This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

trustzone translation table

Note: This was originally posted on 15th November 2011 at http://forums.arm.com

After reading the documents in the website, i am quite puzzled about the trustzone feature.
1. Can i disable trustzone extension?
2. Each world has its own virtual processor, virtual mmu and translation table. How to make sure that the normal world can't access the secure world memory? The normal world can't see the physical address of the secure world? Or it can translate the virtual address to the physical address of the secure world, but it can't access that region of memory?
3. Normal world ignores the NS bit in the translation table. So it can access all the physical memory in normal world?
I have read the book: ARM Security Technology: Building a Secure System Using TrustZone Technology, ARM Architecure Reference Manual and ARM Cortex-A programming guide. Did i miss the important part? Can anyone advise me some books regarding the arm cortex-a architecture? I am a beginner at ARM. Thanks.
Parents
  • Note: This was originally posted on 16th November 2011 at http://forums.arm.com

    1) secure physical address 0x8000 is considered to be a different location to non-secure physical address 0x8000.

    What the NS bit in the Secure world's page tables is doing is selecting which of the two different addresses the virtual address maps to.  In the Normal world you have no choice, it always maps to the non-secure address space.

    The processor tells the memory system is via a signal on the bus.  When it specifies the address of a read/write it also specifies secure/non-secure.  The memory system _could_ use this to direct the access to somewhere else, it _could_ use it as a form of access control, or it _could_ just ignore it.  it depends on what the system designers decided.  If you want to use TrustZone you hope they didn't ignore it and did seomthing useful! :-)

    2) Ah ok... I think you have this the wrong way round

    It is the system designer who decides which memories/peripherals are secure or non-secure (or in some cases configurable).  This information would be specified in the data sheet that came with a specific part.  When you set up the page tables you are describing the memory system to the processor. That is this memory IS secure so the processor MUST generate secure accesses.
Reply
  • Note: This was originally posted on 16th November 2011 at http://forums.arm.com

    1) secure physical address 0x8000 is considered to be a different location to non-secure physical address 0x8000.

    What the NS bit in the Secure world's page tables is doing is selecting which of the two different addresses the virtual address maps to.  In the Normal world you have no choice, it always maps to the non-secure address space.

    The processor tells the memory system is via a signal on the bus.  When it specifies the address of a read/write it also specifies secure/non-secure.  The memory system _could_ use this to direct the access to somewhere else, it _could_ use it as a form of access control, or it _could_ just ignore it.  it depends on what the system designers decided.  If you want to use TrustZone you hope they didn't ignore it and did seomthing useful! :-)

    2) Ah ok... I think you have this the wrong way round

    It is the system designer who decides which memories/peripherals are secure or non-secure (or in some cases configurable).  This information would be specified in the data sheet that came with a specific part.  When you set up the page tables you are describing the memory system to the processor. That is this memory IS secure so the processor MUST generate secure accesses.
Children
No data