Hello, I'm using SBSFU 2.6.2 for user application over freeRTOS. The application runs OK in privileged mode, but crash in unprivileged mode. Similar application w/o freeRTOS runs OK in both modes. Help will be much appreciated, Thanks!

Hey Jocelyn,

Thank you for your reply.

I am using the freeRTOS integrated in STM32 CUBE middleware stack, and in this version MPU is not supported...

Is it OK to activate freeRTOS in permanent privileged mode?

Best regards,

Dotan

Hello Dotan,

MPU is one example I know of peripheral requiring privileged rights.

I didn't dig into other possible peripheral requiring privileged rights that would be used by FreeRTOS.

If your application with FreeRTOS is crashing when running in non privileged mode this means it uses other privileged only components.

Best regards

Jocelyn

Hey Jocelyn,

Thank you for your reply.

In the SBSFU user-application example there is SVC handler for transition into privileged mode during secure access to SE region. 

In freeRTOS there is a portable SVC handler for transition into privileged mode for other proposes. 

1. Can I use the SBSFU infrastructures to enter SE region in permanent privileged mode w/o having dedicated SVN hander?
2. Can I be sure that the freeRTOS will not exit privileged mode at some circumstances? in that case the application might not be able to enter SE region at the needed time

Best regards,

Dotan

Hello Dotan,

The SBSFU SVC handler cannot be used by your application.

Your application has its own vector table.

Also, the SBSFU code should be isolated from your code.

I don't understand your second point. The privileged mode is usually used to execute specific service that require higher privilege and then return to unprivileged.

I'm not sure what you want to do

Best regards

Jocelyn

Hey Jocelyn,

Thank you for the support!

My goal is to activate SBSFU package with freeRTOS based application aims for mass production.

In the SBSFU project I use (STM32F769I-Discovery) there is the boot loader + SEcorebin and user application example.

In the user application there is file called svc_handler.s that contains SVC_Handler implementation using function called MPU_SVC_Handler.

In freeRTOS there is implementation of SVC_Handler using function called vPortSVCHandler.

As noted, my freeRTOS application starts as privileged mode and crash when trying to return to unprivileged mode.

1. How can I be sure that the freeRTOS will not try to leave privileged mode automatically in some internal scenario and will cause to a crash?
2. Is it recommended to have freeRTOS application w/o implementing SVC_handler and enter/leave secure region during application run time?

Thanks you!

Your support is really appreciated

Dotan

Hi,

sorry to jump into this thread, but to me:

• your FreeRTOS kernel must run in privilege mode,
• only your applicative tasks can run in unprivileged mode (and use system calls to ask for kernel services)

A system call is a way for an unprivileged task to access FreeRTOS APIs which otherwise are only available to the privileged software. When an unprivileged task calls a FreeRTOS API, it goes through a system call which temporarily raises the privilege of the calling task, then executes the requested API and resets the privilege back before returning to the caller.

And, to achieve this, I think you need to enable the MPU support in FreeRTOS.

But, if you have SBSFU on STM32F7, the MPU is already used by SBSFU to isolate the Secure Engine.

So, in my opinion, it is not really possible to use the MPU feature of the FreeRTOS.

Now, if you leave your entire "applicative code" (FreeRTOS kernel + user tasks) running in privilege mode, then there is no isolation anymore, this code can access the Secure Engine.

See https://www.st.com/resource/en/user_manual/um2262-getting-started-with-the-xcubesbsfu-stm32cube-expansion-package-stmicroelectronics.pdf

section A.2 (especially A.2.2)

Thanks & Regards,

Fred