Architecture
Last updated
Last updated
2 separate, virtual MMUs.
Indexed by NS.
Single TLB.
But entries keep the value of NS that created them.
No need to invalidate them when switching between worlds.
The Secure World can still access non-secure memory.
Extra bit on each entry in the secure translation table.
Single cache.
Cache lines keep the NS address bit.
Extra NS line for secure read/write operations.
Non-secure master cannot access a resource marked as secure.
Allows a dynamic classification of AXI slave memory-mapped devices as secure or non-secure.
Partitioning of single memory units.
Controlled by the Secure world.
Keeps a classification of in-SoC memory areas as secure and non-secure.
ROM or SRAM.
Non-secure accesses cannot access secured memory areas.
Controlled by the Secure World.
Allows to dynamically set the security of a peripheral connected to the APB (Advanced Peripheral Bus).
Protects non-secure access requests to reach peripherals marked as secure.
Controlled by the Secure World.
Classifies interrupts as secure or non-secure.
Once set, cannot be changed.
Interrupts can be normal or fast (high-priority).
Secure interrupts usually have higher priority.
Interrupts with a security classification different from the current world force the switching to Monitor (EL3).
Controlled by the Secure World.
