_increased.zip

__nrf9160_pca10090_def_files.zip

Hi, thanks for your reply.

I attached my files. Could you check them?

nrf9160_pca10090_security_decreased.zip

nrf9160_pca10090_security_increased.zip

__nrf9160_pca10090_def_files.zip

Hi,

I'll go through what I see in each:

In def_files.zip

There are mismatching partition sizes for slots 0 and 1 in both secure and non-secure. Remember, Zephyr state that they should be equal.

MCUBoot starts at 0x0 and extends for 0x20000 addresses but slot0 starts at address 0x10000, conflict of partitions here.

In security_increased.zip

Partitions look alright, you have very small non-secure partitions, that could cause another overflow issue.

In security_decreased.zip

Partitions look alright.

I edited my partitions a while back to allow me to have a much larger access to NVS flash memory (my application needs lots of memory and back-up memory) and I know this works fine on my kit as I can happily flash more data to NVS than was ever possible before.

I have linked them below. Remember to rebuild your SPM application in nrf9160/samples. Then rebuild your application. (it's better to delete the whole build library and build them both from scratch)

1205.Archive.zip

Hi,

Thanks for your reply.

In my previous post def **.zip it files which have default settings, they are confused me with boot section. I thought they are correct.

I replaced my files.  I deleted build directories in spm and security_service folders.

And what is strange I have same errors.

Here full secure_services demo compile log.

