We are running a survey to help us improve the experience for all of our members. If you see the survey appear, please take the time to tell us about your experience if you can.
I am working on the trust zone extension on raspberry pi B+ which has the ARM1176JZF-S processor. According to given documentation on arm11, there will be 3 exception vector tables each for Secure world, Non-secure(NS) world and monitor mode resp. And c12 register will hold the base address of both secure and NS world exception vector table base addresses.
I added both these addresses to the c12 register in their corresponding worlds(Secure / NS). I tried SWI (svc) in both worlds. I found that it is working fine in secure world but in the NS world the control goes to the NS reset handler for a SWI instead of SWI handler. I used the following commands :
For secure world : LDR r0, =_start //_start - base address of secure vector table MCR p15, 0, r0, c12, c0, 0 For Non-secure World : LDR r0, =_ns_start //ns_start - base address of non-secure vector table MCR p15, 0, r0, c12, c0, 0
Here is my code: arm_bare_metal/trustzone-smc at master · avk7vk/arm_bare_metal · GitHub
Please let me know the issue here .
Shouldn't _ns_start have some alignment directive before it? Right now it's at offset 0x3c if I'm counting right.
Slightly off topic, you don't need a stack per mode anymore these days (v6 is recent enough to have srs/rfe).
Also, pretty cool that the RPi lets you play with TrustZone, maybe I might get one after all... I like TI's SoCs overall, but very irritatingly on their "GP" (general purpose) devices they make secure world permanently inaccessible*, instead of allowing it to be used freely. Given that TrustZone is essentially a kind of specialized virtualization with extremely fast context switching between the two "VMs", it would be very useful to run an RTOS in secure world in parallel to linux.
*well, thanks to the crappy secrom code I almost got access, except they've also got a piece of logic called the "Secure State Machine" sitting next to the CPU watching it for "suspicious" behavior and when I pulled my trick it got angry at me and hit the reset button. Oh well...
Yes, you were right , there should be ".align 5" directive before it. The last 5 bits of base vector address register are ignored so base vector address should be 32 byte aligned.