I have several Nonprivileged RTOS tasks on nonSecure side what can do several NSC calls to Secure side.
But any tasks can do any NSC call and it is not so clear what limitation can be set on Secure side for limit caller for it.
Basically , it would be nice to check on Secure side, what exact Task call this API and reject call if it done from task what is not alloud to do it.
I think it should be some standart techniques to do implement this limitation but I haven't found any tips about it.
For example, whe tasks are created I can inform secure side about task handler or range of code what task is occupied and etc.
After that each NSC will have task handler as first parameter and it will be compared with known one.
Can secure side know about caller address space for example.
GCC compiler provide some TT instructions and etc. But they not look as one what can bind NSC call to RTOS tasks.
Are any consideration about techniques how it can be done ?
The secure function can not assume which non-secure task is ongoing by the memory/execution address because of lack of RTOS implementation info. If the RTOS scheduler could notify the secure function the information then it is do-able. Check this link: https://arm-software.github.io/CMSIS_5/Core/html/group__context__trustzone__functions.html
View all questions in TrustZone for Armv8-M forum