M33 secure context management

Hi !

ARM CMSIS context management specifically suggests using opaque descriptors to identify contexts
https://arm-software.github.io/CMSIS_5/Core/html/group__context__trustzone__functions.html

But you haven’t use those API and can you explain if your design is secure enough as well.
FreeRTOS context allocation accept stack size without any checks and returns to nonsecure side context control structure what include pointer to secure stack and etc.
Or this implementation is good enough and no need any improvements about it ?

Regards,
Eugene

Thank you for your suggestions. The suggestion about checking stack size parameter is good and we will add it. Regarding the opaque pointer, even though we return the context location to the caller, it lies in the secure memory and is therefore, not accessible to the non-secure software. Any attempt to de-reference it will result in a fault.

Thanks.

Hi !

But if real pointer is visible, it can be replaced to other one or even from other task.
Or this kind of threats are not applicable there ?

Eugene