• State Verified Answer
  • Replies 13 replies
  • Subscribers 75 subscribers
  • Views 3450 views
  • Users 0 members are here
Attachments (5) Download All
Nordic Case Info
  • Case ID: 292108
Options

debugging a non-secure app (with tfm)

randomdude

Hi,

I was wondering what I need to do, or if it is even possible, to debug a non-secure app which uses TFM.

Running 'west debug' on e.g. the blinky sample works regardless if I built it with secure or non-secure board type on an nrf9160dk. However, on an app that uses modem/crypto/tfm functionality, like the psa_crypto sample from the zephyr repository, that will result in a debugging session that is unable to get to the main function of the app.

This feels like I'm missing something really obvious, but I can't tell what it is. Anyone here willing to push me in the right direction?

Cheers!

Parents
  • 0

    Hi,

    Can you show how do you run "west debug" command?
    Can you show the differences when running "west debug" with blinky and psa_crypto?

    Best regards,
    Dejan

  • 0 in reply to dejans

    I have attached gdb session logs for the following scenarios:

    • blinky built with zephyr 3.1.0 w/o ns --> works
    • blinky built with zephyr 3.1.0 with ns --> hangs on the first "continue"
    • blinky built with zephyr 2.7.99 with ns --> works
    • psa_crypto sample built with zephyr 3.1.0 (ns mandatory) --> jumps to unknown memory

    The main difference (apart from the memory locations) I spotted was that the psa_crypto sample and the 3.1.0-ns-blinky use tfm, while the 2.7.99-ns-blinky uses spm, and the blinky built without the '_ns' uses neither.

    So the plot thickens. All this points to my earlier suspicion that it might not be possible at all to debug a tfm application beyond the bootloader.

    Fullscreen debug_blinky_3.1.0.txt Download 
    $ west flash
-- west flash: rebuilding
ninja: no work to do.
-- west flash: using runner nrfjprog
Using board 960027662
-- runners.nrfjprog: Flashing file: /path/to/zephyrproject/zephyr/samples/basic/blinky/build/zephyr/zephyr.hex
Parsing image file.
Verifying programming.
Verified OK.
Applying pin reset.
-- runners.nrfjprog: Board with serial number 960027662 flashed successfully.
$ west debug
-- west debug: rebuilding
ninja: no work to do.
-- west debug: using runner jlink
-- runners.jlink: JLink version: 7.58b
-- runners.jlink: J-Link GDB server running on port 2331; no thread info available
SEGGER J-Link GDB Server V7.58b Command Line Version

JLinkARM.dll V7.58b (DLL compiled Nov 16 2021 15:04:27)

-----GDB Server start settings-----
GDBInit file:                  none
GDB Server Listening port:     2331
SWO raw output listening port: 2332
Terminal I/O port:             2333
Accept remote connection:      yes
Generate logfile:              off
Verify download:               off
Init regs on start:            off
Silent mode:                   on
Single run mode:               on
Target connection timeout:     0 ms
------J-Link related settings------
J-Link Host interface:         USB
J-Link script:                 none
J-Link settings file:          none
------Target related settings------
Target device:                 nRF9160_xxAA
Target interface:              SWD
Target interface speed:        4000kHz
Target endian:                 little

GNU gdb (Zephyr SDK 0.14.2) 9.2
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "--host=x86_64-build_pc-linux-gnu --target=arm-zephyr-eabi".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://github.com/zephyrproject-rtos/sdk-ng/issues>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /path/to/zephyrproject/zephyr/samples/basic/blinky/build/zephyr/zephyr.elf...
Remote debugging using :2331
arch_cpu_idle () at /path/to/zephyrproject/zephyr/arch/arm/core/aarch32/cpu_idle.S:105
105             cpsie   i
Resetting target
Loading section rom_start, size 0x144 lma 0x0
Loading section text, size 0x44e8 lma 0x144
Loading section .ARM.exidx, size 0x8 lma 0x462c
Loading section initlevel, size 0x30 lma 0x4634
Loading section devices, size 0x48 lma 0x4664
Loading section sw_isr_table, size 0x208 lma 0x46ac
Loading section device_handles, size 0x12 lma 0x48b4
Loading section rodata, size 0x180 lma 0x48d0
Loading section datas, size 0x94 lma 0x4a50
Loading section device_states, size 0xc lma 0x4ae4
Start address 0x000014e4, load size 19174
Transfer rate: 3120 KB/sec, 1743 bytes/write.
(gdb) b main
Breakpoint 1 at 0x41c: file /path/to/zephyrproject/zephyr/samples/basic/blinky/build/zephyr/include/generated/syscalls/device.h, line 55.
(gdb) c
Continuing.

