The issue happens in TF-M 1.4, not in TF-M 1.3.
From 1.3 to 1.4, the following commit is the point:
SPM: Correct the PendSV priority value
In the commit, PendSV priority is raised from (0x80 - 1) to 0x80.
On Mbed/TF-M M2354, the following flow will fail:
- In TF-M, AIRCR.PRIS set, NSPE priority is 0x80~0xFF.
- In Mbed, interrupt disabled (PRIMASK_NS.PM set), NSPE priority is raised to 0x80.
- Mbed calls into TF-M via NSC.
- In TF-M, on exit from Secure SVC, Secure PendSV (TF-M scheduler) is expected to run, but incorrectly masked by NSPE priority 0x80.
So Secure PendSV priority should adjust back to (0x80 - 1) from just 0x80.