

### **Cortex-M IDAU Frequently Asked Questions**

Version 1.0

Non-Confidential

Copyright  $\ensuremath{\mathbb{C}}$  2023 Arm Limited (or its affiliates). All rights reserved.

**Issue 01** 109508\_0100\_01\_en



### Cortex-M IDAU Frequently Asked Questions

Copyright © 2023 Arm Limited (or its affiliates). All rights reserved.

#### Release information

#### **Document history**

| Issue   | Date            | Confidentiality  | Change          |
|---------|-----------------|------------------|-----------------|
| 0100-01 | 4 December 2023 | Non-Confidential | Initial release |

### **Proprietary Notice**

This document is protected by copyright and other related rights and the practice or implementation of the information contained in this document may be protected by one or more patents or pending patent applications. No part of this document may be reproduced in any form by any means without the express prior written permission of Arm. No license, express or implied, by estoppel or otherwise to any intellectual property rights is granted by this document unless specifically stated.

Your access to the information in this document is conditional upon your acceptance that you will not use or permit others to use the information for the purposes of determining whether implementations infringe any third party patents.

THIS DOCUMENT IS PROVIDED "AS IS". ARM PROVIDES NO REPRESENTATIONS AND NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE WITH RESPECT TO THE DOCUMENT. For the avoidance of doubt, Arm makes no representation with respect to, and has undertaken no analysis to identify or understand the scope and content of, patents, copyrights, trade secrets, or other rights.

This document may include technical inaccuracies or typographical errors.

TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL ARM BE LIABLE FOR ANY DAMAGES, INCLUDING WITHOUT LIMITATION ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF ANY USE OF THIS DOCUMENT, EVEN IF ARM HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

This document consists solely of commercial items. You shall be responsible for ensuring that any use, duplication or disclosure of this document complies fully with any relevant export laws and regulations to assure that this document or any portion thereof is not exported, directly

or indirectly, in violation of such export laws. Use of the word "partner" in reference to Arm's customers is not intended to create or refer to any partnership relationship with any other company. Arm may make changes to this document at any time and without notice.

This document may be translated into other languages for convenience, and you agree that if there is any conflict between the English version of this document and any translation, the terms of the English version of the Agreement shall prevail.

The Arm corporate logo and words marked with ® or ™ are registered trademarks or trademarks of Arm Limited (or its affiliates) in the US and/or elsewhere. All rights reserved. Other brands and names mentioned in this document may be the trademarks of their respective owners. Please follow Arm's trademark usage guidelines at https://www.arm.com/company/policies/trademarks.

Copyright © 2023 Arm Limited (or its affiliates). All rights reserved.

Arm Limited. Company 02557590 registered in England.

110 Fulbourn Road, Cambridge, England CB1 9NJ.

(LES-PRE-20349|version 21.0)

### **Confidentiality Status**

This document is Non-Confidential. The right to use, copy and disclose this document may be subject to license restrictions in accordance with the terms of the agreement entered into by Arm and the party that Arm delivered this document to.

Unrestricted Access is an Arm internal classification.

#### **Product Status**

The information in this document is Final, that is for a developed product.

#### **Feedback**

Arm welcomes feedback on this product and its documentation. To provide feedback on the product, create a ticket on https://support.developer.arm.com

To provide feedback on the document, fill the following survey: https://developer.arm.com/documentation-feedback-survey.

### Inclusive language commitment

Arm values inclusive communities. Arm recognizes that we and our industry have used language that can be offensive. Arm strives to lead the industry and create change.

We believe that this document contains no offensive language. To report offensive language in this document, email terms@arm.com.

### **Contents**

| 1. Cortex-M IDAU Frequently Asked Questions                                                                                                                  | 6  |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------|----|
| 1.1 What is an IDAU?                                                                                                                                         | .6 |
| 1.2 Are there any documents that explain IDAU implementation and configuration?                                                                              | .6 |
| 1.3 What is the difference between an SAU and an IDAU?                                                                                                       | 6  |
| 1.4 What are the possible Security attribution unit configurations available in Cortex-M/Armv8-l based processors?                                           |    |
| 1.5 Which Security attribution unit has higher precedence - SAU or IDAU?                                                                                     | 8  |
| 1.6 Can the IDAU override the security attribution to Non-secure during the out of reseasequence?                                                            |    |
| 1.7 Why do I need an IDAU when I already have an SAU?                                                                                                        | .9 |
| 1.8 Do we have any internal processor register that shows the IDAU security attribution? How do verify whether the security attribution is from SAU or IDAU? |    |
| 1.9 Does the IDAU affect the processor's internal PPB registers accesses?                                                                                    | .9 |
| 1.10 Do Cortex-M and Armv8-M based processors implement IDAU within the processor level?1                                                                    |    |
| 1.11 What is the role of the IDAU interface in Cortex-M processors?                                                                                          | .0 |
| 1.12 Does Arm provide an example IDAU implementation?                                                                                                        | .1 |
| 1.13 I want to implement an IDAU that has configurable regions. Do IDAU and SAU region numbe have to be identical?1                                          |    |
| 1.14 Is it a requirement that the Full IDAU returns different IDs for memory regions that differ security attributes or are non-contiguous?                  |    |
| 1.15 To simplify my IDAU design, can I mark an INVALID memory region with the EXEMP attribute?                                                               |    |

