You copied the Doc URL to your clipboard.

How does the SAU determine the memory security attribution?

Information in this article applies to:

  • ARMv8-M


How does the SAU determine the memory security attribution?




The Security Attribution Unit (SAU) is a program unit that determines the security of an address. The following figure shows the flow for the SAU to determine memory security attribution.


The SAU_CTRL.ALLNS register bit

To help you better understand the flow for the SAU to determine memory secure attribution, the usage information of the SAU_CTRL.ALLNS register bit is given below:

  • When the processor is configured with the SAU=0 and the SECEXT parameter is set to 1, the SAU and the SAU registers are still implemented, but the SAU_TYPE bit is set to 0. If SAU_TYPE is set to 0, this means that there are zero SAU regions. However, the SAU_CTRL.ALLNS bit still defines the default security level. To allow the Implementation Defined Attribution Unit (IDAU) to specify the security level, you must set SAU_CTRL.ALLNS to 1.

  • When the SAU is implemented and disabled by setting SAU_CTRL.ENABLE to 0, SAU_CTRL.ALLNS controls whether the memory is marked as Non-Secure or Secure.

  • At reset, before any SAU regions are programmed, the SAU_CTRL.ALLNS bit selects the default internal security level. On reset, the SAU_CTRL.ALLNS bit is always reset to zero, setting all memory, apart from some specific regions in the Private Peripheral Bus (PPB) space, to Secure state. Setting the SAU_CTRL.ALLNS bit to zero prevents an external IDAU from overriding any security level.





Related Information