I am implementing a small OS as a university project in a A9 chip (a Xilinx Zynq). I am using trustzone to implement some features and I want to pass through SVC calls from user mode directly to monitor, so I issue an SMC in my SVC handler. Here it is a version of the vector table plus handler which works (I removed other handler code for simplicity):
secure_vectors:
ldr pc, _secure_reset
b _secure_undef
b _secure_svc
b _secure_prefAbort
b _secure_dataAbort
b . /* reserved for HYP mode - not supported */
b _secure_irq
b . /* reserved for MON mode */
_secure_undef:
b .
_secure_svc:
smc #0
movs pc, lr
_secure_prefAbort:
b .
_secure_dataAbort:
b .
_secure_irq:
b
However, I am having an issue if I position my handler code immediately after the vector table. If I position the handler as below, sometimes the SMC call is not issued. When debugging I step through the instruction, but it is as if it never happened since the monitor vector table does not receive the SMC exception:
secure_vectors:
ldr pc, _secure_reset
b _secure_undef
b _secure_svc
b _secure_prefAbort
b _secure_dataAbort
b . /* reserved for HYP mode - not supported */
b _secure_irq
b . /* reserved for MON mode */
_secure_svc:
smc #0
movs pc, lr
_secure_undef:
b .
_secure_prefAbort:
b .
_secure_dataAbort:
b .
_secure_irq:
b
Even a "NOP" instruction before the handler solves the problem:
secure_vectors:
ldr pc, _secure_reset
b _secure_undef
b _secure_svc
b _secure_prefAbort
b _secure_dataAbort
b . /* reserved for HYP mode - not supported */
b _secure_irq
b . /* reserved for MON mode */
nop
_secure_svc:
smc #0
movs pc, lr
_secure_undef:
b .
_secure_prefAbort:
b .
_secure_dataAbort:
b .
_secure_irq:
b
I really don't understand why this happens. Am I missing missing something obvious?