ThreadX secure stack with Secure Manager

QuentinWit · ‎2025-03-24

Hello,

We are using an STM32H573 with the Secure Manager provided by ST running in the secure environment. In the non-secure environment, we are calling PSA functions. These calls work before ThreadX is launched but fail afterward.

According to the page Introduction_to_THREADX#STM32_integration, when TrustZone is enabled, I need to use a secure stack for each thread calling functions from the secure environment. To implement secure stacks, the functions defined in tx_thread_secure_stack.c should be added to the secure environment.The example STM32Cube_FW_H5_V1.4.0/Projects/NUCLEO-H563ZI/Applications/ThreadX/Tx_SecureLEDToggle_TrustZone illustrates this but without using the Secure Manager.

However, I need to use the Secure Manager. Can you provide some guidance ?

Are the functions from the file tx_thread_secure_stack.c included in the Secure Manager ? If so, how can I call them ?
Should I create a secure module with the SMDK for this ?

Thank you in advance for your support!

Best regards
Quentin

Jocelyn RICARD · ‎2025-03-24

Hello @QuentinWit ,

The Secure Manager is not re-entrant. You need to ensure that only one call to Secure Manager is performed at a time, possibly using a semaphore in PSA API.

So, when using Secure Manager, you don't have to deal with secure stack, secure context.

I hope this answers your question

Best regards

Jocelyn

Jocelyn RICARD · ‎2025-03-24

Hello @QuentinWit ,

One example you can use is the X-CUBE-AZURE-H5 here

It is using ThreadX with SecureManager.

Best regards

Jocelyn

tony_m · ‎2025-03-25

Hi,

Here's a wiki that describe what needs to be done to use an RTOS in the Secure Manager context :

https://wiki.st.com/stm32mcu/wiki/Security:How_to_use_an_RTOS_with_Secure_Manager_on_STM32H5

Regards,

Tony