I'm working on bare metal firmware using Cortex M55. Trustzone and use of cmse macros are enabled.
Both secure world and non secure world are created and built.
We want to call a secure service from non secure world. So for that we create a cmse_ns_entry function at secure side to create a SG in NSC region that could be called from non secure side.
the assembly code is like this :
NON Secure side / NSC / Secure side
call secure_service ----------------> SG ;
B __acle_se_secure_service -----------------> __acle_se_secure_service
which is as expected.
Now, we want to call as well this secure_service function from secure world. So it will call directly the __acle_se_secure_service . it implies several questions from my side :
-> I guess that when the BXNS lr instruction will be executed, CPU is checking the function caller and in case is secure , will not execute BXNS instruction. Is it the case ?
-> I would like to avoid to call all this assembly stuff related to acle function , I mean stcl, vldm, ldcl, bxns as it's as well a secure function called by secure world and in terms of performance, it's not so great if we call it from secure world regularly. Is there a way to avoid it ?
Thanks for your support,
The BXNS Rm conditionally causes a transition from the Secure to the Non-secure state.
Rm indicates a transition to Non-secure state if value is 0, otherwise the target state remains Secure.
In your case, if __acle_se_secure_service is called in secure state, than LR bit 0 would be set as 1, BXNS should stay in secure state.
Thanks Zenon Xiu for your answer.
It will answer to the first part of my question. Could you answer to the second part as well ? I mean is there a way to avoid to execute all this assembly instruction which is dedicated to switch from Secure to Non secure when the function is called from Secure side.
Thanks for your help,
What do you mean by:
TexCorJC said:all this assembly instruction
What is "stcl"?
To my understanding, using the new attributes, the compiler will add code to handle calls from NS which is not executed if called from S.At least that's how I understand this:developer.arm.com/.../11