1. Introduction
When integrating an RTOS with the Secure Manager, it's important to consider thread management. This article provides a step-by-step guide to the specific integration process. It focuses on the mechanism responsible for ensuring secure and thread-safe function calls to the Secure Manager.
2. Prerequisite
- Installed Secure Manager
- Have a nonsecure application compatible with the Secure Manager
- Have the RTOS library chosen by the user integrated in the nonsecure application
3. Implementation example
Using the Secure Manager from a nonsecure application can be done in a single thread, which eliminates the possibility of concurrent access.
However, when working with a real-time operating system and a multi-threaded application, it is essential to protect the calls made to the Secure Manager.
This section will present an implementation example of protecting calls to the Secure Manager in a multi-threaded environment.
3.1. Thread-safe secure calls
To prevent multiple calls from the nonsecure application to the Secure Manager interface functions, a mechanism is included in tfm_ns_interface.c which can be found in the middleware secure_manager_api.
This mechanism, which is based on __weak functions, needs to be re-implemented with a mutex protection to ensure secure and efficient thread management.
The ns_ipc_seq_begin and ns_ipc_seq_end functions, which are declared by default in the Secure Manager, must be re-implemented in the RTOS project to support multi-threaded use.
3.2. Step by step implementation
The following steps outline how to implement mutex in the Secure Manager with RTOS in your project.
- Initialize the mutex
- Create the mutex
- Implement the acquisition and release of the mutex in the interface functions.
3.2.1. Detailed example applied with FreeRTOS.
1. Declare a mutex and initialize it to 0 :
static SemaphoreHandle_t nsIpcMutex = { 0 };
2. Create a function that creates the mutex and assigns it to the nsIpcMutex variable.
void tfm_ns_interface_init( void )
{
nsIpcMutex = xSemaphoreCreateMutex();
if(nsIpcMutex == NULL)
{
// Logging Error
}
}
3. Re-implement the acquisition and release of the mutex with functions defines in semphr.c from library FreeRTOS, in the ns_ipc_seq_begin and ns_ipc_seq_end functions.
void ns_ipc_seq_begin(const ns_ipc_seq_info_t* info)
{
/* Lock mutex */
if(nsIpcMutex != NULL)
{
xSemaphoreTake(nsIpcMutex, portMAX_DELAY );
}
….
}
void ns_ipc_seq_end(const ns_ipc_seq_info_t* info)
{
/* Unlock mutex */
if(nsIpcMutex != NULL)
{
xSemaphoreGive(nsIpcMutex);
}
….
}
For more concrete examples, actual implementations can be found in X-Cube-AWS & X-Cube-Azure using the Secure Manager with a real-time operating system.