-
Notifications
You must be signed in to change notification settings - Fork 6.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Non-Secure Callable improvements #16055
Non-Secure Callable improvements #16055
Conversation
All checks are passing now. Review history of this comment for details about previous failed status. |
f75b857
to
cf60646
Compare
cf60646
to
a766224
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the patch @oyvindronningstad, i left some comments in the PR and invited @SebastianBoe to take a look, as well. I believe, after addressing the issues, this should be turned to a normal PR
@carlescufi FYI |
a766224
to
5cce642
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Build system related changes are OK.
Needs to be rebased on top of it's dependent PR #16059
2483751
to
640c2f0
Compare
This is, now, meged, @oyvindronningstad ; you might want to rebase it and update the PR description. |
640c2f0
to
93d6d05
Compare
Done |
LGTM |
@galak can you look at this one, please? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not an expert on ARM security stuff, but looks reasonable at a glance.
9d58d5f
to
9c5c832
Compare
671d169
to
d2e0b0a
Compare
@galak , this patch looks merge-able now. Please, take a look as well :) We tested that it works as expected for |
d2e0b0a
to
e352e37
Compare
recheck |
e352e37
to
c4f7681
Compare
@wentongwu could you take a look? |
Add ifdefs to handle the nrf91 case. This change will dynamically place and size the NSC region according to nrf91 HW limitations. Add Cmake check of NSC offset if manually set. Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Add Kconfig options: - ARM_FIRMWARE_USES_SECURE_ENTRY_FUNCS - ARM_ENTRY_VENEERS_LIB_NAME Use these to link the veneers lib into the Non-Secure Firmware when needed. Also, make the path passed to the linker absolute to make it work with makefiles. Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
c4f7681
to
638e041
Compare
@MaureenHelm would you like to take a look at this one, as well? |
In brief, this patch does the following:
CONFIG_TRUSTED_EXECUTION_NONSECURE
=y) to include a Secure Entry function veneer library into the non-secure firmware build. This is done by Kconfig symbol additions inarch/arm/core/Kconfig