If those bits are not set looks like only MPU define privilege level.
All natual MCU PPC/MPS settings are ignored. I have asked NXP few times and get answer like this:
if you enable secure/non-secure privilege check, the AHB secure controller performs additional check for privilege/non-privilege access. In this case privilege/non-privilege access (defined by either secure on non-secure MPU) has to be aligned with AHB secure controller settings. The privilege/non-privilege check can be separately enabled for secure and non-secure bus transactions. The security of transaction is defined by SAU+IDAU.
The AHB secure controller distinguishes between instruction fetch access and data access. In case of instruction fetch, the strict checking is applied. It means that code has to be executed from the same security level. It means that if CPU is in secure-privilege mode, the code memory has to be configured as secure-privilege in AHB secure controller as well. (This is probably reason for your HardFault). In case of data accesses, the privilege code has access to both privilege and non-privilege (user) memory, the non-privilege code has access to non-privilege (user) memory only.
Please note that if CPU is in secure mode, the secure MPU takes effect. In non-secure/normal mode the non-secure MPU takes effect.
Please also note, that if privilege check is enabled, you cannot simply switch to user mode by writing into CONTROL register in thread mode. This is because of strict check of AHB secure controller for instruction fetch. Once you write into CONTROL register in thread mode, the CPU switches immediately into user mode and this causes HardFault. This is because your code memory is configured as privilege. You need to switch to user mode via interrupt (for example SVC). The interrupt is executed always in privilege mode. Now you can set user mode in CONTROL register (because change to user mode will happen during interrupt exit) and modify return address to the new location, which is configured to user access in AHB secure controller. At the end of this interrupt, the CPU change from privilege to user mode and jump to the new location. So code execution continues in user mode from memory, which configured to the same level in AHB secure controller. The secure/non-secure value is selected based actual secure mode of CPU. You cannot switch from secure-privilege to non-secure-user.
I’m trying to sort code on Secure side first. Just to be sure if NSC calls form non-privileged task call code what is located in nonprivileged section at secure side and MPU_S setting the same as MPC.
I’m aligning code /data sections in linker script directly.
. = ALIGN(4096);
. = ALIGN(32768);
If I not guess privilege level I have hard fault like this:
Entering HardFault interrupt!
SCB->BFSR:IBUSERR fault: Instruction bus error on an instruction prefetch.
Additional AHB secure controller error information:
Secure error at AHB layer 1.
Address that caused secure violation is 0x400455C.
Secure error caused by bus master number 0.
Security level of master 3.
Secure error happened during read code access.
For PPC situation is not clear yet MPU_S configured for keep non-privileged access right to almost entire peripheral area 0x50000000 - 0x500ABFFF.
But in PPC settings, peripherals what can be accessed in privileged mode only, set as S-Priv.
So this is state where I’m right now and I think on secure side is possible to sort code/data some how. But on non-secure, where RTOS are, it might be more complicate task.
API like this xQueueSelectFromSet should wait event as part of non-privileged task infinite time and how they can work via SVC ?