美文网首页工作生活
ARM V8 Exception Level和Secure St

ARM V8 Exception Level和Secure St

作者: 时朝辉 | 来源:发表于2019-07-04 10:19 被阅读0次

本文目的

  1. secure world以及non secure world在CPU硬件中如何体现,如何切换
  2. Exception Level在CPU硬件中如何体现,怎么切换

CPU Exception Level

PSTATE.EL

EL Current Exception level, see Exception levels on page D1-2134. On a reset to AArch64 state, this field holds the encoding for the highest implemented Exception level.
Note:
The ARM architecture requires that a PE resets into the highest implemented Exception level.

访问方法: mrs x0, CurrentEL
CurrentEL只读,不可写

切换方法

  1. 当发生异常,可以提高或者保持相同的异常等级
  2. 当从异常中返回,可以降低或保持相同的异常等级

CPU secure与non secure的表示

Secure状态的切换在EL3中实现,EL3可以设置EL0和EL1的Secure状态,通过设置SCR_EL3的NS位,在系统可以切换secure 和non secure。

  // Set the Secure version of ICC_SRE_EL1
  ISB
  MRS      x1, SCR_EL3
  BIC      w1, w1, #1          // Set NS bit (lower EL in Secure state)
  MSR      SCR_EL3, x1

外设以及内存如何区分Secure State以及Exception Level?

  1. AMBA BUS中有专用的信号线进行Access Permission的控制
    AXI-Access-Permissions.png
    AMBA AXI and ACE Protocol Specification AXI3, AXI4, and AXI4-Lite ACE and ACE-Lite
    从上图可知,AXI规定由AxPROT[0]指定传输是否是在特权等级,但这个限号只有一位,那么这里的特权等级到底指ELx呢?
    image.png

AXI privilege information

Table 7.10. Cortex-A53 MPCore mode and ARPROT and AWPROT values

Processor exception level Type of access Value of ARPROT[0] and AWPROT[0]
EL0, EL1, EL2, EL3 Cacheable read access Privileged access
EL0 Device, or normal Non-cacheable read access Unprivileged access
EL1, EL2, EL3 Device, or normal Non-cacheable read access Privileged access
EL0, EL1, EL2, EL3 Cacheable write access Privileged access
EL0 Device, nGnRnE, nGnRE, and nGRE write Unprivileged access
EL1, EL2, EL3 Device, nGnRnE, nGnRE, and nGRE write Privileged access
EL0 Normal Non-cacheable or Device GRE write, except for STREX, STREXB, STREXH, STREXD, STXR, STXRB, STXRH, STXP, STLXR, STLXRB, STLXRH and STLXP to shareable memory Privileged access
EL0 Normal Non-cacheable write for STREX, STREXB, STREXH, STREXD, STXR STXRB, STXRH, STXP, STLXR, STLXRB, STLXRH and STLXP to shareable memory Unprivileged access
EL1, EL2, EL3 Normal Non-cacheable write Privileged access
EL0, EL1, EL2, EL3 TLB page walk Privileged access

目前看来,没有直接的办法,根据CPU的异常等级,来设置外设的访问权限。只能通过MMU来设置权限

  1. 外设以及内存DDR,SRAM等需要通过SOC内专门的控制器来实现secure以及non-secure的划分,切换,详细见下面文章
    TZPC(TrustZone Protection Controller)

Refs:
Changing Exception Level and Security State with an Armv8-A Fixed Virtual Platform

相关文章

网友评论

    本文标题:ARM V8 Exception Level和Secure St

    本文链接:https://www.haomeiwen.com/subject/rwqlhctx.html