Arm Community
Site
Search
User
Site
Search
User
Groups
Arm Research
DesignStart
Education Hub
Graphics and Gaming
High Performance Computing
Innovation
Multimedia
Open Source Software and Platforms
Physical
Processors
Security
System
Software Tools
TrustZone for Armv8-M
中文社区
Blog
Announcements
Artificial Intelligence
Automotive
Healthcare
HPC
Infrastructure
Innovation
Internet of Things
Machine Learning
Mobile
Smart Homes
Wearables
Forums
All developer forums
IP Product forums
Tool & Software forums
Support
Open a support case
Documentation
Downloads
Training
Arm Approved program
Arm Design Reviews
Community Help
More
Cancel
Developer Community
Tools and Software
Software Tools
Jump...
Cancel
Software Tools
Arm Development Studio forum
Control MMU for TrustZone
Tools, Software and IDEs blog
Forums
Videos & Files
Help
Jump...
Cancel
New
Replies
9 replies
Subscribers
126 subscribers
Views
5177 views
Users
0 members are here
Related
Control MMU for TrustZone
Offline
thiet pv
over 7 years ago
Note: This was originally posted on 20th July 2011 at http://forums.arm.com
Dear all,
I am a new bie about TrustZone. I arm learning the effect of TrustZone to MMU. I have some problems about the mechanism to manage secure/non-secure region by MMU.
Please help me to understand about them.
My dubious point described as below:
When translation virtual address to physical address, system will use TLB table. I know that, when have a miss occur on TLB, it will find physical page from page table.
From table index of virtual address and table base address, will have first-level descriptor, the first-level descriptor will be input for page table to get physical page table from page table
then fill it to TLB table.
If page table miss, it will find physical page form external memory (RAM) and fill it to page table with it's attribute.
So when cpu stay in secure world, and access to secure physical memory
How to know the address that cpu access include secure physical memory region or no-secure physical memory region?
How to partition the physical memory into secure and non-secure regions?
and if know secure attribute of secure region then
How to fill secure attribute to page table?
Please help me.
Thank you very much,
Offline
thiet pv
over 7 years ago
Note: This was originally posted on 21st July 2011 at
http://forums.arm.com
Thanks for your reply,
I also know that NS bit to indicate the descriptor is secure or non-secure but I don't know when NS bit will update?
and How NS bit will update? and Who will update NS bit for descriptor?
Cancel
Up
0
Down
View discussion
Cancel
Offline
thiet pv
over 7 years ago
Note: This was originally posted on 22nd July 2011 at
http://forums.arm.com
Thanks for reply,
I still some dubious point.
I know that each line on TLB has 2 attribute NS and NSTID. They will specify the descriptor and physical page on each line of TLB is secure or non-secure.
But when has a miss TLB, it must find corresponding physical page at page table then fill it to TLB, so
How to specify this physical page is secure or non-secure?
and
How will TLB update NS and NSTID for this entry?
Can you indicate them for me?
Cancel
Up
0
Down
View discussion
Cancel
Offline
thiet pv
over 7 years ago
Note: This was originally posted on 22nd July 2011 at
http://forums.arm.com
> When the secure world makes a table walk that walk is always made as secure. When the normal world makes a table walk it is always made as non-secure.
I think when the secure world makes a table walk that walk can be secure or non-secure, it depends on the physical page on page table mapped secure or non-secure.
I know that for some TrustZone systems implemented TZASC, TZMA to partition secure and non-secure memory regions. So when have a miss on page table,
it must find this page from main memory (DRAM) and determine whether it is secure or non-secure memory region (by check signal on TZASC for the memory region that it access to)
then fill it to page table with the status of this page on memory region.
My understand is correct or incorrect? Can you explain for me?
> NSTID = currently world of the processor.
> NS = the NS bit from the L1 descriptor if in secure-world, zero otherwise.
Will NS bit from the L1 descriptor specify by attribute on page table?
The mean that when find physical page from page table then NS bit on descriptor will be updated by an secure attribute on page table but I don't know the attribute.
It my understand correct. Can you indicate what is the secure attribute on page table?
Cancel
Up
0
Down
View discussion
Cancel
Offline
thiet pv
over 7 years ago
Note: This was originally posted on 25th July 2011 at
http://forums.arm.com
>> When in the secure world, the walk of the l1 table will _always_ be done using secure accesses.
Yes, in the secure world , the walk always use secure accesses
>> Does this matter?
>> Well, first why would you want the page tables for the Secure world in memory accessible by the
>>Normal world? This seems like a bit of flaw in your software!
I know Normal world don't access to page table for secure world, that at here I want the page table for Normal world in memory accessible by the Secure world
>> Also, the processor does not know whether the target address accepts secure or non-secure (or both!)
>>accesses. The target memory doesn't support the generated access type it will return an error, and the
>>processor will take an abort. There is no auto-sensing system for the processor to discover the kind of access
>>to use.
At here, I want to talk about the TrustZone hardware architecture. I have a point that is not clear is
- Processor makes a table walk, and the physical page on the page table found
- If processor don't know whether secure page or non-secure page, the implementation TZASC, TZMA not meaning. How to fill the status of NS bit for L1 descriptor by hardware?
I think when have a miss on page table, it will find the page on RAM and when it found the page on RAM, It know the page is secure or non-secure page by TZASC, TZMA
because TZASC, TZMA divided the memory on RAM into secure and non-secure regions.