Building ‘spm/zephyr/include/generated/driver-validation.h’ from solution ‘build’ in configuration ‘Common’
1> Combining ‘spm/zephyr/include/generated/driver-validation.h’
Building ‘spm/zephyr/CMakeFiles/spm_driver_validation_h_target’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/spm_driver_validation_h_target’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/include/generated/kobj-types-enum.h’ from solution ‘build’ in configuration ‘Common’
1> Combining ‘spm/zephyr/include/generated/kobj-types-enum.h’
Building ‘spm/zephyr/include/generated/otype-to-str.h’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/CMakeFiles/spm_kobj_types_h_target’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/spm_kobj_types_h_target’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/misc/generated/syscalls.json’ from solution ‘build’ in configuration ‘Common’
1> Combining ‘spm/zephyr/misc/generated/syscalls.json’
Building ‘spm/zephyr/include/generated/syscall_list.h’ from solution ‘build’ in configuration ‘Common’
1> Combining ‘spm/zephyr/include/generated/syscall_list.h’
Building ‘spm/zephyr/CMakeFiles/spm_syscall_list_h_target’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/include/generated/syscall_dispatch.c’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/spm_syscall_list_h_target’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/include/generated/syscall_macros.h’ from solution ‘build’ in configuration ‘Common’
1> Combining ‘spm/zephyr/include/generated/syscall_macros.h’
Building ‘spm/zephyr/CMakeFiles/spm_syscall_macros_h_target’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/spm_syscall_macros_h_target’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_offsets’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/spm_offsets’ from solution ‘build’ in configuration ‘Common’
1> Compiling ‘offsets.c’
Building ‘spm/zephyr/include/generated/offsets.h’ from solution ‘build’ in configuration ‘Common’
1> Combining ‘spm/zephyr/include/generated/offsets.h’
Building ‘spm/zephyr/CMakeFiles/spm_offsets_h’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/spm_offsets_h’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_app’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_arch__arm__core’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_arch__arm__core__cortex_m’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_arch__arm__core__cortex_m__mpu’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_drivers__serial’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_kernel’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_lib__libc__minimal’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_mbedcrypto_vanilla’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_mbeddrbg’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_zephyr’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/linker.cmd’ from solution ‘build’ in configuration ‘Common’
1> Combining ‘spm/zephyr/linker.cmd’
Building ‘spm/zephyr/CMakeFiles/spm_linker_script_target’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/zephyr/spm_linker_script_target’ from solution ‘build’ in configuration ‘Common’
Building ‘cmake_object_order_depends_target_spm_zephyr_prebuilt’ from solution ‘build’ in configuration ‘Common’
Building ‘spm/spm_app/libspm_app.a’ from solution ‘build’ in configuration ‘Common’
2> Compiling ‘main.c’
Building ‘spm/zephyr/libspm_zephyr.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_app.a’
2> Compiling ‘isr_tables.c’
1> Compiling ‘sw_isr_common.c’
2> Compiling ‘arm_core_cmse.c’
1> Compiling ‘arm_core_tz.c’
2> Compiling ‘crc32_sw.c’
1> Compiling ‘crc16_sw.c’
2> Compiling ‘crc8_sw.c’
1> Compiling ‘crc7_sw.c’
2> Compiling ‘fdtable.c’
1> Compiling ‘mempool.c’
2> Compiling ‘rb.c’
1> Compiling ‘thread_entry.c’
2> Compiling ‘work_q.c’
1> Compiling ‘printk.c’
2> Compiling ‘configs.c’
1> Compiling ‘soc.c’
2> Compiling ‘mpu_regions.c’
1> Compiling ‘system_nrf9160.c’
2> Compiling ‘nrfx_glue.c’
1> Compiling ‘power.c’
2> Compiling ‘reboot.c’
2> Compiling ‘policy_residency.c’
1> Compiling ‘uart_console.c’
2> Compiling ‘nrf_power_clock.c’
1> Compiling ‘sys_clock_init.c’
1> Compiling ‘nrf_rtc_timer.c’
2> Compiling ‘spm.c’
1> Compiling ‘secure_services.c’
1> C:/ncs/nrf/subsys/spm/secure_services.c:148:13: warning: unused variable 'ret' [-Wunused-variable]
1> C:/ncs/nrf/subsys/spm/secure_services.c:146:6: warning: unused variable 'i' [-Wunused-variable]
1> C:/ncs/nrf/subsys/spm/secure_services.c:143:23: warning: unused variable 'rsa' [-Wunused-variable]
1> C:/ncs/nrf/subsys/spm/secure_services.c:142:21: warning: unused variable 'pk' [-Wunused-variable]
1> C:/ncs/nrf/subsys/spm/secure_services.c:298:9: warning: implicit declaration of function 'memcpy' [-Wimplicit-function-declaration]
1> C:/ncs/nrf/subsys/spm/secure_services.c:303:1: warning: no return statement in function returning non-void [-Wreturn-type]
1> C:/ncs/nrf/subsys/spm/secure_services.c:181:1: warning: control reaches end of non-void function [-Wreturn-type]
Building ‘spm/zephyr/arch/arm/core/libspm_arch__arm__core.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_zephyr.a’
