• State Not Answered
  • Replies 9 replies
  • Subscribers 70 subscribers
  • Views 1746 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 306216
Options

Zephyr bus fault when using PSA crypto with CC310 and Openthread L2 layer

nealjack

Hello,

I am migrating an application based on the old Nordic SDK16 to the NCS Zephyr SDK.

My workspace is using Zephyr commit f8f11338, nrfconnect/mbedtls commit de1b3f57, and nrfconnect/sdk-nrf commit f06fb7d3.

My application utilizes openthread and also requires the use of ECDSA key management and signing.

To use these features, I use the following configuration options to enable the Openthread L2 layer and the PSA crypto library. These options were adapted from zephyr openthread samples and psa crypto ncs sample configurations.


# The Zephyr CMSIS emulation assumes that ticks are ms, currently
CONFIG_SYS_CLOCK_TICKS_PER_SEC=1000

CONFIG_MAIN_STACK_SIZE=4096
CONFIG_HEAP_MEM_POOL_SIZE=4096

# Enable loging using RTT and UART
CONFIG_CONSOLE=y
CONFIG_LOG=y
CONFIG_USE_SEGGER_RTT=y
CONFIG_LOG_BACKEND_RTT=y
CONFIG_LOG_BACKEND_UART=y
CONFIG_LOG_BUFFER_SIZE=15360
CONFIG_SEGGER_RTT_BUFFER_SIZE_UP=15360

# Enable nordic security backend and PSA APIs
CONFIG_NRF_SECURITY=y
CONFIG_MBEDTLS_PSA_CRYPTO_C=y

# Enable persistent storage APIs
CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C=y
CONFIG_PSA_NATIVE_ITS=y

CONFIG_MBEDTLS_ENABLE_HEAP=y
CONFIG_MBEDTLS_HEAP_SIZE=8192
CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y

# Generic networking options
CONFIG_NETWORKING=y
CONFIG_NET_UDP=y
CONFIG_NET_TCP=n
CONFIG_NET_IPV6=y
CONFIG_NET_IPV4=n
CONFIG_NET_DHCPV4=n
CONFIG_NET_SOCKETS=y
CONFIG_NET_SOCKETS_POSIX_NAMES=y
CONFIG_NET_SOCKETS_POLL_MAX=4
CONFIG_NET_SOCKETS_ENABLE_DTLS=y
CONFIG_NET_CONNECTION_MANAGER=y

CONFIG_NET_MGMT=y
CONFIG_NET_MGMT_EVENT=y

# Openthread config
CONFIG_NET_L2_OPENTHREAD=y

CONFIG_OPENTHREAD_MANUAL_START=n
CONFIG_OPENTHREAD_DEBUG=y
CONFIG_OPENTHREAD_L2_DEBUG=y
CONFIG_OPENTHREAD_L2_LOG_LEVEL_INF=y

CONFIG_OPENTHREAD_CHANNEL=26
CONFIG_OPENTHREAD_NETWORKKEY="00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff"

CONFIG_OPENTHREAD_DHCP6_CLIENT=y
CONFIG_OPENTHREAD_SLAAC=y
CONFIG_OPENTHREAD_MTD=y
CONFIG_OPENTHREAD_MTD_SED=y
CONFIG_OPENTHREAD_POLL_PERIOD=1000

With this configuration, I find that my application encounters a bus fault during initialization:

[00:00:00.002,197] <inf> ieee802154_nrf5: nRF5 802154 radio initialized
[00:00:00.002,777] <err> os: ***** BUS FAULT *****
[00:00:00.002,807] <err> os:   Imprecise data bus error
[00:00:00.002,807] <err> os: r0/a1:  0x20001700  r1/a2:  0x00000000  r2/a3:  0x200ff8bd
[00:00:00.002,838] <err> os: r3/a4:  0x200ff8bd r12/ip:  0x000001d1 r14/lr:  0x0001a1ad
[00:00:00.002,838] <err> os:  xpsr:  0x61000000
[00:00:00.002,868] <err> os: s[ 0]:  0x00000000  s[ 1]:  0x00000000  s[ 2]:  0x00000000  s[ 3]:  0x00000000
[00:00:00.002,868] <err> os: s[ 4]:  0x00000000  s[ 5]:  0x00000000  s[ 6]:  0x00000000  s[ 7]:  0x00000000
[00:00:00.002,899] <err> os: s[ 8]:  0x00000000  s[ 9]:  0x00000000  s[10]:  0x00000000  s[11]:  0x00000000
[00:00:00.002,899] <err> os: s[12]:  0x00000000  s[13]:  0x00000000  s[14]:  0x00000000  s[15]:  0x00000000
[00:00:00.002,929] <err> os: fpscr:  0x2000c734
[00:00:00.002,929] <err> os: Faulting instruction address (r15/pc): 0x00031692
[00:00:00.002,960] <err> os: >>> ZEPHYR FATAL ERROR 0: CPU exception on CPU 0
[00:00:00.002,990] <err> os: Current thread: 0x20006310 (unknown)
[00:00:00.435,333] <err> fatal_error: Resetting system



Independently, samples that use openthread or PSA features work successfully, including the persistent_key_usage and the ecdsa samples.
I find that enabling the openthread l2 layer in these examples with the config options mentioned above results in the same bus fault that I am experiencing when running my application. I am convinced this is due to a conflict with the usage of the CC310 accelerator between the PSA library and the Openthread stack.

I have tried to use the oberon stack instead of the CC3XX and while the application no longer experiences a bus fault, psa_generate_key always returns (-134). I tracked this down via gdb to key attribute validation in psa_validate_key_attributes(), specifically psa_validate_key_location().

These issues can be replicated with the existing NCS crypto examples and are not unique to my application.


Is there a preferred way to integrate a crypto library and the openthread stack within an NCS Zephyr application that I missed the documentation for? If not, how can I resolve this configuration conflict between openthread and the PSA libraries?

Thanks,
Neal

Related