On Tue, May 11, 2021 at 5:44 AM Valdis Klētnieks <valdis.kletnieks@xxxxxx> wrote: > > On Sun, 09 May 2021 08:40:56 +0200, loïc tourlonias said: > > > related to our architecture. We are working on a ARM Cortex-A7 which > > have an isolation between a normal world and a secure world. Linux is > > working on the normal world for the UI and FreeRTOS is running on the > > secure world. > > Is there an easily comprehensible explanation of how that whole ARM normal/secure > stuff is supposed to work? I'll try to explain shortly. On ARM Cortex-A family, the core has two isolated worlds (normal/secure). The two worlds have their own context (register, stack ...) and the normal world have less privileges than the secure world. The core starts in the secure world and the secure software configures the context of the normal world before giving the execution to the normal world with a specific ARM instruction SMC 0. The communication between normal and secure worlds is done through SMC. When the normal world requires privileged access (secure clock configuration for example), it askes the secure world the access by calling a SMC instruction (with a specific ID), then a SMC exception is triggered in the secure context. The secure monitor catches this exception and handles it before returning to the normal world. I haven't found any block diagram or data flow to explain this. I've only found some useful links from ARM community: https://www.microcontrollertips.com/embedded-security-brief-arm-trustzone-explained/ https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/architecting-more-secure-world-with-isolation-and-virtualization HTH _______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
