ARM的TrustZone用法 [英] ARM trustzone usage

问题描述

我想请教一下ARM的TrustZone一些问题。

1）任何人都可以给我具体的例子：当需要的TrustZone以及它如何帮助解决安全问题

2）。我heared是可以处理FIQ配置为安全中断。这是否意味着我的FIQ处理程序将位于安全的世界？

3）当FIQ安全/非安全配置做了什么？我认为答案是GIC寄存器的某个地方。我能读这个寄存器，以确保有关安全/非安全FIQ配置？

感谢。

解决方案

1. 它提供特权分离的附加水平，延伸到互联，允许其他软件运行超过特权（因此从保护）的主要操作系统。




2. 如果您配置安全中断被交付到处理FIQ安全的世界，那么世界安全异常向量表是使用的方法。




3. 每当你觉得像，但一般作为一个安全的操作系统启动的一部分。你可以阅读从安全的世界，这些寄存器 - 安全寄存器不是从正常的世界可读

在GIC架构规范可以下载（注册）
http://infocenter.arm.com/help/topic /com.arm.doc.ihi0048b/index.html

I would like to ask some questions about ARM trustzone.

1.) Can anyone give me the concrete example: when trustzone is needed and how it helps to solve security problems?

2.) I heared that FIQs could be configured as "secure interrupts". Does it mean that my FIQ handlers will be situated in secure world?

3.) When this FIQ secure / non secure configuration is done? I think the answer is somewhere in the GIC registers. Could i read this registers to be sure about secure / non secure FIQ configuration?

Thanks.

解决方案

1. It provides an additional level of privilege separation, extended into the interconnect, permitting some other software to run more privileged than (and hence protected from) the main operating system.

2. If you configure Secure interrupts to be delivered as FIQs to Secure world, then the Secure world exception vector table is the one that is used.

3. Whenever you feel like, but generally as part of a Secure OS startup. You can read these registers from Secure world - the Secure registers are not readable from Normal world.

The GIC architecture specification can be downloaded (with registration) from http://infocenter.arm.com/help/topic/com.arm.doc.ihi0048b/index.html

这篇关于ARM的TrustZone用法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！