问题
As per CortexA prog Guide
TrustZone hardware also effectively provides two virtual MMUs, one for each virtual processor. This enables each world to have a local set of translation tables, with the Secure world mappings hidden and protected from the Normal world.
The page table descriptions include a NS bit, which is used to determine whether accesses are made to the secure or non-secure physical address space.
Although the page table entry bit is still present, the Normal virtual processor hardware does not use this field, and memory accesses are always made with NS = 1. The Secure virtual processor can therefore access either Secure or Normal memory. Cache and TLB hardware permits Normal and Secure entries to co-exist.
So If a code (running in secure mode) is to be written to access say address 0xA0000000 [NS] and 0xA0000000[S] how would it be coded?
回答1:
So If a code (running in secure mode) is to be written to access say address 0xA0000000 [NS] and 0xA0000000[S] how would it be coded?
It is possible you have a conceptual issue here. There is no physical address 0xA0000000 [NS] and 0xA0000000[S], there is only the physical address 0xA0000000. The NS bit is used by a bus controller, like the HPROT (user/supervisor) access to check permissions on the access; afterwards, only one physical memory address stores the result. In this way, the SDRAM device does not need to be TrustZone aware, but just the bus controllers.
You need the to setup the partition checker to have a world shareable mapping. That is read/write access in both worlds. Then the information as scott gives applies. If both OSes, have an MMU, then create two mappings with the same physical address. Two copies of the memory and MMU entries may exist in the L1-cache and TLB. There is no issue with the duplicate TLB. The L1 may need flushing after writing to this memory. There will be two lines both with the same data, but one tagged with NS and one without.
Hyperthreading for fun and profit may be an interesting paper in this context.
回答2:
The easiest way would be to setup two mappings in the secure MMU translation table which both use physical address 0xA0000000, one which has the NS bit set and another copy at a different virtual address that has the NS bit clear. Then secure states can use the two virtual addresses to make the different accesses.
You could also use just one mapping and change the NS bit, but this would require flushing the TLB after each change.
来源:https://stackoverflow.com/questions/23306239/secure-mode-can-access-secure-non-secure-memory-how