Fix secure build definitions when building Secure-only projects

Libraries/CMSIS/Device/Maxim/GCC/gcc.mk

@@ -269,23 +269,36 @@ ifeq "$(MCPU)" "cortex-m33"
 # the two images into one combined image.
 TRUSTZONE ?= 0
 
-ifeq ($(TRUSTZONE),1)
+PROJ_AFLAGS += -DIS_SECURE_ENVIRONMENT
+
 # Security mode for the target processor.
 # Acceptable values are
 # - SECURE
 # - NONSECURE
 #
+# The core, by default, starts up in Secure mode.
+#
 # When "SECURE" is selected, the build system will link the program binary into the secure
 # memory sections and map peripheral instances onto their corresponding secure
 # address aliases.  "MSECURITY_MODE_SECURE" will be defined at compile time.
 #
-# When "NONSCURE" is selected, the program binary will be linked into the non-secure memory
+# When "NONSECURE" is selected, the program binary will be linked into the non-secure memory
 # sections and peripherals will be mapped onto the non-secure address aliases.
 # It should be noted that the M33 will boot into secure mode by default, which has access to
 # both the secure and non-secure addresses and aliases.  "MSECURITY_MODE_NONSECURE" will be defined
 # at compile time.
 MSECURITY_MODE ?= SECURE
 
+ifeq "$(MSECURITY_MODE)" "SECURE"
+PROJ_AFLAGS += -DIS_SECURE_ENVIRONMENT=1
+PROJ_CFLAGS += -DIS_SECURE_ENVIRONMENT=1
+else
+PROJ_AFLAGS += -DIS_SECURE_ENVIRONMENT=0
+PROJ_CFLAGS += -DIS_SECURE_ENVIRONMENT=0
+endif
+
+ifeq ($(TRUSTZONE),1)
+
 # Select whether the CMSE importlib object file is generated.
 # - 0 (default) : Do no generate object file.
 # - 1			: Generate object file.
@@ -301,8 +314,6 @@ ifeq "$(MSECURITY_MODE)" "SECURE"
 # https://developer.arm.com/documentation/ecm0359818/latest
 PROJ_CFLAGS += -mcmse
 
-PROJ_AFLAGS += -DIS_SECURE_ENVIRONMENT
-
 # Generate an object file with empty definitions of the secure image symbols at the correct locations.
 # The object file needs to be linked with the non-secure image.
 ifeq ($(GEN_CMSE_IMPLIB_OBJ),1)

Libraries/CMSIS/Device/Maxim/MAX32657/Include/max32657.h

@@ -154,14 +154,9 @@ typedef enum {
 #include <core_cm33.h>
 #include <cmsis_gcc.h>
 #include <arm_cmse.h>
-#if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U)
-#define IS_SECURE_ENVIRONMENT 1
-#else
-#define IS_SECURE_ENVIRONMENT 0
-#endif
 
 #if defined(__GNUC__)
-#if IS_SECURE_ENVIRONMENT
+#if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U)
 // Type used for secure code to call non-secure code.
 #define __ns_call __attribute((cmse_nonsecure_call))
 typedef void __ns_call (*mxc_ns_call_t) (void); 

Libraries/CMSIS/Device/Maxim/MAX32657/Source/GCC/startup_max32657.S

@@ -29,7 +29,7 @@
 #endif
     .globl    __StackTop
     .globl    __StackLimit
-#if IS_SECURE_ENVIRONMENT
+#if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U)
     // __StackSeal defined in linker script
     .equ      __STACK_SEAL,  __StackSeal
     .globl    __StackSeal
@@ -58,7 +58,6 @@ __HeapBase:
 __HeapLimit:
     .size __HeapLimit, . - __HeapLimit
 
-    # TODO: Validate arch-specific handler layout
     .section .isr_vector
     .align 9 /* must be aligned to 512 byte boundary. VTOR requirement */
     .globl __isr_vector
@@ -152,7 +151,7 @@ Reset_Handler:
     ldr r0, =__StackTop
     mov sp, r0
 
-#if IS_SECURE_ENVIRONMENT
+#if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U)
     /* Set limit on Main and Process SP */
     ldr r0, =__StackLimit
     msr msplim, r0

Libraries/CMSIS/Device/Maxim/MAX32657/Source/system_max32657.c

@@ -26,7 +26,7 @@
 #include "gcr_regs.h"
 
 
-#if IS_SECURE_ENVIRONMENT
+#if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U)
 #include "partition_max32657.h"
 #endif
 
@@ -150,7 +150,7 @@ __weak void SystemInit(void)
 #endif
 
     /* Security Extension Features */
-#if IS_SECURE_ENVIRONMENT
+#if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U)
     /* Settings for TrustZone SAU setup are defined in partitions_max32657.h */
     TZ_SAU_Setup();
 #endif /* TrustZone */