安全模式可以访问安全/非安全内存如何? [英] Secure mode can access secure / non secure memory how?
问题描述
根据CortexA prog指南
As per CortexA prog Guide
TrustZone硬件还有效提供两个虚拟MMU,每个虚拟处理器一个。这使得每个世界都有一套本地的翻译表,安全世界的映射隐藏并保护了普通世界。
TrustZone hardware also effectively provides two virtual MMUs, one for each virtual processor. This enables each world to have a local set of translation tables, with the Secure world mappings hidden and protected from the Normal world.
页表描述包括一个NS位,用于确定是否对安全或非安全的物理地址空间进行访问。
The page table descriptions include a NS bit, which is used to determine whether accesses are made to the secure or non-secure physical address space.
虽然页表条目位仍然存在,但是普通虚拟处理器硬件不使用此字段,并且内存访问总是以NS = 1进行。安全虚拟处理器可以访问安全或正常内存。缓存和TLB硬件允许正常和安全条目共存。
Although the page table entry bit is still present, the Normal virtual processor hardware does not use this field, and memory accesses are always made with NS = 1. The Secure virtual processor can therefore access either Secure or Normal memory. Cache and TLB hardware permits Normal and Secure entries to co-exist.
所以如果一个代码(以安全模式运行)写入访问说地址0xA0000000 [NS ]和0xA0000000 [S]如何编码?
So If a code (running in secure mode) is to be written to access say address 0xA0000000 [NS] and 0xA0000000[S] how would it be coded?
推荐答案
所以如果一个代码在安全模式下)被写入访问说地址0xA0000000 [NS]和0xA0000000 [S]如何编码?
So If a code (running in secure mode) is to be written to access say address 0xA0000000 [NS] and 0xA0000000[S] how would it be coded?
X- 200 200 X- 200 200 X- 20045 X- 20045 X- 20045 X- 20045 X-没有物理地址0xA0000000 [NS] 和 0xA0000000 [S] ,只有物理地址0xA0000000 。总线控制器使用 NS 位,例如 HPROT (用户/主管)访问权限检查权限
It is possible you have a conceptual issue here. There is no physical address 0xA0000000 [NS] and 0xA0000000[S], there is only the physical address 0xA0000000. The NS bit is used by a bus controller, like the HPROT (user/supervisor) access to check permissions on the access; afterwards, only one physical memory address stores the result. In this way, the SDRAM device does not need to be TrustZone aware, but just the bus controllers.
您需要设置分区检查器具有世界可共享映射。这是两个世界的读/写访问。那么 scott 中的信息适用。如果两个操作系统都有一个MMU,则创建两个具有相同物理地址的映射。存储器和MMU条目的两个副本可能存在于L1缓存和TLB中。重复的TLB没有问题。写入这个内存后,L1可能需要刷新。将有两行都具有相同的数据,但一行标有 NS ,另一个不带。
You need the to setup the partition checker to have a world shareable mapping. That is read/write access in both worlds. Then the information as scott gives applies. If both OSes, have an MMU, then create two mappings with the same physical address. Two copies of the memory and MMU entries may exist in the L1-cache and TLB. There is no issue with the duplicate TLB. The L1 may need flushing after writing to this memory. There will be two lines both with the same data, but one tagged with NS and one without.
超线程的乐趣和利润在这方面可能是一个有趣的论文。
Hyperthreading for fun and profit may be an interesting paper in this context.
这篇关于安全模式可以访问安全/非安全内存如何?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
