• State Not Answered
  • Replies 28 replies
  • Subscribers 63 subscribers
  • Views 2995 views
  • Users 0 members are here
Attachments (2) Download All
Nordic Case Info
  • Case ID: 295765
Options

Board reboots when a function is executed in TF-M

Pablosanserr

Hi,

I'm moving a project from SPM to TF-M. I have imported a static library and the board (nRF5340DK) restarts automatically every time the following mycli/main.c function is executed: signature.

signature(pk, msg, buffer);

More specifically, the problem occurs when executing blst_sign_pk_in_g1 function, which is located in lib/bls_hsm.h.

blst_sign_pk_in_g1(&sig, &hash, secret_keys_store + pk_index*sizeof(blst_scalar));

Other functions from the static library are executed correctly, so I guess the problem is not in the import of the library, but must be related to memory. In case it is of any interest, a few weeks ago I had problems importing such a static library into TF-M. The problem was solved as indicated in the following forum ticket: Problem importing a library into TF-M: Not enough space to import i.

I attach a link to the github project repo, so that the error can be easily reproduced: bls-hsm-2. To reproduce the error, build and execute application mycli. You will see that the board reboots.

Thank you in advice,

Pablo

Useful information about the project:
- I'm using the nRF5340DK development kit.
- nRF SDK v2.0.0
- The project is based on the example: TF-M Secure Partition Sample. When doing the build for this example, the available and used space shown is as follows:

  • 0 in reply to dejans

    Hi,

    I have a couple of updates about the project. 

    First of all, I have fixed some warnings that appear when doing the build. As I expected, this didn't solve the problem, but it's good to get rid of them.

    Secondly, I have added to the repository a branch called "non_secure", in which I have imported the static library and run the functions in the non-secure partition. The function that gives me problems in tf-m works correctly in non secure partition. To make it work, I have added the following configuration to prj.conf, to allocate spare memory to the main stack:

    CONFIG_MAIN_STACK_SIZE=104080

    Although I am not using the tf-m functions in this branch, I have not removed it from the configuration.

    When building, the following memory usage data is displayed:

    In case it is useful, this is the log obtained when executing the command:

    west build -t partition_manager_report

    Regards,

    Pablo

  • 0 in reply to Pablosanserr

    Hi,

    For which board did you build your sample?

    Did your build configuration include "Enable debug options"?

    Best regards,
    Dejan

  • 0 in reply to dejans

    Hi,

    I build for nrf5340dk_nrf5340_cpuapp_ns. My build configuration doesn't include 'Enable debug options'. Should I enable that?

    Regards,

    Pablo

  • 0 in reply to Pablosanserr

    Hi,

    I have tested your sample from non_secure branch and it was successful. I also tested your sample from the main branch and it still gives many warnings during the build process. Could you please remove the warnings from main branch?

    TF-M uses 2 UART interfaces for logging, one for secure part (TF-M and MCUboot) and one for the application. Documentation provides more information about logging. With regard to secure logging, you can refer to the TF-M logging section.
    Could you send both application and TF-M output logs with and without "Enable debug options"?

    Best regards,
    Dejan

  • 0 in reply to dejans

    Hi,

    I have removed the warnings that appeared when making the build. The problem has not been solved.

    I have made a build with and without the "Enable debug option" and another one with it enabled. In order to enable the "Enable debug options" option, I had to increase the TF-M size. It is 0x50000 without enabling the option and 0x60000 by enabling the option. This can be checked in the prj.conf file.

    Again, I show what you get when you run the following command

    west build -t partition_manager_report

    Build without debug options enabled:

    Build with debug options enabled:

    It is not clear to me which logs you need, so I would be grateful if you could specify which ones you need if they are not the ones I have given you.

    Regards,
    Pablo

Related