Breakpoint 1, main () at /path/to/zephyrproject/zephyr/samples/basic/blinky/build/zephyr/include/generated/syscalls/device.h:55
55              compiler_barrier();
(gdb) s
26              if (!device_is_ready(led.port)) {
(gdb)
device_is_ready (dev=<optimized out>) at /path/to/zephyrproject/zephyr/samples/basic/blinky/src/main.c:26
26              if (!device_is_ready(led.port)) {
(gdb)
z_impl_device_is_ready (dev=<optimized out>) at /path/to/zephyrproject/zephyr/include/zephyr/device.h:831
831             return z_device_is_ready(dev);
(gdb)
z_device_is_ready (dev=dev@entry=0x467c <__device_dts_ord_9>) at /path/to/zephyrproject/zephyr/kernel/device.c:157
157             if (dev == NULL) {
(gdb) c
Continuing.
    Fullscreen debug_blinky_ns_2.7.99-ncs-1.txt Download 
    $ west flash
-- west flash: rebuilding
[0/13] Performing build step for 'spm_subimage'
ninja: no work to do.
-- west flash: using runner nrfjprog
Using board 960027662
-- runners.nrfjprog: Flashing file: /path/to/ncs/zephyr/samples/basic/blinky/build/zephyr/merged.hex
Parsing image file.
Verified OK.
Applying pin reset.
-- runners.nrfjprog: Board with serial number 960027662 flashed successfully.
$ west debug
-- west debug: rebuilding
[0/13] Performing build step for 'spm_subimage'
ninja: no work to do.
-- west debug: using runner jlink
-- runners.jlink: JLink version: 7.58b
-- runners.jlink: J-Link GDB server running on port 2331; no thread info available
SEGGER J-Link GDB Server V7.58b Command Line Version

JLinkARM.dll V7.58b (DLL compiled Nov 16 2021 15:04:27)

-----GDB Server start settings-----
GDBInit file:                  none
GDB Server Listening port:     2331
SWO raw output listening port: 2332
Terminal I/O port:             2333
Accept remote connection:      yes
Generate logfile:              off
Verify download:               off
Init regs on start:            off
Silent mode:                   on
Single run mode:               on
Target connection timeout:     0 ms
------J-Link related settings------
J-Link Host interface:         USB
J-Link script:                 none
J-Link settings file:          none
------Target related settings------
Target device:                 nRF9160_xxAA
Target interface:              SWD
Target interface speed:        4000kHz
Target endian:                 little

GNU gdb (Zephyr SDK 0.14.2) 9.2
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "--host=x86_64-build_pc-linux-gnu --target=arm-zephyr-eabi".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://github.com/zephyrproject-rtos/sdk-ng/issues>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /path/to/ncs/zephyr/samples/basic/blinky/build/zephyr/zephyr.elf...
Remote debugging using :2331
arch_cpu_idle () at /path/to/ncs/zephyr/arch/arm/core/aarch32/cpu_idle.S:107
107             cpsie   i
Resetting target
Loading section rom_start, size 0x23c lma 0x10000
Loading section text, size 0x66dc lma 0x1023c
Loading section .ARM.exidx, size 0x8 lma 0x16918
Loading section initlevel, size 0x50 lma 0x16920
Loading section devices, size 0x60 lma 0x16970
Loading section sw_isr_table, size 0x208 lma 0x169d0
Loading section device_handles, size 0x18 lma 0x16bd8
Loading section rodata, size 0x2b0 lma 0x16bf0
Loading section datas, size 0x88 lma 0x16eb8
Loading section device_states, size 0x10 lma 0x16f40
Loading section k_heap_area, size 0x14 lma 0x16f50
Start address 0x000115b0, load size 28492
Transfer rate: 13912 KB/sec, 2374 bytes/write.
(gdb) b main
Breakpoint 1 at 0x10514: file /path/to/ncs/zephyr/samples/basic/blinky/build/zephyr/include/generated/syscalls/device.h, line 43.
(gdb) c
Continuing.

