10.1 ARMv8-M Security Extensions
On TrustZone enabled devices, memory is partitioned into two zones: secure and non-secure. Access to secure memory in the non-secure state is done by way of function calls. Such a call originates in non-secure memory and transitions to executing in secure memory. The transition is done by way of a veneer found in another special zone of memory: non-secure callable (NSC). Non-secure callable has various restrictions on how it must be constructed and is populated by the linker. It is always found at the end of the secure memory area.
The -mcmse option enables the ARMv8-M Security Extensions as described
in the "ARMv8-M Security Extensions: Requirements on Development Tools - Engineering
Specification" (developer.arm.com/documentation/ecm0359818/latest).
As part of the Security Extensions XC32 implements two new function attributes:
cmse_nonsecure_entry and cmse_nonsecure_call. XC32
also implements the intrinsics below. FPTR is used here to mean any function pointer
type.
cmse_address_info_t cmse_TT (void *) |
Generates a TT instruction |
cmse_address_info_t cmse_TT_fptr (FPTR) |
Generates a TT instruction. The argument FPTR can be any function pointer type. |
cmse_address_info_t cmse_TTT (void *) |
Generates a TT instruction with the T flag. |
cmse_address_info_t cmse_TTT_fptr (FPTR) |
Generates a TT instruction with the T flag. The argument FPTR can be any function pointer type. |
cmse_address_info_t cmse_TTA (void *) |
Generates a TT instruction with the A flag. |
cmse_address_info_t cmse_TTA_fptr (FPTR) |
Generates a TT instruction with the A flag. The argument FPTR can be any function pointer type. |
cmse_address_info_t cmse_TTAT (void *) |
Generates a TT instruction with the T and A flag. |
cmse_address_info_t cmse_TTAT_fptr (FPTR) |
Generates a TT instruction with the T and A flag. The argument FPTR can be any function pointer type. |
void * cmse_check_address_range (void *, size_t,
int) |
Perform permission checks on C objects |
typeof(p) cmse_nsfptr_create (FPTR) |
Returns the value of p with its LSB cleared. The argument FPTR can be any function pointer type. |
intptr_t cmse_is_nsfptr (FPTR) |
Returns non-zero if p has LSB unset, zero otherwise. The argument FPTR can be |
int cmse_nonsecure_caller (void) |
Returns non-zero if entry function is called from non-secure state and zero otherwise. |