Arm Development Studio forum Switch to Non-Secure State During Boot Sequence

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Switch to Non-Secure State During Boot Sequence

Note: This was originally posted on 2nd January 2013 at http://forums.arm.com

According to the specs, after a reset, a processor with the Security Extensions boots into secure mode. I thought I read somewhere that if the TEE isn't initialized, then the REE will be loaded and continue to run in secure state. Is that correct? If a switch is done to non-secure state before the REE is loaded, then how is that done? Is there ALWAYS some code present in the boot sequence to make that switch, even if there's no TEE? This question came up while I was discussing hypervisor mode with a colleague, and we found that hypervisor mode was not available while in secure state. To run using the Virtualization Extensions, the processor would have to be in non-secure state. So that seems to imply that a switch to non-secure state must be done at some point. But we didn't understand how that was done if an OEM didn't implement a TEE.

A related question: Do the processor manufacturers implement a TrustZone enable/disable fuse or switch? I didn't see anything in the ARM processor specs that described a global enable/disable TrustZone hardware switch. If there is such a switch, that would be another way to enter non-secure mode at boot time without additional state switching code.

Thanks for any insight into how this works.