Hi !
I'm looking for lightweight OS what can utilize AHB privilege checks on secure and non-secure sides.
Looks like this feature require special code isolation due fact that privilege master can't execute non-privileged code.
Could you suggest what kind of OS can be used for full utilization of all Trustzone-M features of LPC55S69.
Regards,
Eugene
Take a look at SecureThingz.com (part of IAR). I don’t know their products, but I know they support LPC55S6x
Hi !
Not so much information on the site about it.
With freeRTOS and other operation system like this it is possible to utilize almost all TZ-M features but not those 2 ( AHB privilege check.)
In this case privileged master can't execute non privileged code. It means special code reorganization required. Simple example, you need separate memset/memcpy for privileged and nonprivileged code.
Regards,
Eugene
Hello Eugene,
One alternative that fully supports Trustzone is the Azure RTOS ThreadX. You can find more information on its repository:
https://github.com/azure-rtos/threadx/tree/master/ports/cortex_m33
This OS is supported by Microsoft, so we do not have documentation on it but there are some resources on its official website:
https://azure.microsoft.com/en-us/services/rtos/
I hope that this helps!
Regards,
Gustavo
Hello Eugene,
You should be able to utilize the AHB privilege checks regardless of the OS you would be using. You should even be able to use this feature on a bareboard application. However, we do not have examples with this implementation so you would need to setup these privilege checks based on ARM’s Trustzone documentation.
My apologies for the inconvenience.
Regards,
Gustavo
Hi !
With freeRTOS and other similar operation system like this it is possible to utilize almost all TZ-M features but not those 2 ( AHB privilege check.)
In this case privileged master can't execute non privileged code. It means special code reorganization required. Simple example, you need separate memset/memcpy for privileged and nonprivileged code.
Regards,
Eugene
Hello Eugene,
You may use either FreeRTOS or baremetal applications and take advantage of the Trustzone features. There are a couple of examples on the MCUXpresso SDK that should serve as a starting point.
The examples are under rtos examples and are called freertos_blinky_ns (and s) and freertos_mpu_ns (and s). And the rest of the examples without FreeRTOS are under trustzone examples.
I hope that this information helps!
Regards,
Gustavo
Hi @gusarambula !
I just wondering if I not well understood AHB privilege check feature of TZ-M of LPC55Sxx.
What kind of rules are forced in use in case of code, data and access to peripherals ?
I assume both MPUs are active as well.
Regards !
Eugene
Hello !
All of those examples are not utilize this feature. it require special code reorganization and may be even other RTOS.
At it would be nice to have some examples and applications for understand what actions need for
handle this feature of TZ.
Regards,
Eugene