Double RTOS kernel running on Cortex-M33 (Trustzone)

Hi all,

it would be possible to run two different RTOS kernels on a single core (Cortex-M33) using Trustzone?

For example, let's suppose I want two full RTOS instances (e.g. FreeRTOS), one running in secure zone and other running in non secure zone.

I could call "non_secure_init" routine in secure freertos idle task, which would be responsible for starting another freertos kernel using banked systick/pendsv/svcall irqs (with AIRCR.PRIS = 1, so non secure world would always run w/ lower priority then secure zone). Any NSC called from non-secure world would be executed from secure-world idle task. That's correct?

What would be PROS/CONS of this solution compared to run single kernel in only secure or non-secure world?

I would say (if feasable)

- non-secure world full separated from secure world (e.g. user could choose to implement his application in baremetal, which would be running as secure idle task, or using any RTOS he'd like);

- non secure world real time constraints could be not satistied due to secure world high priority
- calling a NSC function that blocks for something (e.g. osDelay / semaphore / anything else) would not trigger context switch in non secure world (if RTOS is used) 

Best regards,

Alessandro Morniroli