Hello everyone,
I am currently working on an OS that currently doesn't support TrustZone, where I want to do one simple task: Jump to a non-secure function and immediatly return to the secure function.
I modified the function pointer to the ns_function according to this link and configured the SAU according to this page and used the -mcmse flag, TZEN is also set. However, I get a forced Hard Fault, when I try to execute the non-secure code. Why does that happen? Is there something else I have to take into account?
I've only worked once with the Nucleo L552ZE-Q, which was the only time I ever worked with TrustZone. Furthermore, I cannot use the STM32CubeIDE, since the project was not developed with it. Also, the code for secure and non-secure should be in the same binary.
I am using version 11.2.1 of the toolchain from arm.
Thank you very much for any tips you can give me.
"working on an OS that currently doesn't support TrustZone" is a bit confusing statement. The processor can support the Trustzone feature, but your OS cannot support Trustzone feature? If that's the case, both your OS and application code actually run in the same world, which can either be non-secure world, or secure world. You can not jump from one world to the other world except the OS can support the world switch?
What I mean is that I try to enable the OS to use TrustZone. Ans as stated above, I thought about the SAU and the call of the non-secure function (eventhough the NS and S function are in the same file, I call the NS-Function, as if it was in another file by using a function pointer. The LSB is also manipulated for the BLXNS jump into NS and the attribute cmse_nonsecure_call is used).
Having everything above taken into account, what else could cause a HardFault, when I jump to a non-secure section? What else must I do to make this work?
Hi FritzP,
There could be many reasons for getting a Hardfault when you switch between the security states. It might be implementation/system specific detail on how Trustzone is enabled in your platform.
However, from a baremetal platform perspective itself, there are a number of things that needs to be considered/configured between your Secure image/Secure world and Non-Secure image/Non-secure world.
I would recommend you to have a detailed study on below topics from https://developer.arm.com/documentation/100748/0617/Security-features-supported-in-Arm-Compiler-for-Embedded/Overview-of-building-Secure-and-Non-secure-images-with-the-Armv8-M-Security-Extension
(1) Building a Secure image
(2) Building a Non-Secure image
(3) How to create and use import library functions across Secure and Non-Secure images.
Apart from 'Function attributes' and 'SAU configuration', it might be worth checking your scatter file that maps to actual memory configuration needed for your application.
Thanks,
Uma
Thanks for the tip, I will read it and see if I can find something that resolves the issue
Is it required to link with the --import-cmse-lib-out, when the code is in the same file? There is an error when I am adding it to the Makefile, which I cannot pin down right now.Similarly, is it required to use the scatter files? I was discouraged to use them in the beginning of the project, because we are using a linker script.
I think I should cover the points mentioning the header files. And also, the acle-functions are included. I generally covered the points mentioned in the pages above, excluding the scatter files and the --import-cmse-lib-out option.