Hi !
I have enabled AHB matrix non-secure privilege check in misc register and try to understand how-to code should be rearranged in this case.
Does it true if Nonprivileged code ( AHB controller settings) can't be executed in privileged mode at all ?
As usually enviroment contain some common code what can be executed in both modes, for example some library function and other code like asserts and etc.
In this case is quite difficalt to separate code and keep rule if privileged mode can't execute nonprivileged code areas.
Do you have any suggestion how to overcome this issue ?
May be some RTOSes can be suggested for usage what are designed for fully utilize LPC security capabilities ?
Regards,
Eugene
Hello Eugene Hiihtaja ,
-Do you meaning, you separate non-secure part into privilege and non-privilege, then use some command code in
both? If yes, you only can put the command code in both privilege part and non-privilege part.
- While I guess you maybe meaning secure and non-secure, because the privilege and non-privilege is used in
RTOSes.
If you meaning secure and non-secure state to call a common code, you can save the code in NSC part. Also the
hello_world_S/NS demo under sdk show this, you can have a look.
Have a great day,
TIC
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi Alice_Yang !
Yes, I'm able quite freely to alocate code in both parts and use MPUs for configure "access windows" and etc.
But enforcing privilege check give a lot of code repartitioning and may be not so everything is clear for me yet.
Let's talk about simple case for non-secure part only.
I have privileged RTOS code and nonprivileged tasks code and nonprivileges library functions and also privileged ISR/SVC handlers.
All of them calls memcpy/memset functions what located in unprivileged code area by MPU and AHB matrix settings.
I have got impression , I should have privileged and nonprivileged copied of memset/memcpy.
If nonprivileged code would like to execute privileged ones, it can be done by SVC call.
But privileged can't execute nonprivileged code at all. Is this so ?
Similar problem coming with peripherals. I can use 1-2 peripherals in nonprivileged mode per RTOS task.
but not more, becouse limited amount of MPU sections. As result some peripherals can be accessed in SVC call only.
But in case of data , peripheral code can access privileged and nonprivileged data/peripherals. Is this so ?
Regards,
Eugene
Hello Eugene,
Sorry, about the RTOS question, please take a tick in this thread:
There is RTOS supporters help you well.
BR
Alice