I'm trying to test out using the protected storage API with TF-M on an nrf5340 based design. I'm on NCS 2.1.0 and I am building the samples/bluetooth/peripheral_uart project for the thingy53 board without any modifications, and all the various subimages build without error.
When I try to enable the config options from the samples/crypto/persistent_key_usage shown below, It seems that I am somehow now overflowing the SRAM usage in the mcuboot subimage by 174920 bytes.
thingy53_nrf5340_cpuapp_ns.conf:
CONFIG_BUILD_WITH_TFM=y
CONFIG_TFM_PROFILE_TYPE_NOT_SET=y
prj.conf:
# Enable nordic security backend and PSA APIs
CONFIG_NRF_SECURITY=y
CONFIG_MBEDTLS_PSA_CRYPTO_C=y
# Enable persistent storage APIs
CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C=y
CONFIG_PSA_NATIVE_ITS=y
CONFIG_MBEDTLS_ENABLE_HEAP=y
CONFIG_MBEDTLS_HEAP_SIZE=8192
CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
With these added configuration options, it is failing to link the mcuboot build. If I build the samples/crypto/persistent_key_usage for the nrf5340dk, it also will build fine. It seems to be an issue when using CONFIG_TFM_PROFILE_TYPE_NOT_SET=y along with CONFIG_BOOTLOADER_MCUBOOT=y.
FAILED: zephyr/zephyr_pre0.elf zephyr/zephyr_pre0.map C:/ble/nRF53/nrf/samples/bluetooth/peripheral_uart/build/mcuboot/zephyr/zephyr_pre0.map cmd.exe /C "cd . && C:\zephyr-sdk-0.15.0\arm-zephyr-eabi\bin\arm-zephyr-eabi-gcc.exe zephyr/CMakeFiles/zephyr_pre0.dir/misc/empty_file.c.obj -o zephyr\zephyr_pre0.elf zephyr/CMakeFiles/offsets.dir/./arch/arm/core/offsets/offsets.c.obj -Wl,-T zephyr/linker_zephyr_pre0.cmd -Wl,-Map=C:/ble/nRF53/nrf/samples/bluetooth/peripheral_uart/build/mcuboot/zephyr/zephyr_pre0.map -Wl,--whole-archive app/libapp.a zephyr/libzephyr.a zephyr/arch/common/libarch__common.a zephyr/arch/arch/arm/core/aarch32/libarch__arm__core__aarch32.a zephyr/arch/arch/arm/core/aarch32/cortex_m/libarch__arm__core__aarch32__cortex_m.a zephyr/arch/arch/arm/core/aarch32/cortex_m/cmse/libarch__arm__core__aarch32__cortex_m__cmse.a zephyr/lib/libc/minimal/liblib__libc__minimal.a zephyr/lib/posix/liblib__posix.a zephyr/boards/boards/arm/thingy53_nrf5340_cpuapp/libboards__arm__thingy53_nrf5340.a zephyr/drivers/usb/device/libdrivers__usb__device.a zephyr/drivers/clock_control/libdrivers__clock_control.a zephyr/drivers/gpio/libdrivers__gpio.a zephyr/drivers/hwinfo/libdrivers__hwinfo.a zephyr/drivers/regulator/libdrivers__regulator.a zephyr/drivers/flash/libdrivers__flash.a zephyr/drivers/serial/libdrivers__serial.a zephyr/drivers/timer/libdrivers__timer.a zephyr/drivers/pinctrl/libdrivers__pinctrl.a modules/nrf/lib/fprotect/lib..__nrf__lib__fprotect.a modules/nrf/subsys/pcd/lib..__nrf__subsys__pcd.a modules/nrf/modules/mcuboot/hooks/lib..__nrf__modules__mcuboot__hooks.a modules/nrf/drivers/hw_cc310/lib..__nrf__drivers__hw_cc310.a modules/mcuboot/boot/bootutil/zephyr/libmcuboot_util.a modules/mbedtls/libmodules__mbedtls.a modules/hal_nordic/nrfx/libmodules__hal_nordic__nrfx.a -Wl,--no-whole-archive zephyr/kernel/libkernel.a -L"c:/zephyr-sdk-0.15.0/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/thumb/v8-m.main/nofp" -LC:/ble/nRF53/nrf/samples/bluetooth/peripheral_uart/build/mcuboot/zephyr -lgcc zephyr/arch/common/libisr_tables.a -no-pie -mcpu=cortex-m33 -mthumb -mabi=aapcs -mfp16-format=ieee -Wl,--gc-sections -Wl,--build-id=none -Wl,--sort-common=descending -Wl,--sort-section=alignment -Wl,-u,_OffsetAbsSyms -Wl,-u,_ConfigAbsSyms -nostdlib -static -Wl,-X -Wl,-N -Wl,--orphan-handling=warn C:/ble/nRF53/nrfxlib/crypto/nrf_cc312_platform/lib/cortex-m33/soft-float/no-interrupts/libnrf_cc312_platform_0.9.15.a && cmd.exe /C "cd /D C:\ble\nRF53\nrf\samples\bluetooth\peripheral_uart\build\mcuboot\zephyr && "C:\Program Files\CMake\bin\cmake.exe" -E echo "" c:/zephyr-sdk-0.15.0/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.exe: zephyr\zephyr_pre0.elf section `bss' will not fit in region `SRAM' c:/zephyr-sdk-0.15.0/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.exe: region `SRAM' overflowed by 174920 bytes