2> Assembling ‘exc_exit.S’
1> Assembling ‘swap_helper.S’
2> Assembling ‘cpu_idle.S’
1> Assembling ‘fault_s.S’
2> Assembling ‘isr_wrapper.S’
1> Compiling ‘irq_init.c’
2> Compiling ‘swap.c’
1> Compiling ‘irq_manage.c’
2> Compiling ‘fault.c’
1> Compiling ‘thread.c’
2> Compiling ‘fatal.c’
1> Compiling ‘sys_fatal_error_handler.c’
2> Compiling ‘thread_abort.c’
Building ‘spm/zephyr/arch/arm/core/cortex_m/libspm_arch__arm__core__cortex_m.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_arch__arm__core.a’
2> Assembling ‘vector_table.S’
1> Assembling ‘reset.S’
2> Assembling ‘nmi_on_reset.S’
1> Compiling ‘prep_c.c’
2> Compiling ‘scb.c’
1> Compiling ‘nmi.c’
2> Compiling ‘exc_manage.c’
Building ‘spm/zephyr/arch/arm/core/cortex_m/mpu/libspm_arch__arm__core__cortex_m__mpu.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_arch__arm__core__cortex_m.a’
2> Compiling ‘arm_core_mpu.c’
1> Compiling ‘arm_mpu.c’
Building ‘spm/zephyr/lib/libc/minimal/libspm_lib__libc__minimal.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_arch__arm__core__cortex_m__mpu.a’
2> Compiling ‘atoi.c’
1> Compiling ‘strtol.c’
1> Compiling ‘malloc.c’
2> Compiling ‘strtoul.c’
1> Compiling ‘bsearch.c’
2> Compiling ‘exit.c’
1> Compiling ‘strncasecmp.c’
2> Compiling ‘strstr.c’
1> Compiling ‘string.c’
2> Compiling ‘prf.c’
1> Compiling ‘stdout_console.c’
1> Compiling ‘sprintf.c’
2> Compiling ‘fprintf.c’
Building ‘spm/zephyr/drivers/serial/libspm_drivers__serial.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_lib__libc__minimal.a’
2> Compiling ‘uart_nrfx_uarte.c’
Building ‘spm/zephyr/modules/nrfxlib/nrf_security/src/mbedtls/libspm_mbeddrbg.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_drivers__serial.a’
2> Compiling ‘ctr_drbg.c’
1> Compiling ‘entropy.c’
Building ‘spm/zephyr/modules/nrfxlib/nrf_security/src/mbedtls/libspm_mbedcrypto_vanilla.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_mbeddrbg.a’
2> Compiling ‘aes.c’
1> Compiling ‘aesni.c’
2> Compiling ‘arc4.c’
1> Compiling ‘aria.c’
1> Compiling ‘asn1parse.c’
2> Compiling ‘asn1write.c’
1> Compiling ‘base64.c’
2> Compiling ‘bignum.c’
1> Compiling ‘blowfish.c’
1> Compiling ‘camellia.c’
2> Compiling ‘ccm.c’
1> Compiling ‘chacha20.c’
2> Compiling ‘chachapoly.c’
1> Compiling ‘cipher.c’
2> Compiling ‘cmac.c’
1> Compiling ‘des.c’
1> Compiling ‘dhm.c’
2> Compiling ‘ecdh.c’
1> Compiling ‘ecdsa.c’
2> Compiling ‘ecjpake.c’
1> Compiling ‘ecp.c’
2> Compiling ‘ecp_curves.c’
1> Compiling ‘entropy_poll.c’
2> Compiling ‘error.c’
1> Compiling ‘gcm.c’
2> Compiling ‘havege.c’
1> Compiling ‘hkdf.c’
2> Compiling ‘hmac_drbg.c’
1> Compiling ‘md2.c’
2> Compiling ‘md.c’
1> Compiling ‘md4.c’
2> Compiling ‘md5.c’
1> Compiling ‘md_wrap.c’
2> Compiling ‘memory_buffer_alloc.c’
1> Compiling ‘nist_kw.c’
2> Compiling ‘oid.c’
1> Compiling ‘padlock.c’
2> Compiling ‘pk.c’
1> Compiling ‘pk_wrap.c’
2> Compiling ‘pkcs12.c’
1> Compiling ‘pkcs5.c’
1> Compiling ‘pkwrite.c’
2> Compiling ‘pkparse.c’
1> Compiling ‘platform.c’
2> Compiling ‘platform_util.c’
1> Compiling ‘poly1305.c’
2> Compiling ‘ripemd160.c’
1> Compiling ‘rsa.c’
1> Compiling ‘sha1.c’
2> Compiling ‘rsa_internal.c’
1> Compiling ‘sha256.c’
2> Compiling ‘sha512.c’
1> Compiling ‘threading.c’
2> Compiling ‘timing.c’
1> Compiling ‘version.c’
2> Compiling ‘version_features.c’
1> Compiling ‘xtea.c’
2> Compiling ‘cipher_wrap.c’
2> Compiling ‘pem.c’
Building ‘spm/zephyr/kernel/libspm_kernel.a’ from solution ‘build’ in configuration ‘Common’
1> Archiving ‘libspm_mbedcrypto_vanilla.a’
2> Compiling ‘device.c’
1> Compiling ‘errno.c’
2> Compiling ‘idle.c’
1> Compiling ‘init.c’
2> Compiling ‘mailbox.c’
1> Compiling ‘mem_slab.c’
2> Compiling ‘mempool.c’
1> Compiling ‘msg_q.c’
2> Compiling ‘mutex.c’
1> Compiling ‘pipes.c’
1> Compiling ‘sched.c’
2> Compiling ‘queue.c’
2> Compiling ‘sem.c’
2> Compiling ‘stack.c’
1> Compiling ‘system_work_q.c’
1> Compiling ‘thread.c’
2> Compiling ‘thread_abort.c’
1> Compiling ‘version.c’
2> Compiling ‘work_q.c’
1> Compiling ‘smp.c’
1> Compiling ‘timeout.c’
2> Compiling ‘timer.c’
1> Archiving ‘libspm_kernel.a’
Building ‘spm/zephyr/spm_zephyr_prebuilt.elf’ from solution ‘build’ in configuration ‘Common’
1> Compiling ‘empty_file.c’
1> Linking ‘spm_zephyr_prebuilt.elf’
1> Memory region         Used Size  Region Size  %age Used
1>            FLASH:         64 KB        48 KB    133.33%
1>             SRAM:        4912 B        64 KB      7.50%
1>         IDT_LIST:          40 B         2 KB      1.95%
1> c:/gnuarmemb/bin/../lib/gcc/arm-none-eabi/7.3.1/../../../../arm-none-eabi/bin/ld.exe: spm\zephyr\spm_zephyr_prebuilt.elf section `.gnu.sgstubs' will not fit in region `FLASH'
1> c:/gnuarmemb/bin/../lib/gcc/arm-none-eabi/7.3.1/../../../../arm-none-eabi/bin/ld.exe: SPM and app are sharing an SPU region. Cannot partition flash correctly into secure and non-secure. Adjust partitions sizes so they are placed in separate regions.
1> c:/gnuarmemb/bin/../lib/gcc/arm-none-eabi/7.3.1/../../../../arm-none-eabi/bin/ld.exe: region `FLASH' overflowed by 16384 bytes
1> collect2.exe: error: ld returned 1 exit status
Build failed

