Does Aarch64 LDTR behave differently in secure vs non-secure?

LDRT is a pre-trustzone instruction, so it is clear it has no notion of secure/non-secure in the first place.
Anyway, I see no reason to "validate" the pointer as there should be no common memory between secure and non-secure world despite a "small" shared memory area. It is IMHO a bad design if secure world has full access to the normal worlds memory.
So even if EL0 provides a pointer to some buffer, it shall be either one in the shared memory or EL1 does a copy from user land to the shared memory and back.

The secure world can easily check if the provided pointer is within the range of the shared memory (given it has the same address mapping).

LDRT is a pre-trustzone instruction, so it is clear it has no notion of secure/non-secure in the first place.
Anyway, I see no reason to "validate" the pointer as there should be no common memory between secure and non-secure world despite a "small" shared memory area. It is IMHO a bad design if secure world has full access to the normal worlds memory.
So even if EL0 provides a pointer to some buffer, it shall be either one in the shared memory or EL1 does a copy from user land to the shared memory and back.

The secure world can easily check if the provided pointer is within the range of the shared memory (given it has the same address mapping).