I'm studying the arm Musca A board (with the Cortex-M33) and I'm a bit confused about the diferences between SAU, IDAU, MPC, PPC.
Is the SAU used for the core and the PPC for the peripherals? The reference manuals of the core/board and CoreLink SSE-200 are somewhat vague about this subject. So, can anyone explain me the difference between all of these?
Tough question for a Friday afternoon .... :-)
SAU (Security Attrrbution Unit) and IDAU (Implementation Defined Attribution Unit) works together to define how the memory map is partitioned into Secure and Non-secure address ranges. Since SAU supports only up to 8 SAU regions (otherwise it will be a bit large), chip designers can use the IDAU to create the address partitioning (supports up to 256 regions). The security attribute lookup from SAU and IDAU are compared and the higher security attribute is returned. For example, if IDAU said the bootloader ROM is Secure, it is always Secure and cannot be overridden by Secure software.
(Exception - if IDAU said the region is exempted from checking, then SAU attribute is not used. This is typically used for debug components to allow debug connection).
The arrangement of SAU and IDAU is good for some systems. But if the software need to partition an embedded flash into many pages, or if a chip do have many peripherals, even 256 regions is not enough.
MPC (Memory Protection Controller) and PPC (Peripheral Protection Controller) use the concept of Secure and Non-secure address aliases, and control the accessibility of each memory page or peripherals in their Secure and Non-secure alias to achieve the goal to make them Secure or Non-secure.
In short, SAU and IDAU define the security attribute of address regions, and MPC/PPC change the effective address of the memory page or peripheral to make them appear in Secure or Non-secure addresses.
Thank you for your reply! :)
View all questions in TrustZone for Armv8-M forum