## 1. Cortex-M IDAU Frequently Asked Questions

This document provides answers for frequently asked questions related to the Implementation Defined Attribution Unit (IDAU) in Cortex-M/Armv8-M based systems.

### 1.1 What is an IDAU?

IDAU stands for Implementation Defined Attribution Unit. The IDAU defines memory regions as Secure, Non-secure, Non-secure Callable, or exempt from Security checking. The IDAU provides address lookups and generates Security attributes for the address being accessed. If the processor is designed to handle multiple concurrent transfers, it must have multiple IDAUs. These IDAUs must have consistent security attribute mappings.

## 1.2 Are there any documents that explain IDAU implementation and configuration?

Yes. The TrustZone Technology Microcontroller System Hardware Design Concepts User Guide explains how a system memory can be partitioned. It also provides some of the recommendations for an IDAU implementation from a system designer point of view.

### 1.3 What is the difference between an SAU and an IDAU?

In Cortex-M/Armv8-M based processors that implement the Security Extensions, the Security attribution of a memory region is controlled by a combination of two attribution units:

- Security Attribution Unit (SAU)
- Implementation Defined Attribution Unit (IDAU)

The SAU is programmable in Secure state and has a programmers' model similar to the Memory Protection Unit (MPU). The IDAU is external to the processor and requires implementation by the chip designer.

Figure 1-1: IDAU responder



Both the SAU and IDAU are independently optional, and the final memory Security attribution is determined by the stricter Security attribution specified by the SAU or by the IDAU.

# 1.4 What are the possible Security attribution unit configurations available in Cortex-M/Armv8-M based processors?

There are three possible configurations of the attribution units:

- 1. SAU only Implemented within the processor. Memory partition can only be based on the number of SAU regions implemented in the system. Software programming of SAU regions is possible.
- 2. IDAU only Implemented by chip designer at system level. Recommended for systems that have a fixed memory map configuration and do not need run-time configuration of security attributes
- 3. SAU and IDAU Gives more flexibility in memory partitioning because both the IDAU and SAU are available in a system.

### 1.5 Which Security attribution unit has higher precedenceSAU or IDAU?

Higher precedence is not based on the attribution unit, rather it is based on the security attribution type.

The IDAU does not overrule the SAU, nor does the SAU overrule the IDAU. Instead, the processor takes the more restrictive security attribute of the two. For example, if the IDAU marks a region as Secure but the SAU marks it as Non-secure, the processor treats it as Secure. Similarly, if the SAU marks a region as Secure and the IDAU marks it as Non-Secure, then the processor treats it as Secure. This is shown in the following figure.

Figure 1-2: Security attribution precedence



## 1.6 Can the IDAU override the security attribution to Non-secure during the out of reset sequence?

No.

Out of reset, the processor always enters into Secure state. Generally, this is handled by the SAU\_CTRL.ALLNS bit. When the SAU\_CTRL.ALL\_NS bit is zero, the entire memory (except PPB) space is marked as Secure. After the reset sequence, Secure boot software can allow the security level for all memory regions to be specified by an IDAU by disabling all the SAU regions and setting SAU CTRL.ALLNS to 1.

### 1.7 Why do I need an IDAU when I already have an SAU?

Consider an implementation that has only an SAU. The number of SAU regions is defined by the chip designer, for example 4 or 8. The number of SAU regions might not provide the software programmer with enough flexibility. Alternatively, chip designers can implement an IDAU to define a default security attribution for the system's memory map. The SAU can be optionally used to override the IDAU's security attributes for some parts of the memory where default settings are not suitable. It is also possible to implement a fixed (non-programmable) IDAU configuration for systems that require lower gate counts.

