My team and I are trying to understand what the purpose if the IDAU/SAU is when one has a MPC or PPC at all of the endpoints.
Lets say I have a system with one memory and a core I have a MPC connected up to the memory and the IDAU wired up to decode the 28th bit.
Lets further say that we have a 16k memory. I want 8k for secure and 8k for non-secure
So RAM addr 0x0000 to 0x1FFF is secure
RAM addr 0x2000 to 0x4000 will be non secure
I program up the MPC to represent this
I do what arm recommends and set up my address map from the core to be (per my IDAU 28th bit)
0x00000000 to be my non-secure ram space
0x10000000 to me my secure ram space
So my router pretty much truncates anything from 11 and up and pass that to the MPC
Here is where I get confused (or maybe I am not doing the configuration right).
From what I understand (which granted is very little), the core knows it state then it compares it to what the IDAU says (well assume privileges are ok). If everything is fine then, the core sends what the IDAU says the state should be to the MPC along with the decoded address from the router. Then the MPC will compare it's state with its map.
If the Core in non-secure mode addresses address 0x00000000, the IDAU says that everything is ok (non-secure space), but once it gets the the MPC then it says that things are not ok (0x0000 is secure space).
So the question is, why have the IDAU/SAU at all? It can get the answer wrong, plus it cause confusion because one has to alias everything. Which at first glance doesn't seem necessary.
Why shouldn't the core just send out its security state, not alias anything, and let the MPC deal with it? I am guessing the there is a obvious answer? The only thing that I can think of is that there are separate MPU? Or maybe something to do with the non-secure-callable space?
View all questions in TrustZone for Armv8-M forum