This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

trustzone translation table

Note: This was originally posted on 15th November 2011 at http://forums.arm.com

After reading the documents in the website, i am quite puzzled about the trustzone feature.
1. Can i disable trustzone extension?
2. Each world has its own virtual processor, virtual mmu and translation table. How to make sure that the normal world can't access the secure world memory? The normal world can't see the physical address of the secure world? Or it can translate the virtual address to the physical address of the secure world, but it can't access that region of memory?
3. Normal world ignores the NS bit in the translation table. So it can access all the physical memory in normal world?
I have read the book: ARM Security Technology: Building a Secure System Using TrustZone Technology, ARM Architecure Reference Manual and ARM Cortex-A programming guide. Did i miss the important part? Can anyone advise me some books regarding the arm cortex-a architecture? I am a beginner at ARM. Thanks.

Parents

Martin Weidmann over 12 years ago

Note: This was originally posted on 17th November 2011 at http://forums.arm.com

since the normal world can only see the non-secure physical address space, so the normal can address 4G space. the secure world can see the secure and non-secure physical address space, so it can address 8G space. is that right?

Basically - yes. Although you are assuming that both physical address spaces are fully populated. In most systems this is not the case.

for example, you want to access a virtual address in the secure world and that virtual address is marked as secure in the translation table in the secure world. my question is: how to access the same virtual address which is marked as non-secure in the secure world?

Each world has it own virtual space - which are entirely independent of each other. Just taking the Secure world, the translation tables tell the processor which physical address a given virtual address translates to. With the NS bit in the table entry defining whether it is a secure or non-secure physical address.

So the secure-ness is not known until the address is translated. The processor (the bit that does the work) deals with the virtual address space - not the physical address space. So it does not know - or care - what kind of address (secure/non-secure) the virtual address will eventually translate to.
Cancel
Vote up 0 Vote down

Cancel

Reply

Martin Weidmann over 12 years ago

Note: This was originally posted on 17th November 2011 at http://forums.arm.com

since the normal world can only see the non-secure physical address space, so the normal can address 4G space. the secure world can see the secure and non-secure physical address space, so it can address 8G space. is that right?

Basically - yes. Although you are assuming that both physical address spaces are fully populated. In most systems this is not the case.

for example, you want to access a virtual address in the secure world and that virtual address is marked as secure in the translation table in the secure world. my question is: how to access the same virtual address which is marked as non-secure in the secure world?

Each world has it own virtual space - which are entirely independent of each other. Just taking the Secure world, the translation tables tell the processor which physical address a given virtual address translates to. With the NS bit in the table entry defining whether it is a secure or non-secure physical address.

So the secure-ness is not known until the address is translated. The processor (the bit that does the work) deals with the virtual address space - not the physical address space. So it does not know - or care - what kind of address (secure/non-secure) the virtual address will eventually translate to.
Cancel
Vote up 0 Vote down

Cancel

Children

No data