You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: chapter3.adoc
+29Lines changed: 29 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -50,3 +50,32 @@ If a MD is locked, while its preceding MD is not locked, it could lead to the po
50
50
51
51
==== Entry Protection
52
52
IOPMP entry protection is also related to the other IOPMP entries belonging to the same memory domain. For a MD, locked entries should be placed in the higher priority. Otherwise, when the secure monitor is compromised, one unlocked entry in higher priority can overwrite all the other locked or non-locked entries in lower priority. A register *ENTRYLCK* is define to indicate the number of nonprogrammable entries. *ENTRYLCK* register has two fields: *ENTRYLCK.l* and *ENTRYLCK.f*. Any IOPMP entry with index _i_ ≤ *ENTRYLCK.f* is not programmable. *ENTRYLCK.f* is initialized to 0 and can be increased only when written. Besides, *ENTRYLCK.l* is the lock to *ENTRYLCK.f* and itself. If *ENTRYLCK* is hardwired, *ENTRYLCK.l* should be wired to 1.
53
+
54
+
=== Other IOPMP Models
55
+
==== Tables Reduction
56
+
Full model comprises two tables and an array, offering substantial flexibility for configuring an IOPMP. However, this comes at the cost of increased latency and area usage. The chapter presents the other models designed to simplify these tables, thereby catering to diverse design requirements.
57
+
58
+
The IOPMP array functions as the primary repository for IOPMP entries with it's size adjustable. Sharing memory domains among RRIDs can result in shared entries between them. This sharing approach has the potential to decrease the overall footprint of the IOPMP array. Nevertheless, if a design doesn't encompass many shared regions, simplifying the SRCMD table, as demonstrated in the isolation and compact-_k_ models, could be a viable consideration.
59
+
60
+
As to MDCFG table, its primary function is to partition the entries within the IOPMP. Besides programming each *MDCFG(_m_).t* for every MD _m_, an alternative approach involves evenly distributing entries across each MD. This distribution method is implemented in the Rapid-_k_, dynamic-_k_, and compact-_k_ models.
61
+
62
+
==== Rapid-k Model
63
+
The Rapid-_k_ model is based on Full model and aims to reduce latency by eliminating the need to lookup the MDCFG table. In this model, each memory domain has exactly _k_ entries where _k_ is implementation-dependent and non-programmable. Only MDCFG(0) is utilized, rendering the implementation of MDCFG(j) unnecessary for j greater than 0. *MDCFG(0).t* store the value _k_, while *MDCFGLCK.f* is ignored and *MDCFGLCK.l* should be 1.
64
+
65
+
==== Dynamic-k Model
66
+
Dynamic-_k_ model is based on rapid-_k_ model, except the _k_ value is programmable. That is, *MDCFG(0).t* is WARL and accepts a limited set of values. *MDCFGLCK.f* is ignored, and *MDCFGLCK.l* indicates if *MDCFG(0).t* is still programmable or locked.
67
+
68
+
===== Isolation Model
69
+
The bitmap implementation of SRCMD table facilitates the sharing of regions between RRIDs. The Isolation model is specifically tailored for scenarios where there are minimal to no shared regions. In this model, each RRID is exactly associated with a single MD, eliminating the necessity for SRCMD table lookups. Each RRID _i_ is directly associated with MD _i_, resulting in advantages in terms of area, latency, and system complexity. However, duplication of entries occurs when shared regions are required, representing a potential drawback. In this model, SRCMD table and *MDLCK(H)* registers are omitted.
70
+
71
+
The number of RRIDs to support is bounded by the maximal number of MDs, 63.
72
+
73
+
There is no constraint imposed on MDCFG table and *MDCFGLCK* register.
74
+
75
+
==== Compact-k Model
76
+
The Compact-_k_ model, being the most compact variant, is based on the Isolation model. It mandates that each MD has exactly _k_ entries with _k_ being non-programmable. Only *MDCFG(0)* is implemented. *MDCFG(0).t* holds the value _k_, *MDCFGLCK.f* is ignored and *MDCFGLCK.l* is 1.
77
+
78
+
==== Model Detections
79
+
80
+
To distinguish the above models, the user can read register *HWCFG0.model* to determine the current implemented IOPMP model.
0 commit comments