Understanding ARMv8‑A Exception Levels and Security States

1. ARMv8‑A Exception Levels and Security States

ARMv8‑A defines four exception levels (EL0‑EL3). Higher EL numbers grant greater privilege. EL0 is unprivileged execution, EL1 runs the OS kernel, EL2 supports non‑secure virtualization, and EL3 handles transitions between secure and non‑secure states, related to ARM TrustZone. In secure state a Trusted Execution Environment (TEE) can protect privacy‑sensitive data and applications.

Typical usage model:

Applications run at EL0.

Operating‑system kernel and related services run at EL1.

Hypervisors run at EL2.

Switching between secure and normal worlds occurs at EL3.

The diagram below shows the relationship among execution state, security state, and exception levels in the ARM‑v8A architecture.

From the diagram, hypervisor‑related features are mainly implemented in the non‑secure state of EL2. The hypervisor enables switching between virtual machines, which reside in the non‑secure states of EL1 and EL0. Guest operating systems can run in EL1, each within its own VM, while applications run in EL0 within the guest OS.

2. Conclusion

This article introduced ARMv8‑A exception levels and security states. The next installment will discuss descriptors related to ARMv8 chips in openEuler.