This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

In processors supporting TrustZone, how is secure memory access protected from a non- secure world application accessing it?

For example, we define a region to be secure. If a non secure app is trying to acess that region, what protection mechanism exists in hardware which will prevent that?

Parents
  • A single physical core can execute code from both the

    Normal world and the Secure world in a time-sliced fashion. The memory system is similarly

    divided. An additional bit, indicating whether the access is Secure or Non-Secure (the NS bit)

    is added to all memory system transactions, including cache tags and access to system memory

    and peripherals. This can be considered as an additional address bit, giving a 32-bit physical

    address space for the Secure world and a completely separate 32-bit physical address space for

    the Normal world.

    If a non secure app access a secure region the slave would respond by issuing SLVERR on its response(RRESP for read & BRESP for write) channel.

    Additionally, if an app needs to access a secure region it can do that by first going into the monitor mode and then writing to this register SCR NS bit.

    The NS bit in the Secure Configuration Register (SCR) in CP15 indicates which world the core

    is currently in. In Monitor mode, the core is always executing in the Secure world, regardless of

    the value of the SCR NS-bit that is used to signal which world you were previously in.

Reply
  • A single physical core can execute code from both the

    Normal world and the Secure world in a time-sliced fashion. The memory system is similarly

    divided. An additional bit, indicating whether the access is Secure or Non-Secure (the NS bit)

    is added to all memory system transactions, including cache tags and access to system memory

    and peripherals. This can be considered as an additional address bit, giving a 32-bit physical

    address space for the Secure world and a completely separate 32-bit physical address space for

    the Normal world.

    If a non secure app access a secure region the slave would respond by issuing SLVERR on its response(RRESP for read & BRESP for write) channel.

    Additionally, if an app needs to access a secure region it can do that by first going into the monitor mode and then writing to this register SCR NS bit.

    The NS bit in the Secure Configuration Register (SCR) in CP15 indicates which world the core

    is currently in. In Monitor mode, the core is always executing in the Secure world, regardless of

    the value of the SCR NS-bit that is used to signal which world you were previously in.

Children
No data