I would like to discuss the use of the SFN section for the secure
image.
During my port of tf-m to the IAR toolchain I ran into issues
related to the SFN section. There are quite a few functions that are
placed in the SFN section, which is then linked into the
TFM_UNPRIV_CODE block.
I don't know how armclang or gcc handles this, but the IAR compiler
may generate .rodata initializers, which does not end up in the SFN
section, predominantly the in_vec and out_vec structs with debug
builds. I've had to manually add the .rodata sections from these
object files (tfm_*_secure_api.o) to the TFM_UNPRIV_CODE in the
tfm_common linker script in order to work around MemManage_Handler
traps.
I would like to suggest that the relevant files are added to the
relevant block in the tfm_common.* linker script instead of using
the SFN section. That way one can specify that both the .text (ro
code) and .rodata (const) goes into the same block.
Comments?
Thomas