aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKen Liu <ken.liu@arm.com>2019-04-17 13:14:46 +0800
committerAntonio de Angelis <antonio.deangelis@arm.com>2019-04-18 14:57:40 +0100
commit20279ab7fdb4b9d161ae44c4b26b063aa9420bde (patch)
tree6fbaf1d7765a86ab5f0eb2ebca31bbacf93afa00
parentbedcbc4d8941f146c27eee5694864679006de072 (diff)
downloadtrusted-firmware-m-20279ab7fdb4b9d161ae44c4b26b063aa9420bde.tar.gz
Core: Avoid NS execution mask secure PendSV
This patch fixes an issue where NS execution can mask or preempt the secure PendSV interrupt, by making sure that the priority number of the secure PendSV is high enough not to be preempted or masked by the NS execution. Change-Id: Iab0ff351efc4e45d92fd80538e0594e65d64623a Signed-off-by: Ken Liu <ken.liu@arm.com>
-rw-r--r--secure_fw/core/tfm_core.c17
1 files changed, 14 insertions, 3 deletions
diff --git a/secure_fw/core/tfm_core.c b/secure_fw/core/tfm_core.c
index 32795f1147..ef24f48848 100644
--- a/secure_fw/core/tfm_core.c
+++ b/secure_fw/core/tfm_core.c
@@ -132,10 +132,21 @@ static int32_t tfm_core_set_secure_exception_priorities(void)
/* FixMe: Explicitly set secure fault and Secure SVC priority to highest */
/*
- * Set PendSV priority to the lowest. NVIC_SetPriority converts '0xFF'
- * to the lowest priority value architecture/platform supported.
+ * Set secure PendSV priority to the lowest in SECURE state.
+ *
+ * IMPORTANT NOTE:
+ *
+ * Although the priority of the secure PendSV must be the lowest possible
+ * among other interrupts in the Secure state, it must be ensured that
+ * PendSV is not preempted nor masked by Non-Secure interrupts to ensure
+ * the integrity of the Secure operation.
+ * When AIRCR.PRIS is set, the Non-Secure execution can act on
+ * FAULTMASK_NS, PRIMASK_NS or BASEPRI_NS register to boost its priority
+ * number up to the value 0x80.
+ * For this reason, set the priority of the PendSV interrupt to the next
+ * priority level configurable on the platform, just below 0x80.
*/
- NVIC_SetPriority(PendSV_IRQn, (1 << __NVIC_PRIO_BITS) - 1);
+ NVIC_SetPriority(PendSV_IRQn, (1 << (__NVIC_PRIO_BITS - 1)) - 1);
return TFM_SUCCESS;
}