Support forums

Architectures and Processors forum Initial page table walk for secure/nonsecure accesses

State Accepted Answer
+1 person also asked this people also asked this
Locked Locked
Replies 3 replies
Subscribers 348 subscribers
Views 6549 views
Users 0 members are here

Options

How was your experience today?

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Initial page table walk for secure/nonsecure accesses

KamGators over 7 years ago

I have a basic concept question. From what I read in the ARMv8 docs... there is an NS and NSTable bit in the page table entries themselves for the 2nd level and higher page table lookups. So these can be used to block access ... I.e. NS access is attempting to do access to secure memory.

One point I don't quite understand is how is the first level page table itself protected? Meaning what determines whether secure/non secure can access the first level page table? the first level page table being the very initial lookup. I believe the address of the page table itself gets programmed in a TTBR register that is not banked on secure/non-secure. So is it a common page table for both worlds if there is a single register and what protection prevents NS trying to change the page table itself?

Thanks

+1 Martin Weidmann over 7 years ago

When in Secure state (EL3 or S.EL0/1), the first level of translation table must be in Secure memory. That is, the processor will treat the values in the TTBRs as being Secure physical addresses. It's only subsequent levels of tables that can be in Non-secure memory (controlled by NSTable).

Note: The NS/NSTable bits are only used in Secure state. In Non-secure state you can only ever access Non-secure physical addresses.
Cancel
Up 0 Down

Cancel
0 KamGators over 7 years ago

Sort of a related question... what will prevent a nonsecure OS or hypervisor to change entries in the nonsecure page table to map a virtual address to same physical page that secure world happens to be using?

thanks
Cancel
Up 0 Down

Cancel
0 Vincent Siles over 7 years ago in reply to KamGators

Nothing at all. To prevent the non-secure OS to access physical memory you consider "Secure Only", you have to use a TZASC (trustzone address space controller), that will use the NS bit of the virtual address to allow or deny access to the physical memory
Cancel
Up 0 Down

Cancel