Hi Amit, Stage 1 MMU only affects the software executing the same exception level. Hence Stage 1 MMU at EL3 cannot protect against access by EL2. To protect Secure memory from NS world, either there must be additional IP like Trustzone controller which must be configured appropriately, or peripheral side access filters must be present to protect the memory. If FEAT_RME (from Arm v9.2 onwards) is present, then each world isolation can be achieved using GPF mechanism.
Best Regards Soby Mathew
-----Original Message----- From: Nagal, Amit via TF-A tf-a@lists.trustedfirmware.org Sent: Thursday, April 11, 2024 5:09 PM To: tf-a@lists.trustedfirmware.org Subject: [TF-A] el3 secure memory access from lower exception levels.
Hi ,
As I understand , there are separate page tables in MMU for EL2 and EL3 . If a memory region is mapped as secure memory (MT_SECURE , MT_MEMORY, MT_RW) in bl31 code which runs in EL3 , and the same memory region is mapped again with same attributes (MT_SECURE , MT_MEMORY, MT_RW ) in EL2 , will EL2 be able to read and write to EL3 secure memory region ?
Regards Amit -- TF-A mailing list -- tf-a@lists.trustedfirmware.org To unsubscribe send an email to tf-a-leave@lists.trustedfirmware.org