0

Assuming I have a system with a TrustZone enabled CPU and off-SoC DRAM that can be protected with a TZASC (e.g. TZC-400). How is access to the TZASC registers that are used to configure the access permissions for the DRAM regions controlled?

If I configure the permissions during boot up but do not lock them down because I might want to change them during run-time, can every code running in secure mode reconfigure the TZASC or is only the code running in privileged secure mode(monitor code, secure OS kernel) able to do that?

Eser
  • 13
  • 2

1 Answers1

1

TZASC register access is also 'on the bus'. Typical ARM TrustZone solutions have two type of access control. One for memory devices and another for device mapped memory. The TZASC register set is a device. So, the access control to it will be through the 'device mapped memory' control. For example on Freescale/NXP iMx product this is controlled by the CSU.

Locking the TZASC during secure boot insures that the mapping can not change. If you need a dynamic mapping then you have the flexiblity to use whatever the device memory control support. This is different for every ARM Soc.

Related

artless noise
  • 21,212
  • 6
  • 68
  • 105
  • Thanks for the comment and the links. However, I am not sure if I understand correctly what you mean with 'memory devices' and 'device mapped memory'. Also also couldn't find those terms in any documentation. Are you talking about bus master and slaves? – Eser Jun 28 '17 at 11:27
  • A memory device can 'partition' or carve the memory into sections. A protection for device memory is usually all or nothing. It means there is no 'sizing registers' and only a few bits for user/super/world and possibly read/write access. What is your SOC and possible technical PDF? Sometimes the trustzone peripherals are under NDA/security restriction and are not open documents. – artless noise Jun 28 '17 at 12:49
  • I will work on the i.MX6 Quad SABRE development board. So the memory device protecting the off-SoC DRAM is the TZC-380 which can partition the DRAM into several secure/non-secure parts and the protection of the registers of the TZC-380 is done over the CSU which allows them to be accessible either from normal OR from secure world? Is that correct? – Eser Jun 28 '17 at 22:39
  • Yes, exactly. If you choose the option not to lock the TZC during secure boot. Also, the CSU gives read/write permissions to world/user mode. – artless noise Jun 29 '17 at 13:00