TZC internal peripheral

1. Article purpose[edit source]

The purpose of this article is to:

• briefly introduce the TZC peripheral and its main features
• indicate the level of security supported by this hardware block
• explain how it can be allocated to the three runtime contexts and linked to the corresponding software components
• explain, when necessary, how to configure the TZC peripheral.

2. Peripheral overview[edit source]

The TZC peripheral is used to filter read/write accesses to the DDR controller according to TrustZone access rights, and according to Non-Secure master Address ID (NSAID) on up to 9 programmable regions.

2.1. Features[edit source]

Refer to the STM32MP15 reference manuals for the complete list of features, and to the software components, introduced below, to see which features are implemented.

2.2. Security support[edit source]

The TZC is a secure peripheral.

3. Peripheral usage and associated software[edit source]

3.1. Boot time[edit source]

The TZC is configured at boot time to setup DDR accesses.

3.2. Runtime[edit source]

3.2.1. Overview[edit source]

The TZC is a system peripheral and is controlled by the Arm^® Cortex^®-A7 secure.

3.2.2. Software frameworks[edit source]

Internal peripherals software table template

| Security
| TZC
| OP-TEE TZC driver
| 
| 
|
|-
|}

3.2.3. Peripheral configuration[edit source]

The configuration is applied by the firmware running in the secure context.

This configuration is done in TF-A or in OP-TEE.

3.2.4. Peripheral assignment[edit source]

Internal peripherals assignment table template

| rowspan="1" | Security
| rowspan="1" | TZC
| TZC
| ✓
| 
|
|
|-

|}

4. How to go further[edit source]

The TZC is an Arm^® peripheral: TZC-400 TrustZone Address Space Controller^[1]

5. References[edit source]