1> Linking ‘spm_zephyr_prebuilt.elf’
1> Memory region         Used Size  Region Size  %age Used
1>            FLASH:         64 KB        48 KB    133.33%
1>             SRAM:        4912 B        64 KB      7.50%
1>         IDT_LIST:          40 B         2 KB      1.95%
1> c:/gnuarmemb/bin/../lib/gcc/arm-none-eabi/7.3.1/../../../../arm-none-eabi/bin/ld.exe: spm\zephyr\spm_zephyr_prebuilt.elf section `.gnu.sgstubs' will not fit in region `FLASH'
1> c:/gnuarmemb/bin/../lib/gcc/arm-none-eabi/7.3.1/../../../../arm-none-eabi/bin/ld.exe: SPM and app are sharing an SPU region. Cannot partition flash correctly into secure and non-secure. Adjust partitions sizes so they are placed in separate regions.
1> c:/gnuarmemb/bin/../lib/gcc/arm-none-eabi/7.3.1/../../../../arm-none-eabi/bin/ld.exe: region `FLASH' overflowed by 16384 bytes
1> collect2.exe: error: ld returned 1 exit status
Build failed

I tried it several times and also restarted my pc and etc.. Same error.

Maybe I can change or check something else?

I want to do still some tests.

----------------------------------------------------------------------------------------------------------------

EDIT:

Also I found in spm menu config (placed at C:\ncs\nrf\susbsys\spm\Kconfig   this:

# Define used by partition_manager.py to deduce size of partition
config PM_PARTITION_SIZE_MCUBOOT
    hex "Flash space reserved for bootloader."
    default 0xc000
    help
      Flash space set aside for the MCUBoot. Note, the name
      of this configuration needs to match the requirements set by the
      script 'partition_manager.py'. See pm.yaml.

What this mean? This space 0xc000 = 48kB

I think so compiler try place rsa functions with bootloader in one section. Does it make sense?

I changed 0xc000 to 0x12000 and now all compiled ok.

But in the debugger I can't go inside funcion __TZ_NONSECURE_ENTRY_FUNC rsa_test().

Is this how it should be?

Ah ok, I was looking for something like that tbh myself. I knew that whatever was causing this to be reduced was something 13 flash sectors in size, which was what you found. If you compile the SPM application, the flash area is like 128KB but in every other sample it gets reduced to 48KB. I guess you found where the flash sector for SPM was getting throttled down.

Thanks for your help.

Very many things have become clear.

Now I need run and check how works CC310 crypto module.

I wanted start it from RSA key generation. I have a question can I use debugger in secure memory? And why I had bus fault when I try use printk from spm_request_random_number()?

BUS FAULT:

Exception occurred in Secure State
***** BUS FAULT *****
  Precise data bus error
  BFAR Address: 0x50008120
***** Hardware exception *****
Current thread ID = 0x200200b0
Faulting instruction address = 0xffffffff
Fatal fault in essential thread! Spinning...