From "ARM v8-M Architecture Reference Manual", about IDAU I see:
The IDAU can provide the following Security attribution information for an address:• Security attribution exempt. This specifies that the address is exempt from security attribution. This information is combined with the address ranges that are architecturally required to be exempt from attribution.• Non-secure. This specifies if the address is Secure or Non-secure.• Non-secure callable. This specifies if code at the address can be called from Non-secure state. This attribute is only valid if the address is marked as Secure.• Region number. This is the region number that matches the address, and is only used by the TT instruction.• Region number valid. This specifies that the region number is valid. This field has no effect on the attribution of the address, and is only used by the TT instruction.
Given an address, how can I check its IDAU security attribution? Like any register value or API can be checked to see these attribution info? Thanks
You can disable the SAU and enable the ALLNS bit then use the TT instructions to determine the IDAU security attribution.
Checkout the TT,TTT,TTA, TTAT instructions in the v8M ARM.
You'll eventually want to end up at the definition of the SecurityCheck function.
If you search the web for the TT instruction you'll see that tools have wrapped this Assembler instruction, so it may vary from tool to tool.
At the end of the day you get back a structure that looks like this:
typedef union { struct cmse_address_info { unsigned mpu_region:8; unsigned sau_region:8; unsigned mpu_region_valid:1; unsigned sau_region_valid:1; unsigned read_ok:1; unsigned readwrite_ok:1; unsigned nonsecure_read_ok:1; unsigned nonsecure_readwrite_ok:1; unsigned secure:1; unsigned idau_region_valid:1; unsigned idau_region:8; } flags; unsigned value; } cmse_address_info_t;
Great instruction. I'll try it. Thanks.
May I ask a couple follow up questions.
Assume IDAU defined 4 regions:
[0x00000000 - 0x0FFFFFFF] [0x10000000 - 0x1FFFFFFF] [0x20000000 - 0x2FFFFFFF] [0x30000000 - 0x3FFFFFFF]
[0:NS] [1:S] [2:NS] [3:S]
Upon core init:
Setting SAU_CTRL ENABLE bit = 1, and ALLNS bit = 0;
(1) What's the security of the 4 regions now? Are they still NS, S, NS, S, just as the IDAU configured, or they become S, S, S, S?
(2) About ALLNS, ARM v8-M Architecture Reference Manual says "When SAU_CTRL.ENABLE is 0 this bit controls if the memory is marked as Non-secure or Secure."
How about when SAU_CTRL.ENABLE is 1, does ALLNS impacts region security setting whenSAU_CTRL.ENABLE is set 1?
Thank you very much.
Check out the Security attribution unit section in the v8m ARM for more details.
You use the SAU to assign all the NS and NSC address regions.
So every address is secure if you enable the SAU and don't enable any address regions.
The ALLNS bit does not impact the security attribution when the SAU is enabled.