Breakpoint 1, main () at /path/to/ncs/zephyr/samples/basic/blinky/build/zephyr/include/generated/syscalls/device.h:43
43              compiler_barrier();
(gdb) n
36              dev = device_get_binding(LED0);
(gdb)
37              if (dev == NULL) {
(gdb)
41              ret = gpio_pin_configure(dev, PIN, GPIO_OUTPUT_ACTIVE | FLAGS);
(gdb) c
Continuing.

    Fullscreen debug_blinky_ns_3.1.0.txt Download 
    $ west flash
-- west flash: rebuilding
[0/12] Performing build step for 'tfm'
ninja: no work to do.
-- west flash: using runner nrfjprog
Using board 960027662
-- runners.nrfjprog: Flashing file: /path/to/zephyrproject/zephyr/samples/basic/blinky/build/tfm_merged.hex
Parsing image file.
Verifying programming.
Verified OK.
Applying pin reset.
-- runners.nrfjprog: Board with serial number 960027662 flashed successfully.
$ west debug
-- west debug: rebuilding
[0/12] Performing build step for 'tfm'
ninja: no work to do.
-- west debug: using runner jlink
-- runners.jlink: JLink version: 7.58b
-- runners.jlink: J-Link GDB server running on port 2331; no thread info available
SEGGER J-Link GDB Server V7.58b Command Line Version

JLinkARM.dll V7.58b (DLL compiled Nov 16 2021 15:04:27)

-----GDB Server start settings-----
GDBInit file:                  none
GDB Server Listening port:     2331
SWO raw output listening port: 2332
Terminal I/O port:             2333
Accept remote connection:      yes
Generate logfile:              off
Verify download:               off
Init regs on start:            off
Silent mode:                   on
Single run mode:               on
Target connection timeout:     0 ms
------J-Link related settings------
J-Link Host interface:         USB
J-Link script:                 none
J-Link settings file:          none
------Target related settings------
Target device:                 nRF9160_xxAA
Target interface:              SWD
Target interface speed:        4000kHz
Target endian:                 little

GNU gdb (Zephyr SDK 0.14.2) 9.2
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "--host=x86_64-build_pc-linux-gnu --target=arm-zephyr-eabi".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://github.com/zephyrproject-rtos/sdk-ng/issues>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /path/to/zephyrproject/zephyr/samples/basic/blinky/build/zephyr/zephyr.elf...
Remote debugging using :2331
arch_cpu_idle () at /path/to/zephyrproject/zephyr/arch/arm/core/aarch32/cpu_idle.S:105
105             cpsie   i
Resetting target
Loading section rom_start, size 0x544 lma 0x50000
Loading section text, size 0x43f8 lma 0x50544
Loading section .ARM.exidx, size 0x8 lma 0x5493c
Loading section initlevel, size 0x38 lma 0x54944
Loading section devices, size 0x48 lma 0x5497c
Loading section sw_isr_table, size 0x208 lma 0x549c4
Loading section device_handles, size 0x12 lma 0x54bcc
Loading section rodata, size 0x180 lma 0x54be0
Loading section datas, size 0x94 lma 0x54d60
Loading section device_states, size 0xc lma 0x54df4
Start address 0x000518cc, load size 19966
Transfer rate: 9749 KB/sec, 1815 bytes/write.
(gdb) b main
Breakpoint 1 at 0x5081c: file /path/to/zephyrproject/zephyr/samples/basic/blinky/build/zephyr/include/generated/syscalls/device.h, line 55.
(gdb) c
Continuing.

    Fullscreen debug_psa_sample_3.1.0.txt Download 
    $ west flash
-- west flash: rebuilding
[0/12] Performing build step for 'tfm'
ninja: no work to do.
-- west flash: using runner nrfjprog
Using board 960027662
-- runners.nrfjprog: Flashing file: /path/to/zephyrproject/applications/psa_crypto_sample/build/tfm_merged.hex
Parsing image file.
Verifying programming.
Verified OK.
Applying pin reset.
-- runners.nrfjprog: Board with serial number 960027662 flashed successfully.
$ west debug
-- west debug: rebuilding
[0/12] Performing build step for 'tfm'
ninja: no work to do.
-- west debug: using runner jlink
-- runners.jlink: JLink version: 7.58b
-- runners.jlink: J-Link GDB server running on port 2331; no thread info available
SEGGER J-Link GDB Server V7.58b Command Line Version

