This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Trustzone ARM V8M Call cmse_ns_entry function from secure world...

Hi,

I'm working on bare metal firmware using Cortex M55. Trustzone and use of cmse macros are enabled.

Both secure world and non secure world are created and built.

We want to call a secure service from non secure world. So for that we create a cmse_ns_entry function at secure side to create a SG in NSC region that could be called from non secure side.

the assembly code is like this :

NON Secure side / NSC / Secure side

call secure_service ----------------> SG ;

B __acle_se_secure_service -----------------> __acle_se_secure_service

STCL

PUSH

........

BXNS lr

which is as expected.

Now, we want to call as well this secure_service function from secure world. So it will call directly the __acle_se_secure_service . it implies several questions from my side :

-> I guess that when the BXNS lr instruction will be executed, CPU is checking the function caller and in case is secure , will not execute BXNS instruction. Is it the case ?

-> I would like to avoid to call all this assembly stuff related to acle function , I mean stcl, vldm, ldcl, bxns as it's as well a secure function called by secure world and in terms of performance, it's not so great if we call it from secure world regularly. Is there a way to avoid it ?

Thanks for your support,

Best Regards,

TexCor JC

Top replies

Zenon Xiu (修志龙） over 2 years ago +2 suggested

The BXNS Rm conditionally causes a transition from the Secure to the Non-secure state. Rm[0] indicates a transition to Non-secure state if value is 0, otherwise the target state remains Secure. In...

0 Zenon Xiu (修志龙） over 2 years ago

The BXNS Rm conditionally causes a transition from the Secure to the Non-secure state.

Rm[0] indicates a transition to Non-secure state if value is 0, otherwise the target state remains Secure.

In your case, if __acle_se_secure_service is called in secure state, than LR bit 0 would be set as 1, BXNS should stay in secure state.
Cancel
Up +2 Down

Cancel
0 TexCorJC over 2 years ago

Thanks Zenon Xiu for your answer.

It will answer to the first part of my question. Could you answer to the second part as well ? I mean is there a way to avoid to execute all this assembly instruction which is dedicated to switch from Secure to Non secure when the function is called from Secure side.

Thanks for your help,

Best Regards,

TexCorJC.
Cancel
Up 0 Down

Cancel
0 42Bastian Schick over 2 years ago in reply to TexCorJC

What do you mean by:

TexCorJC said:
all this assembly instruction

What is "stcl"?
Cancel
Up 0 Down

Cancel
0 42Bastian Schick over 2 years ago in reply to TexCorJC

To my understanding, using the new attributes, the compiler will add code to handle calls from NS which is not executed if called from S.
At least that's how I understand this:
developer.arm.com/.../11
Cancel
Up 0 Down

Cancel