If SOC is ARMV8-M Mainline.
If a secure world api called within a none-secure world IRQ handler, after enter the secure state, What the mode the CPU is? Handler mode or Thread mode? and if it is handler mode, dose still the MSP is the SP used by CPU.
For example.
1) In none-secure world, issue a SVC call, 2) CPU enter the none-secure world SVC handler, 3) in the SVC handler, call to a secure-world method
4) cpu change to secure state and execute the method being called, at this moment what the CPU mode is, still handler mode or others.
Thanks!
Hi,
With the Security Extension there are 4 modes:Secure Thread ModeSecure Handler ModeNon-secure Thread ModeNon-secure Handler Mode
Handler mode is used for exception handling (e.g., OS kernel, Interrupt Handlers, etc.).Thread mode is used for applications.
Step 1 - Let's assume the processor is in Non-secure Thread Mode.
Step 2 - The processor switches to Non-secure Handler Mode.
Step 3 - The processor calls a secure library and lands on an SG instruction in Secure Non-secure Callable (NSC) memory.
Step 4 - The processors executes the SG instruction switching the state of the processor to secure state and branches to the Secure memory where the secure library function lives.
Please correct me if I'm wrong, but I believe your question is: "After step 4, is the processor in Secure Thread mode or Secure Handler mode?".
The answer to your question is that the processor will switch to Secure Handler mode (sorry, if you read my previous post, it was not accurate). Similarly, if the processor was in Non-secure Thread mode and made a call to the Secure API, the processor would remain in Thread mode and switch to Secure state.
In theory, for a function return (e.g., BX lr) from non-secure Handler mode (when lr = FNC_RETURN), what secure mode the processor ends up in depends on what secure mode (Thread or Handler) secure state was in before step 1, before the transition to non-secure state, i.e., via a BLXNS instruction. Before the transition, the IPSR (sometime before step 1) indicates which mode the processor was in:
- An IPSR value of zero indicates that the processor is in Thread mode.- An non-zero IPSR value indicates that the processor is in Handler mode.
Out of interest, it would be interesting to know why you asked this question. Is it academic or are you working on a real use case?
Best regards,
Ed
Hi Ed:
Thanks for you reply! Yes, your description is what I'm trying to say.
We are working on an project and want to verify the behavior of the CM33.
What we are doing:
1) Using none secure world SVC software interrupt to change the CPU state to handler mode, within the SVC handler, call to a secure world API, if the CPU state will maintain handler mode after enter the secure state, then we could using the MSP_S and have the privilege to setup PSP_S and PSPLIM_S.
2) If the none secure world call to a secure world API in thread mode, then we could using the PSP_S which has been setup by above step.
Base on your reply, I think the usecase could be implemented without any issues. Please correct me, if I'm wrong.