English
Language : 

SAMA5D43_14 Datasheet, PDF (48/1776 Pages) ATMEL Corporation – Atmel | SMART ARM-based Embedded MPU
10.4.5 Addresses in the Cortex-A5 processor
The Cortex-A5 processor operates using virtual addresses (VAs). The Memory Management Unit (MMU)
translates these VAs into the physical addresses (PAs) used to access the memory system. Translation tables
hold the mappings between VAs and PAs.
See the ARM Architecture Reference Manual, ARMv7-A and ARMv7-R edition for more information.
When the Cortex-A5 processor is executing in Non-secure state, the processor performs translation table look-ups
using the Non-secure versions of the Translation Table Base Registers. In this situation, any VA can only translate
into a Non-secure PA. When it is in Secure state, the Cortex-A5 processor performs translation table look-ups
using the Secure versions of the Translation Table Base Registers. In this situation, the security state of any VA is
determined by the NS bit of the translation table descriptors for that address.
Following is an example of the address manipulation that occurs when the Cortex-A5 processor requests an
instruction:
1. The Cortex-A5 processor issues the VA of the instruction as Secure or Non-secure VA accesses according to the
state the processor is in.
2. The instruction cache is indexed by the bits of the VA. The MMU performs the translation table look-up in
parallel with the cache access. If the processor is in the Secure state it uses the Secure translation tables,
otherwise it uses the Non-secure translation tables.
3. If the protection check carried out by the MMU on the VA does not abort and the PA tag is in the instruction
cache, the instruction data is returned to the processor.
4. If there is a cache miss, the MMU passes the PA to the AXI bus interface to perform an external access. The
external access is always Non-secure when the core is in the Non-secure state. In the Secure state, the
external access is Secure or Non-secure according to the NS attribute value in the selected translation table
entry. In Secure state, both L1 and L2 translation table walk accesses are marked as Secure, even if the first
level descriptor is marked as NS.
10.4.6 Security Extensions Overview
The purpose of the Security Extensions is to enable the construction of a secure software environment. See the
ARM Architecture Reference Manual, ARMv7-A and ARMv7-R edition for details of the Security Extensions.
10.4.6.1 System Boot Sequence
CAUTION: The Security Extensions enable the construction of an isolated software environment for more secure
execution, depending on a suitable system design around the processor. The technology does not protect the
processor from hardware attacks, and care must be taken to be sure that the hardware containing the reset
handling code is appropriately secure.
The processor always boots in the privileged Supervisor mode in the Secure state, with the NS bit set to 0. This
means that code that does not attempt to use the Security Extensions always runs in the Secure state. If the
software uses both Secure and Non-secure states, the less trusted software, such as a complex operating system
and application code running under that operating system, executes in Non-secure state, and the most trusted
software executes in the Secure state.
The following sequence is expected to be typical use of the Security Extensions:
1. Exit from reset in Secure state.
2. Configure the security state of memory and peripherals. Some memory and peripherals are accessible only
to the software running in Secure state.
3. Initialize the secure operating system. The required operations depend on the operating system, and include
initialization of caches, MMU, exception vectors, and stacks.
48 SAMA5D4 Series [DATASHEET]
Atmel-11238A-ATARM-SAMA5D4-Datasheet_30-Sep-14