Memory system and memory partitioning
If the Security Extension is implemented the 4GB memory space is partitioned into Secure and Non-secure memory regions.
The Secure memory space is further divided into two types:
Secure addresses are used for memory and peripherals that are only accessible by Secure software or Secure masters.
Secure transactions are those that originate from masters operating as, or deemed to be, Secure when targeting a Secure address.
Non-secure Callable (NSC)
NSC is a special type of Secure location. This type of memory is the only type which an
ARMv8-M processor permits to hold an
SG instruction that enables software
to transition from Non-secure to Secure state. The inclusion of NSC memory locations
removes the need for Secure software creators to allow for the accidental inclusion of
SG instructions, or data sharing encoding values, in normal Secure
memory by restricting the functionality of the
SG instruction to NSC memory
Typically NSC memory regions contain tables of small branch veneers (entry points). To
prevent Non-secure applications from branching into invalid entry points, there is the
When a Non-secure program calls a function in the Secure side:
- The first instruction in the API must be an
SGinstruction must be in an NSC region, which is defined by the Secure Attribution Unit (SAU) or Implementation Defined Attribution Unit (IDAU).
The reason for introducing NSC memory is to prevent other binary data, for example, a
lookup table, which has a value the same as the opcode as the
instruction, being used as an entry function in to the Secure state. By separating NSC
and Secure memory types, Secure program code containing binary data can be securely
placed in a Secure region without direct exposure to the Normal world, and can only be
accessed using valid entry points in NSC memory.
Non-secure addresses are used for memory and peripherals accessible by all software running on the device.
Non-secure transactions are those that originate from masters operating as, or deemed to be, Non-secure or from Secure masters accessing a Non-secure address. Non-secure transactions are only permitted to access NS addresses, and the system must ensure that NS transactions are denied access to Secure addresses.