• Locked Locked
  • Replies 4 replies
  • Subscribers 119 subscribers
  • Views 6518 views
  • Users 0 members are here
Options
Related
How was your experience today?
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Trustzone] interrupt level fast world switch(NWD->SWD) solution?

ray mao
Note: This was originally posted on 11th October 2012 at http://forums.arm.com

Dear ARM Engineer,

I have a question about interrupt level fast word switch for trustzone enabled ecosystem.
For scenario - 1 core is running in one World, interrupt of the other World happen. How to switch the core to the other world quickly.

Solution-1
In the whitepaper prd29-genc-009492c_trustzone_security_whitepaper.pdf
one solution is already mentioned. - monitor route slolution.
but this solution need carefully deal with monitor, NWD OS, SWD OS interrupt related code.

Solution-2
I was checking another solution which one World OS actively do swtich directly while the other world interrupt happen.
From ARM GIC Spec, spurious interrupt ID 1022 & 1023 seems to be possible as the flag.
(Suppose NWD only use IRQ, SWD only use FIQ)
After test,
1022 can help SWD->NWD  for case cpu core in SWD and IRQ happened.
1023 can not help NWD->SWD for case cpu core in NWD and FIQ happened. (As 1023 will also happen in other case)

So is there any extra flag/way can help Solution-2 do NWD->SWD.
Or say Besides Monitro solution, is there any other way can help interrupt level fast word switch NWD->SWD while  FIQ happen.

Thanks!
Parents
  • Arm Employee Badge
    Note: This was originally posted on 11th October 2012 at http://forums.arm.com

    Whatever happens you need to go through the monitor - it's the gate keeper between the two worlds, and ensures no unintended data leakage from secure to non-secure.

    For A-profile cores the trustzone monitor overhead tends to be in the noise - the code is usually only a couple of hundred CPU cycles - most A-profile cores lose more time than that in the interrupt handler due to cache and tlb misses. So before you try to micro-optimize and throw your security in the bin, please check that you actually need the interrupt to go faster. In reality you probably don't.

    Iso
Reply
  • Arm Employee Badge
    Note: This was originally posted on 11th October 2012 at http://forums.arm.com

    Whatever happens you need to go through the monitor - it's the gate keeper between the two worlds, and ensures no unintended data leakage from secure to non-secure.

    For A-profile cores the trustzone monitor overhead tends to be in the noise - the code is usually only a couple of hundred CPU cycles - most A-profile cores lose more time than that in the interrupt handler due to cache and tlb misses. So before you try to micro-optimize and throw your security in the bin, please check that you actually need the interrupt to go faster. In reality you probably don't.

    Iso
Children
No data