• State Not Answered
  • Replies 17 replies
  • Subscribers 63 subscribers
  • Views 3138 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 275684
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Unaligned memory access Fault using mbedTLS on nrf5340 cpuapp

persimmon

I took the RSA example in /nrf/samples/crypto/rsa and added a function foo() to it. I am using nrf5340DK with nrfConnect v1.6.1 and build for cpuapp. 

my function foo() uses mbedtls functions heavily and makes a call to mbedtls_entropy_init(entropy

 I get the following exception when the mbedtls_entropy_init(entropy)  function is called from foo().

os: ***** USAGE FAULT ***** 
os:   Unaligned memory access 
r0/a1:  0x00000000  r1/a2:  0x00000000  r2/a3:  0x200331d4 
r3/a4:  0x00022845 r12/ip:  0x00000000 r14/lr:  0x00004621 
os:  xpsr:  0x69000000 
os: Faulting instruction address (r15/pc): 0x00023be8 
os: >>> ZEPHYR FATAL ERROR 0: CPU exception on CPU 0 
os: Current thread: 0x200003c8 (unknown) 
fatal_error: Resetting system 

here is the stack call.
mbedtls_entropy_init( &drbg->entropy );
mbedtls_mutex_init( &ctx->mutex ); 
mutex_init_platform(){   
...   
     p_mutex = (struct k_mutex *)mutex->mutex;  //p_mutex is NOT aligned 0x00022875
     k_mutex_init(p_mutex);
...
}
k_mutex_init(p_mutex) --> z_impl_k_mutex_init()
mutex->owner = NULL; <<----- exception happens here.
The rsa program itself makes a call to mutex_init_platform() as well. I checked all the values of p_mutex and all of them are aligned by 8 bytes. However my mbedtls calls leads to unaligned p_mutex values.

I appreciate if you could help me resolve this issue.




Parents
  • 0

    Attached, please find the code that generates fault. 
    Please also note that secp256K1 does NOT run in cpuappNS, and that is a problem as well.

     fault-generation.zip

  • 0 in reply to persimmon

    Hi,

    I am a bit confused. Why are you using mbedTLS here and how do you intend it to work? Taking the last question first, this will not work with non-secure (ns) without using the PSA APIs and TF-M. That is because the CryptoCell peripheral used for HW acceleration only works in secure mode. 

    You can use this example (without your modifications) in non-secure as well, using TF-M. That way, the TF-M implementation provide the PSA API to the non-secure code.

    Note that PSA just like mbedTLS is maintained by ARM, and you can think of PSA as a standardized crypto API that sits on top on several implementations.

    So in short I think you need to revise your approach, as it cannot work the way you intend. Probably what you want to do is skip all teh mbed TLS API calls and replace them with PSA calls, which can then also be used in non-secure.

Reply
  • 0 in reply to persimmon

    Hi,

    I am a bit confused. Why are you using mbedTLS here and how do you intend it to work? Taking the last question first, this will not work with non-secure (ns) without using the PSA APIs and TF-M. That is because the CryptoCell peripheral used for HW acceleration only works in secure mode. 

    You can use this example (without your modifications) in non-secure as well, using TF-M. That way, the TF-M implementation provide the PSA API to the non-secure code.

    Note that PSA just like mbedTLS is maintained by ARM, and you can think of PSA as a standardized crypto API that sits on top on several implementations.

    So in short I think you need to revise your approach, as it cannot work the way you intend. Probably what you want to do is skip all teh mbed TLS API calls and replace them with PSA calls, which can then also be used in non-secure.

Children
No Data
Related