Hello,
I'm new in the forum. I'm starting to work on Cortex-M project using trustzone (IDAU/SAU/MPU).
I have a look to a lot of webinars and documents and I have a question regarding Non-Secure code access. In my configuration, I could set IDAU/SAU/MPU, internal ram of chip is banked to be accessed either by Non Secure state or Secure state and could be executable. In terms of mapping it could be for instance that NS access to internal RAM is 0x01XXXXXX and NSC/S access to internal RAM is 0x02XXXXXX through IDAU/SAU.
At this step, how we could avoid a malicious attack from NS region. I mean I have loaded secure code and data at address 0x02000110. This address access in NS region is 0x01000110. So what happens if NS try to read data at this address 0x01000110. It should access to Secure code / data ? I guess I miss something and would like to get some clarity on it.
Thanks,
Best Regards.
Hi Uma,
Thanks a lot for your reply.
I did not yet deep dive in MPU specification and other specific SOC security gate controller details.
So you mean that this configuration could not be done using MPU but using the security gate controller implemented in the SoC instead ?
Hi TexCor JC,
MPU (Memory protection unit) does not define the security attribute of a memory region. Only IDAU/SAU can define the security attribute of a memory map.
Hence in your SoC configuration, security gate controller plays a vital role than the MPU.
Uma
ok, got it.