diff options
author | Bhupesh Sharma <bhupesh.sharma@freescale.com> | 2015-01-06 13:11:21 -0800 |
---|---|---|
committer | York Sun <yorksun@freescale.com> | 2015-02-24 13:08:06 -0800 |
commit | 9c66ce662c076fc1f5e57c4e72126e41d56d0b80 (patch) | |
tree | bb3c49d17da0fad2006a3dc2a26d96af08161bf1 /doc/README.fsl-trustzone-components | |
parent | 38dac81b3d0e777f301ca98100bfbcab01d616c2 (diff) | |
download | u-boot-imx-9c66ce662c076fc1f5e57c4e72126e41d56d0b80.zip u-boot-imx-9c66ce662c076fc1f5e57c4e72126e41d56d0b80.tar.gz u-boot-imx-9c66ce662c076fc1f5e57c4e72126e41d56d0b80.tar.bz2 |
fsl-ch3/lowlevel: TZPC and TZASC programming to configure non-secure accesses
This patch ensures that the TZPC (BP147) and TZASC-400 programming
happens for LS2085A SoC only when the desired config flags are
enabled and ensures that the TZPC programming is done to allow Non-secure
(NS) + secure (S) transactions only for DCGF registers.
The TZASC component is not present on LS2085A-Rev1, so the TZASC-400
config flag is turned OFF for now.
Signed-off-by: Bhupesh Sharma <bhupesh.sharma@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Diffstat (limited to 'doc/README.fsl-trustzone-components')
-rw-r--r-- | doc/README.fsl-trustzone-components | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/doc/README.fsl-trustzone-components b/doc/README.fsl-trustzone-components new file mode 100644 index 0000000..a3afd1f --- /dev/null +++ b/doc/README.fsl-trustzone-components @@ -0,0 +1,25 @@ +Freescale ARM64 SoCs like LS2085A have ARM TrustZone components like +TZPC-BP147 (TrustZone Protection Controller) and TZASC-400 (TrustZone +Address Space Controller). + +While most of the configuration related programming of these peripherals +is left to a root-of-trust security software layer (running in EL3 +privilege mode), but still some configurations of these peripherals +might be required while the bootloader is executing in EL3 privilege +mode. The following sections define how to turn on these features for +LS2085A like SoCs. + +TZPC-BP147 (TrustZone Protection Controller) +============================================ +- Depends on CONFIG_FSL_TZPC_BP147 configuration flag. +- Separates Secure World and Normal World on-chip RAM (OCRAM) spaces. +- Provides a programming model to set access control policy via the TZPC + TZDECPROT Registers. + +TZASC-400 (TrustZone Address Space Controller) +============================================== +- Depends on CONFIG_FSL_TZASC_400 configuration flag. +- Separates Secure World and Normal World external memory spaces for bus masters + such as processors and DMA-equipped peripherals. +- Supports 8 fully programmable address regions, initially inactive at reset, + and one base region, always active, that covers the remaining address space. |