Hello,I have a very simple program on TrustZone enabled Cortex M33 core; - Start Secure & Privileged state - Set an SRAM Memory Region as Non-Secure using SAU - Set a WORD Value in Non-Secure World from Secure World (I don't switch to Non-Secure code, always running in Secure World)But, somehow I cannot write an NS memory from Secure World.
Secure World should access both Secure & Non-Secure world, but what is the limitation here?The below link mentions some limitations: https://developer.arm.com/documentation/100720/0200/Secure-software-guidelines?lang=en#:~:text=Non%2Dsecure%20memory%20access
- "When Secure code has to access Non-secure memory using an address that is calculated by the Non-secure state, it cannot trust that the address lies in a Non-secure memory region." Herein, I don't know what does mean "calculated by the Non-secure state", I have set a NS region using SAU, and set by absolute address. - "Furthermore, the Memory Protection Unit (MPU) is banked between the security states. Secure and Non-secure code might have different access rights to Non-secure memory." MPU is not set yet. - "The Secure code can use the TT instruction to check Non-secure memory permissions." Ok, if TT shows I don't have permission, how to give permission, using MPU?
Hi 42Bastian Schick, thank you for details. Yes, if I don't enable SAU, the memory range is secure by default, and I can write it as any address on the SRAM.