Updated cMSIS Core (Using TrustZone) documentation.

CMSIS/DoxyGen/Core/src/UsingTrustZone.txt

@@ -34,9 +34,9 @@ The figure <b>Simplified Use Case</b> shows and embedded application that is spl
 
  - <b>User Application:</b> control can be transferred to <b>Non-secure state</b> to execute user code. This code can only call functions in the <b>secure state</b> that are marked for execution with the <b>SG</b> (secure gate) instruction and memory attributes. Any attempt to access memory or peripherals that are assigned to the <b>Secure state</b> triggers a security exception.
 
- - <b>Firmware callbacks:</b> code executed in the <b>Secure state</b> can executed code in the <b>Non-secure state</b> using call-back function pointers. For example, a communication stack (protected firmware) could use a I/O driver that is configured in user space.
+ - <b>Firmware callbacks:</b> code running in the <b>Secure state</b> can execute code in the <b>Non-secure state</b> using call-back function pointers. For example, a communication stack (protected firmware) could use an I/O driver that is configured in user space.
 
-\image html "SimpleUseCase.png" "Simplified Use Case"
+<img id="SimpleUseCase" src="SimpleUseCase.png"><CENTER><b>Simplified Use Case</b></CENTER>
 
 Program execution in the <b>Secure state</b> is further protected by TrustZone hardware from software failures.
 For example, an ARMv8-M system may implement two independent SYSTICK timers which allows to stop code execution 
@@ -46,48 +46,48 @@ executing code in <b>Non-secure state</b>.
 
 \subsection Example_TrustZone Program Example
 
-A sample application that reflects this <b>Simplified Use Case</b> is the <b>ARMv8MBL Secure/Non-Secure example</b> that is available in 
+A sample application that reflects this <a href="#SimpleUseCase"><b>Simplified Use Case</b></a> is the <b>ARMv8MBL Secure/Non-Secure example</b> that is available in 
 the Software Pack <b>Keil - ARM V2M-MPS2 Board Support PACK for Cortex-M System Design Kit Devices</b> 
 (Keil:V2M-MPS2_CMx_BSP.1.2.0.pack or higher).
 
 
 \section Model_TrustZone Programmers Model with TrustZone
 
-The figure <b>Secure Memory Map</b> shows the memory view for the Secure state.  In the Secure state all
+The figure <a href="#MemoryMap_S"><b>Secure Memory Map</b></a> shows the memory view for the <b>Secure state</b>.  In the Secure state all
 memory and peripherals can be accessed. The <b>System Control and Debug</b> area provides access to secure peripherals
 and non-secure peripherals that are mirrored at a memory alias.  
 
-The secure peripherals only accessible during program execution in <b>Secure state</b>. The Secure Attribute Unit (SAU)
+The secure peripherals are only accessible during program execution in <b>Secure state</b>. The Secure Attribute Unit (SAU)
 configures the non-secure memory, peripheral, and interrupt access. Also available are a secure MPU (memory protection 
 unit), secure SCB (system control block), and secure SysTick timer.
 
 The system supports two separate interrupt vector tables for secure and non-secure code execution. 
 This interrupt assignment is controlled during <b>Secure state</b> code execution via the NVIC 
 (nested vector interrupt controller).
 
-\image html "MemoryMap_S.png" "Secure Memory Map"
+<img id="MemoryMap_S" src="MemoryMap_S.png"><CENTER><b>Secure Memory Map</b></CENTER>
 
-The figure <b>Non-Secure Memory Map</b> shows the memory view for the Non-secure state. This memory view is identical
+The figure <a href="#MemoryMap_NS"><b>Non-Secure Memory Map</b></a> shows the memory view for the Non-secure state. This memory view is identical
 to the traditional Cortex-M memory map. Access to any secure memory or peripheral space triggers the secure exception
 that executes a handler in <b>Secure state</b>.
 
-The \ref partition_h_pg defines the initial setup of the <b>Non-Secure Memory Map</b> during system start in the Secure state
+The \ref partition_h_pg defines the initial setup of the <a href="#MemoryMap_NS"><b>Non-Secure Memory Map</b></a> during system start in the Secure state
 (refer to functions \ref SystemInit and \ref TZ_SAU_Setup).
 
-\image html "MemoryMap_NS.png" "Non-Secure Memory Map"
+<img id="MemoryMap_NS" src="MemoryMap_NS.png"><CENTER><b>Non-Secure Memory Map</b></CENTER>
 
 The figure <b>Registers</b> shows the register view of the ARMv8-M system with TrustZone. As the general purpose registers
 are can be accessed from any state (secure or non-secure), function calls between the states use these registers for parameter
 and return values.
 
-The register R13 is the stack pointer alias and the actual stack pointer (PSP_NS, MSP_NS, PSP_S, MSP_S)  
-accessed depends on a) state (Secure or Non-secure) and b) mode (handler=exception/interrupt execution or
+The register R13 is the stack pointer alias, and the actual stack pointer (PSP_NS, MSP_NS, PSP_S, MSP_S)  
+accessed depends on state (Secure or Non-secure) and mode (handler=exception/interrupt execution or
 thread=normal code execution). 
 
-In ARMv8-M Mainline, each stack pointer has an limit register (PSPLIM_NS, MSPLIM_NS, PSPLIM_S, MSPLIM_S)
+In ARMv8-M Mainline, each stack pointer has a limit register (PSPLIM_NS, MSPLIM_NS, PSPLIM_S, MSPLIM_S)
 that traps stack overflows with the \b UsageFault exception (register UFSR bit STKOF=1).
 
-An ARMv8-M system with TrustZone has for each state (Secure or Non-secure) an independent \b CONTROL register.
+An ARMv8-M system with TrustZone has an independent \b CONTROL register for each state (Secure or Non-secure).
 The interrupt/exception control registers (PRIMASK, FAULTMASK, BASEPRI) are banked between the states (Secure or Non-secure),
 however the interrupt priority for the Non-Secure state can be lowered (SCB_AIRCR register bit PRIS) so that 
 secure interrupts have always higher priority.