1 Article purpose[edit source]
The purpose of this article is to:
- briefly introduce the TZC peripheral and its main features
- indicate the level of security supported by this hardware block
- explain how it can be allocated to the three runtime contexts and linked to the corresponding software components
- explain, when necessary, how to configure the TZC peripheral.
2 Peripheral overview[edit source]
The TZC peripheral is used to filter read/write accesses to the DDR controller according to TrustZone access rights, and according to Non-Secure master Address ID (NSAID) on up to 9 programmable regions.
2.1 Features[edit source]
Refer to the STM32MP15 reference manuals for the complete list of features, and to the software components, introduced below, to see which features are implemented.
2.2 Security support[edit source]
The TZC is a secure peripheral.
3 Peripheral usage and associated software[edit source]
3.1 Boot time[edit source]
The TZC is configured at boot time to setup DDR accesses.
3.2 Runtime[edit source]
3.2.1 Overview[edit source]
The TZC is a system peripheral and is controlled by the Arm® Cortex®-A7 secure.
3.2.2 Software frameworks[edit source]
Internal peripherals software table template
| Security | TZC | OP-TEE TZC driver | | | |- |}
3.2.3 Peripheral configuration[edit source]
The configuration is applied by the firmware running in the secure context.
This configuration is done in TF-A or in OP-TEE.
3.2.4 Peripheral assignment[edit source]
Internal peripherals assignment table template
| rowspan="1" | Security | rowspan="1" | TZC | TZC | ✓ | | | |-
|}
4 How to go further[edit source]
The TZC is an Arm® peripheral: TZC-400 TrustZone Address Space Controller[1]
5 References[edit source]