Programmer’s Model
Secure peripherals require Secure device drivers to supervise them. To minimize the effects of drivers on system security it is recommended that the Secure device drivers run in the Secure User mode so that they cannot change the NS bit directly.
Secure debug
For details of software debug in Secure systems see, Chapter 13 Debug. Because the processor boots in Secure mode you might have to make special arrangements to debug code not written for TrustZone.
2.2.3TrustZone write access disable
The processor pin CP15SDISABLE disables write access to certain registers in the system control coprocessor. Table 2-1 lists the registers affected by this pin.
Attempts to write to the registers in Table 2-1 when CP15SDISABLE is HIGH result in an Undefined exception. Reads from the registers are still permitted. For more information about the registers, see Chapter 3 System Control Coprocessor.
A change to the CP15SDISABLE pin takes effect on the instructions decoded by the processor as quickly as practically possible. Software must perform a Prefetch Flush CP15 operation, after a change to this pin on the boundary of the macrocell, to ensure that its effect is recognized for following instructions. It it is expected that:
•control of the CP15SDISABLE pin remains within the SoC that embodies the macrocell
•the CP15SDISABLE pin is set to logic 0 by the SoC hardware at reset.
You can use the CP15SDISABLE pin to disable subsequent access to system control processor registers after the Secure boot code runs and protect the configuration that the Secure boot code applies.
Note
With the exception of the TCM Region Registers, the registers in Table 2-1 are only accessible in Secure Privileged modes.
Table 2-1 Write access behavior for system control processor registers
Register |
Instruction that is Undefined |
Security Condition |
|
when CP15SDISABLE=1 |
|||
|
|
||
|
|
|
|
Secure Control Register |
MCR p15, 0, Rd, c1, c0, 0 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
Secure Translation Table Base |
MCR p15, 0, Rd, c2, c0, 0 |
Secure Monitor or Privileged when NS=0 |
|
Register 0 |
|
|
|
|
|
|
|
Secure Translation Table Control |
MCR p15, 0, Rd, c2, c0, 2 |
Secure Monitor or Privileged when NS=0 |
|
Register |
|
|
|
|
|
|
|
Secure Domain Access Control |
MCR p15, 0, Rd, c3, c0, 0 |
Secure Monitor or Privileged when NS=0 |
|
Register |
|
|
|
|
|
|
|
Data TCM Non-secure Control |
MCR p15, 0, Rd, c9, c1, 2 |
Secure Monitor or Privileged when NS=0 |
|
Access Register |
|
|
ARM DDI 0333H |
Copyright © 2004-2009 ARM Limited. All rights reserved. |
2-9 |
ID012410 |
Non-Confidential, Unrestricted Access |
|
Programmer’s Model
Table 2-1 Write access behavior for system control processor registers (continued)
Register |
Instruction that is Undefined |
Security Condition |
|
when CP15SDISABLE=1 |
|||
|
|
||
|
|
|
|
Instruction/Unified TCM |
MCR p15, 0, Rd, c9, c1, 3 |
Secure Monitor or Privileged when NS=0 |
|
Non-secure Control Access |
|
|
|
Register |
|
|
|
|
|
|
|
Data TCM Region Registers |
MCR p15, 0, Rd, c9, c1, 0 |
All TCM Base Registers for which the |
|
|
|
Data TCM Non-secure Control Access |
|
|
|
Register = 0 |
|
|
|
|
|
Instruction/Unified TCM Region |
MCR p15, 0, Rd, c9, c1, 1 |
All TCM Base Registers for which the |
|
Registers |
|
Instruction/Unified TCM Non-secure |
|
|
|
Control Access Register = 0 |
|
|
|
|
|
Secure Primary Region Remap |
MCR p15, 0, Rd, c10, c2, 0 |
Secure Monitor or Privileged when NS=0 |
|
Register |
|
|
|
|
|
|
|
Secure Normal Memory Remap |
MCR p15, 0, Rd, c10, c2, 1 |
Secure Monitor or Privileged when NS=0 |
|
Register |
|
|
|
|
|
|
|
Secure Vector Base Register |
MCR p15, 0, Rd, c12, c0, 0 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
Monitor Vector Base Register |
