I have an app that seems to work nicely with security set to default, that is no security. The app runs on a MK64FN1M0VLL12 with FreeRTOS. I am building with MCUXpresso 11.0.0 and the 10.2.0 copy of FreeRTOS that is included. One of the features of the app is to support firmware download over a serial port. That feature uses the Kinetis swap feature.
Recently I tried to enable security by building a binary that has the byte at 0x40c set to 0xfb. This binary is sent in the normal way that we do updates, and it is accepted and copied to the inactive block. There is a CRC check of that flash memory to ensure that the copy was accurate.
Upon reboot, the startup code of the app shows that the swap worked and the app is executing from the alternate block than it was before, and generally does quite a bit of work. However, it throws a hard fault around the time that the OS starts. I cannot attach a debugger due to the security, so debugging and trace are not available. However I do print out a stack dump. It shows:
SCB->HFSR = 0x40000000
Forced, SCB->CFSR = 0x00000400
r0 = 0x00000000
r1 = 0x00f00000
r2 = 0xe000ef34
r3 = 0xc0000000
r12 = 0x00000031
lr = 0x0000d0a7
pc = 0x0000ceac
psr = 0x61000000
The PC I pointing to the no-op at the end of a function called prvPortStartFirstTask. It looks like this:
" ldr r0, =0xE000ED08 \n" /* Use the NVIC offset register to locate the stack. */
" ldr r0, [r0] \n"
" ldr r0, [r0] \n"
" msr msp, r0 \n" /* Set the msp back to the start of the stack. */
" mov r0, #0 \n" /* Clear the bit that indicates the FPU is in use, see comment above. */
" msr control, r0 \n"
" cpsie i \n" /* Globally enable interrupts. */
" cpsie f \n"
" dsb \n"
" isb \n"
" svc 0 \n" /* System call to start first task. */
" nop \n"
I am not finding anything in the reference manual about security that would affect this working or not. Any suggestions how to troubleshoot or what I can check would be much appreciated.