Unaligned memory access Fault using mbedTLS on nrf5340 cpuapp

I took the RSA example in /nrf/samples/crypto/rsa and added a function foo() to it. I am using nrf5340DK with nrfConnect v1.6.1 and build for cpuapp. 

my function foo() uses mbedtls functions heavily and makes a call to mbedtls_entropy_init(entropy

 I get the following exception when the mbedtls_entropy_init(entropy)  function is called from foo().

os: ***** USAGE FAULT ***** 
os:   Unaligned memory access 
r0/a1:  0x00000000  r1/a2:  0x00000000  r2/a3:  0x200331d4 
r3/a4:  0x00022845 r12/ip:  0x00000000 r14/lr:  0x00004621 
os:  xpsr:  0x69000000 
os: Faulting instruction address (r15/pc): 0x00023be8 
os: >>> ZEPHYR FATAL ERROR 0: CPU exception on CPU 0 
os: Current thread: 0x200003c8 (unknown) 
fatal_error: Resetting system 

here is the stack call.
mbedtls_entropy_init( &drbg->entropy );
mbedtls_mutex_init( &ctx->mutex );

     p_mutex = (struct k_mutex *)mutex->mutex;  //p_mutex is NOT aligned 0x00022875
k_mutex_init(p_mutex) --> z_impl_k_mutex_init()
mutex->owner = NULL; <<----- exception happens here.
The rsa program itself makes a call to mutex_init_platform() as well. I checked all the values of p_mutex and all of them are aligned by 8 bytes. However my mbedtls calls leads to unaligned p_mutex values.

I appreciate if you could help me resolve this issue.

  • Hi,

    Can you attach your modified RSA sample so that I can attempt to reproduce on my side?

  • Hi There,

    Can I email them to you?

  • Hi,

    It is better to keep all communication to DevZone. If you want to keep your code private but still have this public case for others to refer to, then you can open a private case to share your code. We can then update this public case with any findings that are not specific to your code in the end.

  • Attached, please find the code that generates fault. 
    Please also note that secp256K1 does NOT run in cpuappNS, and that is a problem as well.


  • Hi,

    I am a bit confused. Why are you using mbedTLS here and how do you intend it to work? Taking the last question first, this will not work with non-secure (ns) without using the PSA APIs and TF-M. That is because the CryptoCell peripheral used for HW acceleration only works in secure mode. 

    You can use this example (without your modifications) in non-secure as well, using TF-M. That way, the TF-M implementation provide the PSA API to the non-secure code.

    Note that PSA just like mbedTLS is maintained by ARM, and you can think of PSA as a standardized crypto API that sits on top on several implementations.

    So in short I think you need to revise your approach, as it cannot work the way you intend. Probably what you want to do is skip all teh mbed TLS API calls and replace them with PSA calls, which can then also be used in non-secure.