When I last deep dived to the cellular hardware, Radio always had its sealed off processor with a postbox firmware upload port. After initializing it, you left it alone and just used the comm-ports to talk with it.
As far as I understand, in the name of efficiency and compactness, they are on the same silicon now.
Are they still a different CPU core or just run on the main processor block?
The baseband is essentially ring -1, it has its own processor but it has access to the main memory, and often also the cache lines.
Wether or not all of the main memory is and even can be mapped I don’t know, I have no idea what CPU each baseband is running however in some designs it has direct access to the SoC MMU which means it could dump the entire memory over the wire to anyone.
The interfaces with the BB are also “virtual” this is done for various reasons including ease of integration with various operating systems so even if you on the OS level talk to it via the legacy serial COM interface using AT commands the hardware itself doesn’t actually have an isolated COM interface (that could be turned off) the SoC just emulates it.
Of SoC basebands have USB/Serial interfaces directly which could potentially be isolated and turned off when the BB isn’t in use, however the cost of that is usually very poor performance and limited capabilities at which point you might as well carry a portable cellular hotspot which you can physically turn off when you don’t need data or voice.
Also keep in mind that taking out the SIM card doesn’t prevent the baseband from talking to towers, it can still technically make calls the towers just usually don’t allow anyone to register without a subscriber ID which is stored on the SIM, and with eSIM you basically even lose the ability to control that.
As far as I understand, in the name of efficiency and compactness, they are on the same silicon now.
Are they still a different CPU core or just run on the main processor block?