JLinkARM.dll V7.58b (DLL compiled Nov 16 2021 15:04:27)

-----GDB Server start settings-----
GDBInit file:                  none
GDB Server Listening port:     2331
SWO raw output listening port: 2332
Terminal I/O port:             2333
Accept remote connection:      yes
Generate logfile:              off
Verify download:               off
Init regs on start:            off
Silent mode:                   on
Single run mode:               on
Target connection timeout:     0 ms
------J-Link related settings------
J-Link Host interface:         USB
J-Link script:                 none
J-Link settings file:          none
------Target related settings------
Target device:                 nRF9160_xxAA
Target interface:              SWD
Target interface speed:        4000kHz
Target endian:                 little

GNU gdb (Zephyr SDK 0.14.2) 9.2
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "--host=x86_64-build_pc-linux-gnu --target=arm-zephyr-eabi".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://github.com/zephyrproject-rtos/sdk-ng/issues>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /path/to/zephyrproject/applications/psa_crypto_sample/build/zephyr/zephyr.elf...
Remote debugging using :2331
arch_cpu_idle () at /path/to/zephyrproject/zephyr/arch/arm/core/aarch32/cpu_idle.S:105
105             cpsie   i
Resetting target
Loading section rom_start, size 0x544 lma 0x50000
Loading section text, size 0x9d50 lma 0x50548
Loading section .ARM.exidx, size 0x8 lma 0x5a298
Loading section initlevel, size 0x50 lma 0x5a2a0
Loading section devices, size 0x48 lma 0x5a2f0
Loading section sw_isr_table, size 0x208 lma 0x5a338
Loading section device_handles, size 0x12 lma 0x5a540
Loading section log_const_sections, size 0x48 lma 0x5a554
Loading section log_backends_sections, size 0x10 lma 0x5a59c
Loading section rodata, size 0x2208 lma 0x5a5b0
Loading section datas, size 0x1b5 lma 0x5c7b8
Loading section device_states, size 0xc lma 0x5c970
Loading section log_dynamic_sections, size 0x24 lma 0x5c97c
Loading section k_heap_area, size 0x14 lma 0x5c9a0
Loading section k_mutex_area, size 0x14 lma 0x5c9b4
Loading section k_sem_area, size 0x10 lma 0x5c9c8
Start address 0x00053f00, load size 51659
Transfer rate: 10089 KB/sec, 2869 bytes/write.
(gdb) b main
Breakpoint 1 at 0x508f8: file /path/to/zephyrproject/applications/psa_crypto_sample/src/main.c, line 27.
(gdb) c
Continuing.

Program received signal SIGTRAP, Trace/breakpoint trap.
0xeffffffe in ?? ()
(gdb) s
Cannot find bounds of current function
(gdb)

  • 0 in reply to randomdude

    Hi,

    You could now test the crypto sample from the main branch with build command "west build -b nrf9160dk_nrf9160_ns@your_revision_number", where your_revision_number is revision number of the board. Crypto sample requires target reset.

    Best regards,
    Dejan

  • 0 in reply to dejans

    Hi,

    which crypto sample are you referring to, exactly? I have done a fresh install of the main branch of the nrf connect SDK and built the psa_crypto sample in zephyr/samples/tfm_integration, but debugging still fails the same way it did before.

    One thing I didn't realize before is that I was using two different zephyr flavors, vanilla and the one that comes with the nrf connect SDK. Not sure if that makes much of a difference in this case, though.

  • 0 in reply to randomdude

    Hi,

    I am referring to psa_crypto sample. Which Zephyr version did you use when building your sample?

    Best regards,
    Dejan

  • 0 in reply to dejans

    Still not sure about the terminology. As I understand it, there are two parts to Zephyr. The Zephyr-RTOS source files which are shipped with the nrf connect SDK, and the toolchain, which gets installed in /opt or ~, or wherever. I was using the Zephyr SDK that comes with the nrf connect SDK from the main branch and zephyr toolchain 0.14.2.

  • 0 in reply to randomdude

    Hi,

    The toolchain provided by Zephyr is set of tools to help in building and debugging. You should use Zephyr toolchain version 0.14.1 instead of 0.14.2.

    Best regards,
    Dejan

Reply Children
Related
Terms of service