MCR p15, 0, Rd, c12, c0, 1 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
Secure FCSE Register |
MCR p15, 0, Rd, c13, c0, 0 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
Peripheral Port remap Register |
MCR p15, 0, Rd, c15, c2, 4 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
Instruction Cache master valid |
MCR p15, 3, Rd, c15, c8, {0-7} |
Secure Monitor or Privileged when NS=0 |
|
register |
|
|
|
|
|
|
|
Data Cache master valid register |
MCR p15, 3, Rd, c15, c12, {0-7} |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
TLB lockdown Index register |
MCR p15, 5, Rd, c15, c4, 2 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
TLB lockdown VA register |
MCR p15, 5, Rd, c15, c5, 2 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
TLB lockdown PA register |
MCR p15, 5, Rd, c15, c6, 2 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
TLB lockdown Attribute register |
MCR p15, 5, Rd, c15, c7, 2 |
Secure Monitor or Privileged when NS=0 |
|
|
|
|
|
Validation registers |
MCR p15, 0, Rd, c15, c9, 0 |
Secure Monitor or Privileged when NS=0 |
|
|
MCR p15, 0, Rd, c15, c12, {4-7} |
|
|
|
MCR p15, 0, Rd, c15, c14, 0 |
|
|
|
MCR p15, {0-7}, Rd, c15, c13, {0-7} |
|
|
|
|
|
2.2.4Secure Monitor bus
The SECMONBUS exports a set of signals from the core for use in a monitoring block inside the chip.
Caution
Implementors must ensure that the SECMONBUS signals do not compromise the security of the processor. The signals provide information for a security monitoring block, that is inside the SoC, and must not appear outside the chip.
ARM DDI 0333H |
Copyright © 2004-2009 ARM Limited. All rights reserved. |
2-10 |
ID012410 |
Non-Confidential, Unrestricted Access |
|
Programmer’s Model
Table 2-2 lists the signals that appear on the Secure Monitor bus SECMONBUS.
Table 2-2 Secure Monitor bus signals
Bits Description
[24]ETMIACTL[11] unmodified by Non-invasive security enable masking.
This signal is disabled when ETMPWRUP = 0 and the Performance Monitoring counters are disabled.
[23]ETMIACTL[9] unmodified by Non-invasive security enable masking.
This signal is disabled when ETMPWRUP = 0 and the Performance Monitoring counters are disabled.
[22]Signal that indicates, for duration of operation, the execution of a DMB or DSB operation.
[21] |
Signal that indicates, for 1 cycle, the execution of a Prefetch Flush operation. |
|
|
[20:19] |
Instruction/Unified TCM Region Register bit[0], entries [1:0]. |
|
|
[18:17] |
Data TCM Region Register bit [0], entries [1:0]. |
[16]Non-Secure Access Control register bit [18].
[15]Secure Control Register I bit, bit [12].
[14]Secure Control Register C bit, bit [2].
[13]Secure Control Register M bit, bit [0].
[12]Secure Configuration Register NS bit, bit [0].
[11]CPSR A bit, bit [8], taken from the core pipeline writeback stage.
[10]CPSR I bit, bit [7], taken from the core pipeline writeback stage.
[9]CPSR F bit, bit [6], taken from the core pipeline writeback stage.
[8:5] |
CPSR mode bits, bits [3:0], taken from the core pipeline writeback stage. |
|
|
[4:3] |
ETMDDCTL[1:0] unmodified by Non-invasive security enable masking. |
|
This signal is disabled when ETMPWRUP = 0 and the Performance Monitoring counters are disabled. |
|
|
[2:1] |
ETMDACTL[1:0] unmodified by Non-invasive security enable masking. |
|
This signal is disabled when ETMPWRUP = 0 and the Performance Monitoring counters are disabled. |
[0]ETMIACTL[0] unmodified by Non-invasive security enable masking.
This signal is disabled when ETMPWRUP = 0 and the Performance Monitoring counters are disabled.
Note
nRESETIN resets all SECMONBUS output pins except bits [24:23] and bits [2:0]. nPORESETIN resets the output pins for bits [24:23] and bits [2:0].
ARM DDI 0333H |
Copyright © 2004-2009 ARM Limited. All rights reserved. |
2-11 |
ID012410 |
Non-Confidential, Unrestricted Access |
|