diff --git a/components/esp_tee/subproject/main/arch/riscv/esp_tee_secure_entry.S b/components/esp_tee/subproject/main/arch/riscv/esp_tee_secure_entry.S index dc5487d48d..333952a247 100644 --- a/components/esp_tee/subproject/main/arch/riscv/esp_tee_secure_entry.S +++ b/components/esp_tee/subproject/main/arch/riscv/esp_tee_secure_entry.S @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -15,21 +15,12 @@ .global _sec_world_entry .type _sec_world_entry, @function _sec_world_entry: - /* Setup the APM for HP CPU in TEE mode */ - li t0, TEE_M0_MODE_CTRL_REG - sw zero, 0(t0) /* APM_LL_SECURE_MODE_TEE = 0 */ - /* Disable the U-mode delegation of all interrupts */ csrwi mideleg, 0 /* Jump to the secure service dispatcher */ jal esp_tee_service_dispatcher - /* Setup the APM for HP CPU in REE mode */ - li t0, TEE_M0_MODE_CTRL_REG - li t1, 0x1 /* APM_LL_SECURE_MODE_REE = 1 */ - sw t1, 0(t0) - /* Enable the U-mode delegation of all interrupts (except the TEE secure interrupt) */ li t0, 0xffffbfff csrw mideleg, t0 diff --git a/components/esp_tee/subproject/main/arch/riscv/esp_tee_vectors.S b/components/esp_tee/subproject/main/arch/riscv/esp_tee_vectors.S index aded4c17a5..92a3a80938 100644 --- a/components/esp_tee/subproject/main/arch/riscv/esp_tee_vectors.S +++ b/components/esp_tee/subproject/main/arch/riscv/esp_tee_vectors.S @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -177,15 +177,16 @@ _panic_handler: addi sp, sp, -16 sw t0, 0(sp) - /* Check whether the exception is an M-mode ecall */ + /* Read mcause */ csrr t0, mcause - xori t0, t0, ECALL_M_MODE - beqz t0, _machine_ecall + + /* Check whether the exception is an M-mode ecall */ + li t1, ECALL_M_MODE + beq t0, t1, _machine_ecall /* Check whether the exception is an U-mode ecall */ - csrr t0, mcause - xori t0, t0, ECALL_U_MODE - beqz t0, _user_ecall + li t1, ECALL_U_MODE + beq t0, t1, _user_ecall /* Restore t0 from the stack */ lw t0, 0(sp) @@ -250,6 +251,10 @@ _return_from_exception: _ecall_handler: /* M-mode ecall handler */ _machine_ecall: + /* Set the privilege mode to transition to after mret to U-mode */ + li t0, MSTATUS_MPP + csrc mstatus, t0 + /* Check whether this is the first M-mode ecall (see esp_tee_init) and skip context restoration */ lui t0, ESP_TEE_M2U_SWITCH_MAGIC beq a1, t0, _skip_ctx_restore @@ -267,15 +272,10 @@ _machine_ecall: restore_general_regs RV_STK_FRMSZ csrrw a0, mscratch, zero - /* This point is reached only after the first M-mode ecall, never again (see esp_tee_init) */ _skip_ctx_restore: /* Copy the ra register to mepc which contains the user app entry point (i.e. call_start_cpu0) */ csrw mepc, ra - /* Set the privilege mode to transition to after mret to U-mode */ - li t3, MSTATUS_MPP - csrc mstatus, t3 - /* Jump to the REE */ mret @@ -291,8 +291,8 @@ _user_ecall: lw t0, 0(sp) addi sp, sp, 16 - /* This point is reached after a secure service call is issued from the REE */ - /* Save register context and the mepc */ + /* This point is reached when a service call is issued from the REE */ + /* Save register context and mepc */ save_general_regs RV_STK_FRMSZ save_mepc diff --git a/components/esp_tee/subproject/main/soc/esp32c6/esp_tee_secure_sys_cfg.c b/components/esp_tee/subproject/main/soc/esp32c6/esp_tee_secure_sys_cfg.c index f02e17a48d..24f3b3c085 100644 --- a/components/esp_tee/subproject/main/soc/esp32c6/esp_tee_secure_sys_cfg.c +++ b/components/esp_tee/subproject/main/soc/esp32c6/esp_tee_secure_sys_cfg.c @@ -100,9 +100,6 @@ void esp_tee_soc_secure_sys_init(void) IRAM_ATTR inline void esp_tee_switch_to_ree(uint32_t ree_entry_addr) { - /* Switch HP_CPU to REE0 mode. */ - apm_tee_hal_set_master_secure_mode(HP_APM_CTRL, APM_LL_MASTER_HPCORE, APM_LL_SECURE_MODE_REE0); - /* 2nd argument is used as magic value to detect very first M2U switch */ /* TBD: clean this up and use proper temporary register instead of a1 */ /* Switch to non-secure world and launch App. */