Enables the generation of code for the Secure state of the ARMv8-M Security Extensions. This option is required when creating a Secure image.
NoteARMv8-M Security Extensions are not supported when building Read-Only Position-Independent (ROPI) and Read-Write Position-Independent (RWPI) images.
-mcmse targets the Secure
state of the ARMv8-M Security Extensions. The following are available:
- The Test Target,
- Non-secure function pointer intrinsics.
- The value of the
__ARM_FEATURE_CMSEpredefined macro indicates what ARMv8-M Security Extension features are supported.
Secure code with the maximum capabilities for the target. For
example, if you compile with no FPU then the Secure functions do not
clear floating-point registers when returning from functions
__attribute__((cmse_nonsecure_entry)). Therefore, the functions could potentially leak sensitive data.
- Structs with undefined bits caused by padding and half float are currently unsupported as arguments and return values for Secure functions. Using such structs might leak sensitive information. Structs that are large enough to be passed by pointer are also unsupported and produce an error.
The following cases are not supported when compiling with
-mcmseand give an error:
- Variadic entry functions.
- Entry functions with arguments that do not fit in registers, because there are either many arguments or the arguments have large values.
- Non-secure function calls with arguments that do not fit in registers, because there are either many arguments or the arguments have large values.
This example shows how to create a Secure image using an input import
oldimportlib.o, and a scatter file,
armclang --target=arm-arm-none-eabi -march=armv8m.main -mcmse secure.c -o secure.o armlink secure.o -o secure.axf
armlink also generates the Secure
code import library,
importlib.o that is required
for a Non-secure image to call the Secure image.