Extension of CMSIS-RTOS for Non-secure RTOS
In some microcontroller devices, the Secure memory space can be locked down and therefore cannot be modified. As a consequence, many embedded applications that are based on ARMv8-M architecture might have an RTOS running from the Non-secure side.
In this configuration, Non-secure threads can still call Secure APIs in the Secure firmware. This means that these threads need Secure stack space allocation and the context switching of the RTOS must also switch the Process Stack Pointer on the Secure side (PSP_S). To meet such requirements, the CMSIS-RTOS API has been extended to support context switching of Secure stack for Non-secure RTOS. The APIs are used by the Non-secure RTOS in initialization, thread creation, and context switching.
The API is standardized so that:
- The operations are identical across different processors (allowing RTOS products to work on a range of ARMv8-M-based processors from different microcontroller vendors).
- The API is open, so all RTOS designers can create RTOS running in the Non-secure domains.
The CMSIS-RTOS API supplies function prototypes to perform the following functions:
- Initialize Secure Process Stack management.
- Allocate Secure stack space for a thread. Since Non-secure software developers have no visibility of the Secure software details, this function does not have stack size requirement information.
Typically, this API must allocate the maximum stack size that is required by API calls.
- Free Secure stack space for a thread.
This frees the allocated Secure stack space when a thread is removed or disabled.
- Store Secure content.
If a context switch occurs when the current thread is in Secure state, the Non-secure RTOS calls this function to save the context of the thread before it is swapped out. Technically the registers are in the Secure stack already, but the PSP_S value must be saved to the Trace Control Block (TCB) in the Secure world.
- Load Secure content.
If the OS has to switch to a context that has previously been saved, use this function to restore the context by setting PSP_S.