How do you think?
Cancel
Up
0
Down
View discussion
Cancel
Offline
Peter Harris
over 7 years ago
Note: This was originally posted on 20th July 2011 at
http://forums.arm.com
The L1 page table entries contain an "NS" bit which defines whether the memory is secure (NS=0) or non-secure (NS=1). This security setting applies to sections, or to all pages in an L2 table.
The NS bit is ignored if the processor is running in the "non-secure" world, the hardware forces NS=1 in this case.
Iso
Cancel
Up
0
Down
View discussion
Cancel
Offline
Peter Harris
over 7 years ago
Note: This was originally posted on 22nd July 2011 at
http://forums.arm.com
> How to specify this physical page (in the page table) is secure or non-secure?
When the secure world makes a table walk that walk is always made as secure. When the normal world makes a table walk it is always made as non-secure.
> How will TLB update NS and NSTID for this entry?
NSTID = currently world of the processor.
NS = the NS bit from the L1 descriptor if in secure-world, one otherwise.
EDIT: corrected NS-bit description above.
Cancel
Up
0
Down
View discussion
Cancel
Offline
Martin Weidmann
over 7 years ago
Note: This was originally posted on 21st July 2011 at
http://forums.arm.com
There are two things to bare in mind:
Which world the TLB entry belongs to
Whether the memory being described should be accessed using secure or non-secure accesses
The first one is automatic. If the TLB entry is pulled in while in the Secure world, it will be marked as a "Secure" TLB entry. ONLY THE SECURE WORLD WILL BE ABLE TO USE THIS ENTRY. If the TLB entry is pulled in while in the Normal world, it will be marked as a "Non-Secure" TLB entry. ONLY THE NORMAL WORLD WILL BE ABLE TO USE THIS ENTRY.
The second one then... The Normal world can only generate non-secure memory accesses. So when a Normal world TLB entry is used, the processor will just assume that any accesses with be marked non-secure.
The SEcure world can generate secure or non-secure accesses. What will be used for given address range is controlled by the NS bit in the descriptors. For Secure world TLB entries, the value of this bit is stored along side teh translation and other attributes.
Cancel
Up
0
Down
View discussion
Cancel
Offline
Martin Weidmann
over 7 years ago
Note: This was originally posted on 22nd July 2011 at
http://forums.arm.com
" think when the secure world makes a table walk that walk can be secure or non-secure, it depends on the physical page on page table mapped secure or non-secure."
When in the secure world, the walk of the l1 table will _always_ be done using secure accesses. Why? Well, because the processor only has a pointer to the L1 tables (TTBR0/1). It is the tables which define whether secure or non-secure accesses will be used for a particular address range. Therefore until it reads the table it has no way of knowing whether to use secure or non-secure accesses. So, while in the Secure world, the processor will always use secure accesses for the table walk.
Does this matter?
Well, first why would you want the page tables for the Secure world in memory accessible by the Normal world? This seems like a bit of flaw in your software!
Also, the processor does not know whether the target address accepts secure or non-secure (or both!) accesses. The target memory doesn't support the generated access type it will return an error, and the processor will take an abort. There is no auto-sensing system for the processor to discover the kind of access to use.
Cancel
Up
0
Down
View discussion
Cancel
Offline
Martin Weidmann
over 7 years ago
Note: This was originally posted on 25th July 2011 at
http://forums.arm.com
You said:
" If processor don't know whether secure page or non-secure page, the implementation TZASC, TZMA not meaning. How to fill the status of NS bit for L1 descriptor by hardware?"
The processor does not know - that is your job!
When you set up the page tables, it is up to you to correctly set/clear the NS bit of each entry. This involves you knowing what the layout of memory is in your system, and how you have configured any controllers (e.g. TZPV or TZASC). Typically this information will come from the data sheet for the part.
As already discussed, the processor will always use secure accesses to for a table walk while in the Secure world. So again it is down to you to put the page tables in appropriate memory.
Cancel
Up
0
Down
View discussion
Cancel
More questions in this forum
By title
By date
By reply count
By view count
By most asked
By votes
By quality
Descending
Ascending
All recent questions
Unread questions
Questions you've participated in
Questions you've asked
Unanswered questions
Answered questions
Questions with suggested answers
Questions with no replies
Answered
Failed to read contents of Internal RAM L1-I_DATA in ARM DS
0
Arm Development Studio
Cache
Debug and Trace Services Layer (DTSL)
13457
views
23
replies
Latest
4 months ago
by
Boon Khai
Answered
DS-5 connect fail when cortex-r5 is in lock-step mode
+1
11225
views
10
replies
Latest
5 months ago
by
Stuart Hirons
Answered
On Cortex-M4F microcontrollers: is fixed point math faster or floating point?
+1
10775
views
10
replies
Latest
5 months ago
by
Ronan Synnott
Answered
Debugging kernel: OS support not working for Linux 5.4
+1
Kernel Developers
External Hardware Debug
Debugger
9649
views
5
replies
Latest
5 months ago
by
sgoldschmidt
Answered
DS-5 bare metal wait error after run "debug"
+1
DS-5 Development Studio
Debugging
Arm Compiler 5
Memory
32544
views
14
replies
Latest
5 months ago
by
prasadghole
<
>
View all questions in Arm Development Studio forum