Arm Community
Site
Search
User
Site
Search
User
Groups
Research Collaboration and Enablement
DesignStart
Education Hub
Innovation
Open Source Software and Platforms
Forums
AI and ML forum
Architectures and Processors forum
Arm Development Platforms forum
Arm Development Studio forum
Arm Virtual Hardware forum
Automotive forum
Compilers and Libraries forum
Graphics, Gaming, and VR forum
High Performance Computing (HPC) forum
Infrastructure Solutions forum
Internet of Things (IoT) forum
Keil forum
Morello Forum
Operating Systems forum
SoC Design and Simulation forum
中文社区论区
Blogs
AI and ML blog
Announcements
Architectures and Processors blog
Automotive blog
Graphics, Gaming, and VR blog
High Performance Computing (HPC) blog
Infrastructure Solutions blog
Innovation blog
Internet of Things (IoT) blog
Operating Systems blog
Research Articles
SoC Design and Simulation blog
Tools, Software and IDEs blog
中文社区博客
Support
Arm Support Services
Documentation
Downloads
Training
Arm Approved program
Arm Design Reviews
Community Help
More
Cancel
Support forums
Arm Development Studio forum
secure & non-secure address space in Cotex-A9
Jump...
Cancel
Locked
Locked
Replies
5 replies
Subscribers
121 subscribers
Views
3853 views
Users
0 members are here
Options
Share
More actions
Cancel
Related
How was your experience today?
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion
secure & non-secure address space in Cotex-A9
Offline
jianhui li
over 9 years ago
Note: This was originally posted on 11th May 2011 at
http://forums.arm.com
Dear professor,
I would like to know how is it implemented the separate address space between secure state and non-secure state in Cotex-A9?
" When implemented, the Security Extensions provide two physical address spaces, a Secure physical address space and a Non-secure physical address space."
this is described in the datasheet of ARMv7.
And I understand that secure and non-secure state has separete translation table according to different TTB registers copy.
but i am confused how do they have separe physical address space?
Parents
Offline
Martin Weidmann
over 9 years ago
Note: This was originally posted on 11th May 2011 at
http://forums.arm.com
The layout of the physical address space is system specific.
Typically a system designed to use TrustZone will have a small amount of memory/peripheral space fixed as being Secure only. With part/most of the rest of the system configurable as Secure or Non-Secure. For the configurable regions, the thing that controls Secure/Non-Secure will be something like a TrustZone Protection Controller or TrustZone Address Space Controller. Basically a peripheral with registers you write to in order to toggle a given peripheral or address range between Secure and Non-Secure accessible. You would have to configure this at boot.
Basically - check the documentation for the board/chip you are using.
NOTE - Many systems have TrustZone capable processors - but not TrustZone aware memory systems. That is the chip designer didn't think the secure stuff was necessary for their intended use case, and therefore didn't include the necessary system support. You'll still be able to use the TrustZone features in the processor, but you won't have the memory system protection.
Cancel
Up
0
Down
Cancel
Reply
Offline
Martin Weidmann
over 9 years ago
Note: This was originally posted on 11th May 2011 at
http://forums.arm.com
The layout of the physical address space is system specific.
Typically a system designed to use TrustZone will have a small amount of memory/peripheral space fixed as being Secure only. With part/most of the rest of the system configurable as Secure or Non-Secure. For the configurable regions, the thing that controls Secure/Non-Secure will be something like a TrustZone Protection Controller or TrustZone Address Space Controller. Basically a peripheral with registers you write to in order to toggle a given peripheral or address range between Secure and Non-Secure accessible. You would have to configure this at boot.
Basically - check the documentation for the board/chip you are using.
NOTE - Many systems have TrustZone capable processors - but not TrustZone aware memory systems. That is the chip designer didn't think the secure stuff was necessary for their intended use case, and therefore didn't include the necessary system support. You'll still be able to use the TrustZone features in the processor, but you won't have the memory system protection.
Cancel
Up
0
Down
Cancel
Children
No data