ARMV8-M CPU State when secure API called by none-secure irq

If SOC is ARMV8-M Mainline.

If a secure world api called within a none-secure world IRQ handler, after enter the secure state, What the mode the CPU is? Handler mode or Thread mode? and if it is handler mode, dose still the MSP is the SP used by CPU.

For example.

1) In none-secure world, issue a SVC call, 2) CPU enter the none-secure world SVC handler, 3) in the SVC handler, call to a secure-world method

4) cpu change to secure state and execute the method being called, at this moment what the CPU mode is, still handler mode or others. 

Thanks!

Parents
  • Hi,

    With the Security Extension there are 4 modes:

    Secure Thread Mode
    Secure Handler Mode
    Non-secure Thread Mode
    Non-secure Handler Mode

    Handler mode is used for exception handling (e.g., OS kernel, Interrupt Handlers, etc.).
    Thread mode is used for applications.

    Step 1 - Let's assume the processor is in Non-secure Thread Mode.

    Step 2 - The processor switches to Non-secure Handler Mode.

    Step 3 - The processor calls a secure library and lands on an SG instruction in Secure Non-secure Callable (NSC) memory.

    Step 4 - The processors executes the SG instruction switching the state of the processor to secure state and branches to the Secure memory where the secure library function lives.

    Please correct me if I'm wrong, but I believe your question is: "After step 4, is the processor in Secure Thread mode or Secure Handler mode?". 

    The answer to your question is that the processor will switch to Secure Handler mode (sorry, if you read my previous post, it was not accurate).  Similarly, if the processor was in Non-secure Thread mode and made a call to the Secure API, the processor would remain in Thread mode and switch to Secure state.

    In theory, for a function return (e.g., BX lr) from non-secure Handler mode (when lr = FNC_RETURN), what secure mode the processor ends up in depends on what secure mode (Thread or Handler) secure state was in before step 1, before the transition to non-secure state, i.e., via a BLXNS instruction. Before the transition, the IPSR (sometime before step 1) indicates which mode the processor was in:

    - An IPSR value of zero indicates that the processor is in Thread mode.
    - An non-zero IPSR value indicates that the processor is in Handler mode.

    Out of interest, it would be interesting to know why you asked this question.  Is it academic or are you working on a real use case?

    Best regards,

    Ed

Reply
  • Hi,

    With the Security Extension there are 4 modes:

    Secure Thread Mode
    Secure Handler Mode
    Non-secure Thread Mode
    Non-secure Handler Mode

    Handler mode is used for exception handling (e.g., OS kernel, Interrupt Handlers, etc.).
    Thread mode is used for applications.

    Step 1 - Let's assume the processor is in Non-secure Thread Mode.

    Step 2 - The processor switches to Non-secure Handler Mode.

    Step 3 - The processor calls a secure library and lands on an SG instruction in Secure Non-secure Callable (NSC) memory.

    Step 4 - The processors executes the SG instruction switching the state of the processor to secure state and branches to the Secure memory where the secure library function lives.

    Please correct me if I'm wrong, but I believe your question is: "After step 4, is the processor in Secure Thread mode or Secure Handler mode?". 

    The answer to your question is that the processor will switch to Secure Handler mode (sorry, if you read my previous post, it was not accurate).  Similarly, if the processor was in Non-secure Thread mode and made a call to the Secure API, the processor would remain in Thread mode and switch to Secure state.

    In theory, for a function return (e.g., BX lr) from non-secure Handler mode (when lr = FNC_RETURN), what secure mode the processor ends up in depends on what secure mode (Thread or Handler) secure state was in before step 1, before the transition to non-secure state, i.e., via a BLXNS instruction. Before the transition, the IPSR (sometime before step 1) indicates which mode the processor was in:

    - An IPSR value of zero indicates that the processor is in Thread mode.
    - An non-zero IPSR value indicates that the processor is in Handler mode.

    Out of interest, it would be interesting to know why you asked this question.  Is it academic or are you working on a real use case?

    Best regards,

    Ed

Children
More questions in this forum