summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorTom Rini <trini@ti.com>2015-02-25 18:14:18 -0500
committerTom Rini <trini@ti.com>2015-02-25 18:14:18 -0500
commit1606b34aa50804227806971dbb6b82ea0bf81f55 (patch)
tree5c7570722616c6509f6f9126521d0c69c2614f8d /doc
parent47d8ae4069b47ce966c0c5e0d8dd041e69ee1f86 (diff)
parent94e3c8c4fd7bfe395fa467973cd647551d6d98c7 (diff)
downloadu-boot-imx-1606b34aa50804227806971dbb6b82ea0bf81f55.zip
u-boot-imx-1606b34aa50804227806971dbb6b82ea0bf81f55.tar.gz
u-boot-imx-1606b34aa50804227806971dbb6b82ea0bf81f55.tar.bz2
Merge branch 'master' of git://git.denx.de/u-boot-fsl-qoriq
Diffstat (limited to 'doc')
-rw-r--r--doc/README.fsl-trustzone-components25
1 files changed, 25 insertions, 0 deletions
diff --git a/doc/README.fsl-trustzone-components b/doc/README.fsl-trustzone-components
new file mode 100644
index 0000000..a3afd1f
--- /dev/null
+++ b/doc/README.fsl-trustzone-components
@@ -0,0 +1,25 @@
+Freescale ARM64 SoCs like LS2085A have ARM TrustZone components like
+TZPC-BP147 (TrustZone Protection Controller) and TZASC-400 (TrustZone
+Address Space Controller).
+
+While most of the configuration related programming of these peripherals
+is left to a root-of-trust security software layer (running in EL3
+privilege mode), but still some configurations of these peripherals
+might be required while the bootloader is executing in EL3 privilege
+mode. The following sections define how to turn on these features for
+LS2085A like SoCs.
+
+TZPC-BP147 (TrustZone Protection Controller)
+============================================
+- Depends on CONFIG_FSL_TZPC_BP147 configuration flag.
+- Separates Secure World and Normal World on-chip RAM (OCRAM) spaces.
+- Provides a programming model to set access control policy via the TZPC
+ TZDECPROT Registers.
+
+TZASC-400 (TrustZone Address Space Controller)
+==============================================
+- Depends on CONFIG_FSL_TZASC_400 configuration flag.
+- Separates Secure World and Normal World external memory spaces for bus masters
+ such as processors and DMA-equipped peripherals.
+- Supports 8 fully programmable address regions, initially inactive at reset,
+ and one base region, always active, that covers the remaining address space.