Login

Important information

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies.

ARM websites use two types of cookie: (1) those that enable the site to function and perform as required; and (2) analytical cookies which anonymously track visitors only while using the site. If you are not happy with this use of these cookies please review our Privacy Policy to learn how they can be disabled. By disabling cookies some features of the site will not work.

ARM Community: ARM Cortex-A9 GIC interrup security issue - ARM Community

Jump to content

» 

Quick Links

  Mobile
  Processors
  Social Media
  ARM Powered Products
» 

Community

expand Embedded
expand Multimedia
expand SoC Design
expand Software Enablement
expand Smart Connected Devices
expand Blogs
expand Forums
expand Social Media
expand Find an ARM Partner
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

ARM Cortex-A9 GIC interrup security issue Rate Topic: -----

#1 User is offline   SeaFood 

  • Member
  • Pip
  • Group: Members
  • Posts: 4
  • Joined: 27-March 12

Posted 27 March 2012 - 10:19 AM

Hello,

I a newbie in embedded programming. Currently I am developing an embedded tool
running on ARM Cortex-A9. I meet an security issue when trying to use ARM Generic Interrupt Controller (GIC).

Following is the detail describing for my issue:
A. My tool MUST running in non-secure mode. It has to catch interrupt ID 117 (only).
But
B. It seems that (as I investigated) a software running in non-secure mode could not access to secure registers.

Could you please confirm my understanding:
1. Is item B above right? :unsure:
2. If B is wrong, could you please teach me how to do it. (access to secure registers from a non-secure software).

PS: I've just entered embedded world for 8 months. I think this issue is a little bit hard for me :(. Please help me.
Thank you in advance.
1

#2 User is offline   ttfn 

  • Super Contributor
  • PipPipPipPip
  • Group: Members
  • Posts: 576
  • Joined: 29-September 06

Posted 27 March 2012 - 10:46 AM

Your understanding is correct. Code running the Normal world (non-secure) cannot access secure registers.

All interrupts default to be being "secure" - that is only handable by the Normal world. Code running in the Secure world must configure interrupt IDs as non-secure as required.
1

#3 User is offline   SeaFood 

  • Member
  • Pip
  • Group: Members
  • Posts: 4
  • Joined: 27-March 12

Posted 29 March 2012 - 10:28 AM

Thank you very much for answering me. :)

I heard that SMC instruction is a way for communicating between secure and non-secure world.
Do you have any information about this? Now, i am investigating but it seems ambiguous.:huh:
0

#4 User is offline   isogen74 

  • Super Contributor
  • PipPipPipPip
  • Group: Members
  • Posts: 1098
  • Joined: 20-March 07

Posted 29 March 2012 - 11:51 AM

The "SMC" instruction just causes the processor to trap from a non-secure privileged mode (or a secure privileged mode) into the Monitor mode at the "SVC" vector table entry in the monitor mode vector table. What happens next is entirely determined by the monitor mode software on the platform.

As you already seem to be in non-secure some code must have bootstrapped the system and switched it to non-secure, so I'd ask the provider of your secure world bootstrap or secure OS (if you have one).



When optimizing software, consider that the quickest code to run is the bit you removed from the call path.
0

#5 User is offline   SeaFood 

  • Member
  • Pip
  • Group: Members
  • Posts: 4
  • Joined: 27-March 12

Posted 29 March 2012 - 03:27 PM

Thanks for your information.
Now I understand that I can not do anything on GIC except ask the Secure team to change the ROM code setting (for secure).
Is it right? :)
1

#6 User is offline   isogen74 

  • Super Contributor
  • PipPipPipPip
  • Group: Members
  • Posts: 1098
  • Joined: 20-March 07

Posted 29 March 2012 - 10:52 PM

Yes, most likely )

They may have some "API" the non-secure world can use to access secure functionality in a was which doesn't kill the whole point of the secure world (like a system call in a typical OS, you can have "function calls" in to the secure world in principle), but it is entirely going to depend on the secure world software implementation.

HTH, Iso
When optimizing software, consider that the quickest code to run is the bit you removed from the call path.
1

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic