FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ThreadX secure stack with Secure Manager

QuentinWit
Associate

‎2025-03-24 3:32 AM

Hello,

We are using an STM32H573 with the Secure Manager provided by ST running in the secure environment. In the non-secure environment, we are calling PSA functions. These calls work before ThreadX is launched but fail afterward.

According to the page Introduction_to_THREADX#STM32_integration, when TrustZone is enabled, I need to use a secure stack for each thread calling functions from the secure environment. To implement secure stacks, the functions defined in tx_thread_secure_stack.c should be added to the secure environment.The example STM32Cube_FW_H5_V1.4.0/Projects/NUCLEO-H563ZI/Applications/ThreadX/Tx_SecureLEDToggle_TrustZone illustrates this but without using the Secure Manager.

However, I need to use the Secure Manager. Can you provide some guidance ?

  • Are the functions from the file tx_thread_secure_stack.c  included in the Secure Manager ? If so, how can I call them ?
  • Should I create a secure module with the SMDK for this ?

Thank you in advance for your support!

Best regards
Quentin

Labels:
0 Kudos
4 REPLIES 4
Jocelyn RICARD
ST Employee

‎2025-03-24 6:56 AM

Hello @QuentinWit ,

The Secure Manager is not re-entrant. You need to ensure that only one call to Secure Manager is performed at a time, possibly using a semaphore in PSA API.

So, when using Secure Manager, you don't have to deal with secure stack, secure context.

I hope this answers your question

Best regards

Jocelyn

0 Kudos
Jocelyn RICARD
ST Employee

‎2025-03-24 9:10 AM

Hello @QuentinWit ,

One example you can use is the X-CUBE-AZURE-H5 here

It is using ThreadX with SecureManager. 

Best regards

Jocelyn

0 Kudos
tony_m
ST Employee

‎2025-03-25 3:44 AM

Hi,

Here's a wiki that describe what needs to be done to use an RTOS in the Secure Manager context :

https://wiki.st.com/stm32mcu/wiki/Security:How_to_use_an_RTOS_with_Secure_Manager_on_STM32H5

Regards,

Tony

Guillaume K
ST Employee

‎2025-03-31 8:55 AM - edited ‎2025-03-31 8:58 AM

Hi

To complement what Jocelyn wrote, in X-CUBE-AZURE-H5 package, see application in Projects\STM32H573I-DK\Applications\ROT\Nx_Azure_IoT. It is a project where ThreadX and the application run in non-secure side.

In this project, see Core\Src\ns_ipc_tx_lock.c for locking the calls to secure manager. It is an example of secure manager access locking with threadx.

Note in the IDE project files that TX_SINGLE_MODE_NON_SECURE is set 1 for both the C compiler and the assembler.

Note that Core\Src\system_stm32h5xx_ns.c is used (not system_stm32h5xx.c). The difference is that SystemInit() does nothing. The clocks are initialised in the secure boot.

There is no need to use tx_thread_secure_stack.c. 

Note that an additional timer is started to increment the STM32 HAL tick count. ThreadX reserves the Systick for its own use. See main.c and stm32h5xx_hal_timebase_tim.c.

Also if you plan to use the STM32 RNG IP, the secure manager reserves its use .

0 Kudos
Top