I tried to switch between secure and non-secure on M33. Based on the qemu mps2-an521 platform, with sau configured, the security can be switched to the non-secure state, and then I tried to switch to the secure state through the SG instruction, but it failed.
memory layout:
0x0200_0000 - 0x003F_FFFF (non-secure)
0x1000_0000 - 0x100F_FFFF (secure)
0x1010_0000 - 0x101F_FFFF (non-secure callable)
SAU config:
SAU->RBAR = 0x10100000; SAU->RLAR = 0x101FFFE3;
NSC code:
.thumb_func .section NSC,"aw" .globl nsc_call nsc_call: sg nop nop nop
secure ld:
NSC (0x10100000): { *nsc*(.text*) } > RAM
non-secure caller code:
ldr r0, =0x10100001; bx r0
When the line of code 'bx r0' is executed, it will enter the secure world hard fault.
Any reason why this is occurring? I don’t know how to continue.
Thanks for any clues or suggestions.
I misinterpreted "based on", thought some kind of program. How sure can you be that QEMU is correct?
Found the reason, IDAU not configure caused this problem
MP2-AN521 IDAU some items are configurable. This memory not configured as NSC by default. Even if SAU is configured, it will not take effect. After config IDAU NSCCFG register. It can work.
Arm doc:
corelink_sse200_subsystem_for_embedded_technical_reference_manual_101104_0200_00_en.pdf
NSCCFG
The Non-secure Callable Configuration register allows software to define callable regions of memory. The register can do this if the Secure Code region is 0x1000_0000 to 0x1FFF_FFFF and the Secure RAM region is 0x3000_0000 to 0x3FFF_FFFF.
Thanks.