I have a few questions regarding the interaction of secure and non secure code:
1. It is clear to me that non-secure code can only call secure code that is marked non-secure callable, and through certain gateway instructions. However, it is unclear whether or not secure code can call non-secure code. For instance, if I have two boot loaders, one an SOC boot loader, that runs first on startup and then a device boot loader that makes user specific configurations: can the SOC boot loader be secure and the device boot loader be non-secure? how can I branch from a secure region to a non-secure region?
2. Can secure code access non secure memory, through the MPC?
3. Can secure code access non-secure peripheral registers through the PPC?
2 & 3 : Secure and Non-secure are the security attribute of address regions while MPC/PPC act as a gate-keeper to effectively change the address of the memory or peripheral appear in secure or non-secure addresses.
MPC and PPC decides the security attributes of the memory and peripheral regions.Which are accessed accordingly using the Secure and Non-secure alias addresses.1. Agree with previous comment from Uma2. Yes secure code can access Non-secure memory and non-secure peripheral register through Non-secure alias addresses.
View all questions in TrustZone for Armv8-M forum