A typical Hypervisor is limited only by the processor. It does not protect against other DMA masters . For more information, see the Wikipedia DMA Attack web page. Other attacks, such as Cold Boot , need another mechanism, such as nullable memory, to prevent exploitation. This TrustZone is not a complete security solution, but most of it. Since ARM is only a processor, a mechanism for controlling other bus masters is not specified. In addition to DMA Masters , alternative processors also pose a threat to memory sharing. To solve this problem, some secondary CPUs have TrustZone . That is, they will always mark transactions with the NS bit (bit 33 rd ).
In contrast, the Hypervisor is rarely limited to two worlds. Hypervisors host any number of operating systems. TrustZone has only two worlds; safe and normal. Although every world can have a supervisor control OS, with many separate threads, tasks, or processes that the OS allows.
Description of DMA Attack . Unlike a hardware bit, Hypervisor typically uses a CPU MMU to restrict access to software. This will not prevent alternative BUS Masters from accessing memory. If software limited by Hypervisor can manage individual BUS wizards, they can capture memory that must be protected. DMA uses physical addresses and transfers the MMU and Hypervisor general protection.
DMA Attack bypasses CPU protection by using something outside the CPU to access memory. TrustZone , protection is NOT in the CPU, but in the BUS controller. See NIC301 for a sample CPU ARM TrustZone just allows the processor to support four modes; secure supervisor, secure user, normal supervisor and regular user. A conventional ARM processor only supports the separation of users and supervisors with all hosted OSs in a user mode hypervisor ; typically, all DMA peripherals operate with a privileged supervisor, and the value is often hardcoded in SOC.