refactor(esp_tee): Remove explicit setting of the HP_CPU APM/TEE security mode

components/esp_tee/subproject/main/arch/riscv/esp_tee_secure_entry.S

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -15,21 +15,12 @@
     .global _sec_world_entry
     .type _sec_world_entry, @function
 _sec_world_entry:
-    /* Setup the APM for HP CPU in TEE mode */
-    li      t0, TEE_M0_MODE_CTRL_REG
-    sw      zero, 0(t0)                  /* APM_LL_SECURE_MODE_TEE = 0 */
-
     /* Disable the U-mode delegation of all interrupts */
     csrwi   mideleg, 0
 
     /* Jump to the secure service dispatcher */
     jal     esp_tee_service_dispatcher
 
-    /* Setup the APM for HP CPU in REE mode */
-    li      t0, TEE_M0_MODE_CTRL_REG
-    li      t1, 0x1                      /* APM_LL_SECURE_MODE_REE = 1 */
-    sw      t1, 0(t0)
-
     /* Enable the U-mode delegation of all interrupts (except the TEE secure interrupt) */
     li      t0, 0xffffbfff
     csrw    mideleg, t0

components/esp_tee/subproject/main/arch/riscv/esp_tee_vectors.S

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -177,15 +177,16 @@ _panic_handler:
     addi    sp, sp, -16
     sw      t0, 0(sp)
 
-    /* Check whether the exception is an M-mode ecall */
+    /* Read mcause */
     csrr    t0, mcause
-    xori    t0, t0, ECALL_M_MODE
-    beqz    t0, _machine_ecall
+
+    /* Check whether the exception is an M-mode ecall */
+    li      t1, ECALL_M_MODE
+    beq     t0, t1, _machine_ecall
 
     /* Check whether the exception is an U-mode ecall */
-    csrr    t0, mcause
-    xori    t0, t0, ECALL_U_MODE
-    beqz    t0, _user_ecall
+    li      t1, ECALL_U_MODE
+    beq     t0, t1, _user_ecall
 
     /* Restore t0 from the stack */
     lw      t0, 0(sp)
@@ -250,6 +251,10 @@ _return_from_exception:
 _ecall_handler:
     /* M-mode ecall handler */
 _machine_ecall:
+    /* Set the privilege mode to transition to after mret to U-mode  */
+    li      t0, MSTATUS_MPP
+    csrc    mstatus, t0
+
     /* Check whether this is the first M-mode ecall (see esp_tee_init) and skip context restoration */
     lui     t0, ESP_TEE_M2U_SWITCH_MAGIC
     beq     a1, t0, _skip_ctx_restore
@@ -267,15 +272,10 @@ _machine_ecall:
     restore_general_regs RV_STK_FRMSZ
     csrrw   a0, mscratch, zero
 
-    /* This point is reached only after the first M-mode ecall, never again (see esp_tee_init) */
 _skip_ctx_restore:
     /* Copy the ra register to mepc which contains the user app entry point (i.e. call_start_cpu0) */
     csrw    mepc, ra
 
-    /* Set the privilege mode to transition to after mret to U-mode  */
-    li      t3, MSTATUS_MPP
-    csrc    mstatus, t3
-
     /* Jump to the REE */
     mret
 
@@ -291,8 +291,8 @@ _user_ecall:
     lw      t0, 0(sp)
     addi    sp, sp, 16
 
-    /* This point is reached after a secure service call is issued from the REE */
-    /* Save register context and the mepc */
+    /* This point is reached when a service call is issued from the REE */
+    /* Save register context and mepc */
     save_general_regs RV_STK_FRMSZ
     save_mepc
 

components/esp_tee/subproject/main/soc/esp32c6/esp_tee_secure_sys_cfg.c

@@ -100,9 +100,6 @@ void esp_tee_soc_secure_sys_init(void)
 
 IRAM_ATTR inline void esp_tee_switch_to_ree(uint32_t ree_entry_addr)
 {
-    /* Switch HP_CPU to REE0 mode. */
-    apm_tee_hal_set_master_secure_mode(HP_APM_CTRL, APM_LL_MASTER_HPCORE, APM_LL_SECURE_MODE_REE0);
-
     /* 2nd argument is used as magic value to detect very first M2U switch */
     /* TBD: clean this up and use proper temporary register instead of a1 */
     /* Switch to non-secure world and launch App. */