From "ARM v8-M Architecture Reference Manual", about IDAU I see:
The IDAU can provide the following Security attribution information for an address:• Security attribution exempt. This specifies that the address is exempt from security attribution. This information is combined with the address ranges that are architecturally required to be exempt from attribution.• Non-secure. This specifies if the address is Secure or Non-secure.• Non-secure callable. This specifies if code at the address can be called from Non-secure state. This attribute is only valid if the address is marked as Secure.• Region number. This is the region number that matches the address, and is only used by the TT instruction.• Region number valid. This specifies that the region number is valid. This field has no effect on the attribution of the address, and is only used by the TT instruction.
Given an address, how can I check its IDAU security attribution? Like any register value or API can be checked to see these attribution info? Thanks
Great instruction. I'll try it. Thanks.
May I ask a couple follow up questions.
Assume IDAU defined 4 regions:
[0x00000000 - 0x0FFFFFFF] [0x10000000 - 0x1FFFFFFF] [0x20000000 - 0x2FFFFFFF] [0x30000000 - 0x3FFFFFFF]
[0:NS] [1:S] [2:NS] [3:S]
Upon core init:
Setting SAU_CTRL ENABLE bit = 1, and ALLNS bit = 0;
(1) What's the security of the 4 regions now? Are they still NS, S, NS, S, just as the IDAU configured, or they become S, S, S, S?
(2) About ALLNS, ARM v8-M Architecture Reference Manual says "When SAU_CTRL.ENABLE is 0 this bit controls if the memory is marked as Non-secure or Secure."
How about when SAU_CTRL.ENABLE is 1, does ALLNS impacts region security setting whenSAU_CTRL.ENABLE is set 1?
Thank you very much.
Check out the Security attribution unit section in the v8m ARM for more details.
You use the SAU to assign all the NS and NSC address regions.
So every address is secure if you enable the SAU and don't enable any address regions.
The ALLNS bit does not impact the security attribution when the SAU is enabled.