1. Article purpose[edit source]
The purpose of this article is to:
- briefly introduce the TZC peripheral and its main features
- indicate the level of security supported by this hardware block
- explain how it can be allocated to the runtime contexts and linked to the corresponding software components
- explain, when necessary, how to configure the TZC peripheral.
2. Peripheral overview[edit source]
The TZC peripheral is used to filter read/write accesses to the DDR controller according to TrustZone access rights, and according to Non-Secure master Address ID (NSAID) on up to 9 programmable regions.
2.1. Features[edit source]
Refer to the STM32MP15 reference manuals for the complete list of features, and to the software components, introduced below, to see which features are implemented.
2.2. Security support[edit source]
The TZC is a secure peripheral.
3. Peripheral usage and associated software[edit source]
3.1. Boot time[edit source]
The TZC is configured at boot time to setup DDR accesses.
3.2. Runtime[edit source]
3.2.1. Overview[edit source]
The TZC is a system peripheral and is controlled by the Arm® Cortex®-A7 secure.
3.2.2. Software frameworks[edit source]
Internal peripherals software table template
| Security | TZC | OP-TEE TZC driver | | | |- |}
3.2.3. Peripheral configuration[edit source]
The configuration is applied by the firmware running in the secure context.
This configuration is done in TF-A or in OP-TEE.
3.2.4. Peripheral assignment[edit source]
Internal peripherals assignment table template
| rowspan="1" | Security | rowspan="1" | TZC | TZC | ✓ | | | |-
|}
4. How to go further[edit source]
The TZC is an Arm® peripheral: TZC-400 TrustZone Address Space Controller[1]
5. References[edit source]