STM32U575 Secure and non-secure function calls

Suthan · ‎2026-01-28

Hi

I have been testing secure function calls from non-secure world in STM32U575 - TrustZone Enabled environment.

I have a LED_Port which is in secure world (secure peripheral). I have implemented a toggle function in secure project - secure_nsc.c/h

CMSE_NS_ENTRY void SECURE_BlinkBlueLED(void) {...}

I can be able to compile without any issues:

Here are some linker details:

.....................................

I verified the map files as below

.......................

Now I am calling this function from non-secure project: It went to Hard Fault as it calls original function which is in the secure world.

How to call veneer instead of direct function?

Any help?

Saket_Om · ‎2026-01-29

Hello @Suthan

On STM32U5 with TrustZone, the non‑secure code must never call the secure implementation directly; instead, it has to call the veneer located in the NSC (Non‑Secure Callable) region. To achieve this, the function must be declared with `CMSE_NS_ENTRY` in a source file that is linked into the NSC region (for example `secure_nsc.c`), and the non‑secure project must include the corresponding NSC header (for example `secure_nsc.h`) and call that symbol. Please verify that `secure_nsc.o` is placed in the NSC section in the secure linker script and that in your non‑secure map file the symbol `SECURE_BlinkBlueLED` points to an address in the NSC region; otherwise the non‑secure code will attempt to jump directly into secure flash and trigger a HardFault.

To give better visibility on the answered topics, please click on "Accept as Solution" on the reply which solved your issue or answered your question.
Saket_Om