u-boot/doc/README.fsl-trustzone-components
Bhupesh Sharma 9c66ce662c fsl-ch3/lowlevel: TZPC and TZASC programming to configure non-secure accesses
This patch ensures that the TZPC (BP147) and TZASC-400 programming
happens for LS2085A SoC only when the desired config flags are
enabled and ensures that the TZPC programming is done to allow Non-secure
(NS) + secure (S) transactions only for DCGF registers.

The TZASC component is not present on LS2085A-Rev1, so the TZASC-400
config flag is turned OFF for now.

Signed-off-by: Bhupesh Sharma <bhupesh.sharma@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-02-24 13:08:06 -08:00

25 lines
1.3 KiB
Text

Freescale ARM64 SoCs like LS2085A have ARM TrustZone components like
TZPC-BP147 (TrustZone Protection Controller) and TZASC-400 (TrustZone
Address Space Controller).
While most of the configuration related programming of these peripherals
is left to a root-of-trust security software layer (running in EL3
privilege mode), but still some configurations of these peripherals
might be required while the bootloader is executing in EL3 privilege
mode. The following sections define how to turn on these features for
LS2085A like SoCs.
TZPC-BP147 (TrustZone Protection Controller)
============================================
- Depends on CONFIG_FSL_TZPC_BP147 configuration flag.
- Separates Secure World and Normal World on-chip RAM (OCRAM) spaces.
- Provides a programming model to set access control policy via the TZPC
TZDECPROT Registers.
TZASC-400 (TrustZone Address Space Controller)
==============================================
- Depends on CONFIG_FSL_TZASC_400 configuration flag.
- Separates Secure World and Normal World external memory spaces for bus masters
such as processors and DMA-equipped peripherals.
- Supports 8 fully programmable address regions, initially inactive at reset,
and one base region, always active, that covers the remaining address space.