Page MenuHomePhabricator
Create Task
Maniphest T304

Incorrect build options for NS code
Closed, ResolvedPublic
Actions

Description

Michel reported an issue where his code is using the __ARM_FEATURE_CMSE macro to determine for which domain (S or NS) a file is compiled for.
This raised the concern whether the current TF-M way to define secure and non secure build domain is right.

Current design:
Currently TF-M build-system uses the macro __DOMAIN_NS to signal to the code which domain a file is compiled for. Also the build-system sets the --mcmse compiler flag for both secure and non-secure code.

Investigation result:
Based on ARM®v8-M Security Extensions: Requirements on Development Tools the current usage of the --mcmse flag is wrong, but using the __DOMAIN_NS macro can not be avoided as the __ARM_FEATURE_CMSE macro is V8M architecture specific.

Suggested actions:

  1. Fix the build-system to not define the --mcmse flag for non-secure projects.

Event Timeline

adeaarm added a subscriber: adeaarm.Apr 9 2019, 4:16 PM

Also, please note that __DOMAIN_NS (and later, DOMAIN_NS for later CMSIS versions) is used in the CMSIS_5 project hence our build systems has to define them to be able to build correctly those files.

matetothpal claimed this task.Mar 4 2020, 12:14 PM
matetothpal added a subscriber: ashutoshksingh.
matetothpal added a comment.Jun 25 2020, 6:53 AM

Change for this issue had been merged.

matetothpal closed this task as Resolved.Jun 25 2020, 6:54 AM
larrymartin added a subscriber: larrymartin.Jan 23 2024, 7:04 AM

Suggesting a more precise build option for non secure projects seems like a step in the right direction aligning with ARM®v8 M guidelines. Implementation of this change could enhance code clarity and adherence to architecture specific macros.
Aluminum Railing Supplier in Trenton NJ