3.3.3 Ensuring the cache handles memory modifications

The instruction cache does not support the ability to maintain coherency between an external code location with a corresponding cache line that is already in the cache.

Note:

The ICache is active and can monitor the transactioncan and maintain coherent memory modification, when the related INVMAT feature is enabled.

If the external location is to be modified (and INVMAT is not allowed), the system software must invalidate the cache and wait until the invalidate complete interrupt arrives. Having Secure cached lines in the cache that are not coherent to the lines in external code memory is a security issue that must be avoided. To maintain coherency when modifying code space contents:

  1. Disable the instruction cache, and wait until the disable complete interrupt os status is present.
  2. Manually invalidate the full instruction cache, and wait until the invalidation process finishes with an invalidate complete interrupt is present or the interrupt status is set.
  3. Modify the code space content.
  4. Re-enable the instruction cache, and wait until the enable complete interrupt os corresponding status is set.

If SAU or MPC is modified so that a region in memory that is recently cached has moved from one security setting to another, because the instruction cache maintains the security attribute, it is not allowed a hit on the cached line using the new security attribute and results in a cache miss. Therefore, this can result in Secure and Non-secure versions of the same memory location residing in the cache and reducing its efficiency. It can also potentially pose a security risk if the older cache line is accessed again with the original access attribute when it is no longer intended to be available in that world. Therefore, Arm recommends that you invalidate the cache to avoid this risk. To maintain coherency (including potential changes during reduced power state/disabled cache) and security when modifying code space contents security attributes:

  1. Disable the instruction cache, and wait until the disable complete interrupt os status is present.
  2. Manually invalidate the instruction cache, and wait until the invalidation process finishes with an invalidate complete interrupt is present or the interrupt status is set.
  3. Reprogram and reconfigure the code area contents and security behavior.
  4. Enable the instruction cache, and wait until the enable complete interrupt os corresponding status is set.
Non-ConfidentialPDF file icon PDF version101104_0200_00_en
Copyright © 2016–2018 Arm Limited or its affiliates. All rights reserved.