# 1.8 Do we have any internal processor register that shows the IDAU security attribution? How do I verify whether the security attribution is from SAU or IDAU?

From a software programmer's perspective, a Test Target (TT) instruction can be used to check whether the memory address configuration is from either SAU or IDAU. Also, as a part of Cortex-M Security Extensions (CMSE), TT intrinsics are available to get the security attribution information. For more information, refer to Armv8-M Security Extensions – Requirements on Development Tools.

## 1.9 Does the IDAU affect the processor's internal PPB registers accesses?

Internal PPB registers for peripherals like MPU, SysTick, DWT, FPB, and so on, are exempt from memory attribution by both the SAU and IDAU. For more information on the memory regions that are exempted by default, refer to the Armv8-M Architecture Reference Manual Rules R-LDTN and R-FGDW.

## 1.10 Do Cortex-M and Armv8-M based processors implement IDAU within the processor level?

No.

The IDAU is a simple hardware unit that needs to be designed by chip vendors at the SoC level. Cortex-M processors (based on Armv8-M architecture such as Cortex-M33 or Cortex-M55) contain common IDAU interfaces. When an address is presented on these IDAU interfaces, a combinatorial response on the security attribute (for example, Secure, Non-secure, NSC, or Exempt) is expected back from the IDAU logic corresponding to the memory address.

### 1.11 What is the role of the IDAU interface in Cortex-M processors?

In general, the IDAU interface is processor-specific. Further details on a specific Cortex-M processor's IDAU interface are available in the processor's Technical Reference Manual (TRM) and Implementation and Integration Manual (IIM).

However, there is a high similarity between the IDAU interfaces on different Cortex-M processors. Here is an example IDAU interface.

Figure 1-3: Example IDAU interface



- The address granularity of Secure/Non-secure partitions could be as low as 32-bytes.
- The IDAU region number value for each region must be unique. All Non-secure regions should have unique valid region numbers.
- The IDAUs allows designers to define exempted regions. To reduce the risk of code injection attacks, exempted regions must always be in Non-executable address range.

• If there are two IDAU interfaces in a processor (For example the Cortex-M33), then the mapping of the security attributes for the two IDAUs must be identical.

Each Cortex-M processor may provide a different number of IDAU interfaces. For example:



- 1. Cortex-M33 has two IDAU interfaces IDAU-A and IDAU-B. IDAU-A is for instruction accesses and IDUA-B is for data accesses.
- 2. Cortex-M55 has three IDAU interfaces IDAU-A is for instruction access and IDAU-B/IDAU-C interfaces are for data accesses.
- 3. Cortex-M85 has four IDAU interfaces IDAU-A is for instruction access and the remaining IDAU interfaces are for data accesses.

In theory it is possible to design the IDAU to be programmable. However, the signals on the IDAU interface are likely to be on timing-critical paths which can make a complex IDAU impractical and could result in a higher gate count in the design. As a result, it is recommended that the IDAUs provide simple memory mapping with limited configurability.

### 1.12 Does Arm provide an example IDAU implementation?

No.

Arm does not provide IDAU as an end deliverable to customers. Rather it is expected that chip or SoC designers will implement IDAU logic as per their requirements. An example IDAU implementation is available within the processor IP execution testbench deliverable.

## 1.13 I want to implement an IDAU that has configurable regions. Do IDAU and SAU region numbers have to be identical?

No, the region numbers need not be same.

# 1.14 Is it a requirement that the Full IDAU returns different IDs for memory regions that differ in security attributes or are non-contiguous?

Yes. To achieve better security in a Full IDAU configuration, it is required to return three different IDs (Secure, Non-secure, and NSC) to allow Secure software to perform reliable security verification using the TT instruction.

## 1.15 To simplify my IDAU design, can I mark an INVALID memory region with the EXEMPT attribute?

Marking an INVALID memory region (that is, memory without region numbers) with an EXEMPT region has serious downsides. Specifically:

- The TT instruction is used by some CMSE library functions to check ranges of addresses. If a region does not have a number, these library functions might not behave as expected. For example, if a pointer to a region without a number is passed from Non-secure software to Secure software.
- There is no way to change the security attributes on a region that is marked as exempt, and that region will always be accessible to both security states at all times.

Hence it is recommended that setting a region to be Non-secure by default is a safe option as it can be overridden by the SAU. Also, it is highly recommended to mark a memory region as exempt only where there are no security concerns within the system. Marking large areas of address space as exempt by default can lead to dangerous security issues.