- Previously, only the U-mode interrupt threshold was raised in REE critical sections,
leaving M-mode at the lowest level.
- As a result, when a service call transitioned to M-mode, all interrupts were still
allowed to fire, including those that should have been masked.
- Ensure bound checks correctly handle all scenarios, including
when a requested operation's (SPI0/1) range fully contains the
TEE-protected region.
- Disable delegation of INTWDT timeout and Cache error interrupts as they reset
the device after the panic handler
- Fix incorrect setting in the edge interrupt acknowledgement API
- Avoid executing the service call dispatcher in the U-mode ecall,
rather execute `mret` to jump it
- Avoid `t1` register corruption when processing `ecall`
- Switch back to the bootloader stack from TEE stack after the
execution of the entire TEE initialization routine
- Remove `mret` for jumping to the service call dispatcher; instead, enable
interrupts and execute directly
- Fix potential corruption of the `t3` register when returning from a service
call
- Simplify the secure service dispatcher function
Laukik Hase