Two-stage bootloader - NSIB can't validate mcuboot

I'm trying to set up the two-stage bootloader on nRF5340, NCS version 2.3.0. I am using a custom board with this pm_static_<boardname>_cpuapp.yml:

b0_container:
  address: 0x0
  size: 0x8000
  region: flash_primary
  span:
  - b0
b0:
  address: 0x0
  size: 0x8000
  region: flash_primary
s0:
  address: 0x8000
  size: 0xc000
  region: flash_primary
  span:
  - s0_pad
  - s0_image
s0_image:
  address: 0x8200
  size: 0xbe00
  region: flash_primary
  span:
  - mcuboot
s0_pad:
  address: 0x8000
  size: 0x200
  region: flash_primary
s1:
  address: 0x14000
  size: 0xc000
  region: flash_primary
  span:
  - s1_pad
  - s1_image
s1_image:
  address: 0x14200
  size: 0xbe00
  region: flash_primary
s1_pad:
  address: 0x14000
  size: 0x200
  region: flash_primary
mcuboot:
  address: 0x8200
  size: 0xbe00
  region: flash_primary
mcuboot_pad:
  address: 0x20000
  size: 0x200
  region: flash_primary
app_image:
  address: 0x20200
  size: 0xdbe00
  region: flash_primary
  span:
  - app
settings_storage:
  address: 0xfc000
  size: 0x4000
  region: flash_primary
mcuboot_primary:
  address: 0x20000
  size: 0xdc000
  region: flash_primary
  span:
  - mcuboot_pad
  - app_image
mcuboot_primary_1:
  address: 0x40000
  size: 0x40000
  region: ram_flash
  device: nordic_ram_flash_controller
mcuboot_secondary:
  address: 0x0
  size: 0xdc000
  region: external_flash
  device: mx25r64
mcuboot_secondary_1:
  address: 0xdc000
  size: 0x40000
  region: external_flash
  device: mx25r64
littlefs_storage:
  address: 0x11c000
  size: 0x800000
  region: external_flash
  device: mx25r64
sram_primary:
  address: 0x20000000
  size: 0x80000
  region: sram_primary
external_flash:
  address: 0x91c000
  size: 0x6e4000
  region: external_flash
ram_flash:
  address: 0x40000
  size: 0x0
  region: ram_flash
  device: nordic_ram_flash_controller

I have uploaded b0_container.hex, signed_by_b0_s0_image.hex, and app_signed.hex to the application core.

I uploaded merged_CPUNET.hex to the network core.

The code fails to exit the immutable bootloader. While I cannot seem to get log messages from the immutable bootloader, I was able to step through the code to find a location where a failure seems to occur.

In this code at line 376 of bl_validation.c:

if (!region_within(fwinfo_address, fwinfo_end,
	fw_src_address, fw_src_end)) {
	PRINT("Firmware info is not within signed region.\n\r");
	return false;
}

region_within appears to be called with these arguments:

if (!region_within(0x8200, 0x8200, 0x8200, 0x84b4)) {
	PRINT("Firmware info is not within signed region.\n\r");
	return false;
}

Which causes the validation to fail. Why is inner_end 0x8200? That seems to be the reason region_within returns false.

Related