I have a question about how the peripheral controller interacts with CCA Realms. Would it be possible to make individual peripherals (MMIO regions, specifically) only accessible from a Realm VM?
In Arm TrustZone, apparently it is possible to configure MMIO regions of individual peripheral to make it only accessible from the secure world, using the Secure Peripherals Controller. I wonder if similar things can be done for Realm VMs.
This is really helpful, thanks!!