TZC internal peripheral

1 Article purpose[edit]

The purpose of this article is to:

  • briefly introduce the TZC peripheral and its main features
  • indicate the level of security supported by this hardware block
  • explain how it can be allocated to the three runtime contexts and linked to the corresponding software components
  • explain, when necessary, how to configure the TZC peripheral.

2 Peripheral overview[edit]

The TZC peripheral is used to filter read/write accesses to the DDR controller according to TrustZone access rights, and according to Non-Secure master Address ID (NSAID) on up to 9 programmable regions.

2.1 Features[edit]

Refer to the STM32MP15 reference manuals for the complete list of features, and to the software components, introduced below, to see which features are implemented.

2.2 Security support[edit]

The TZC is a secure peripheral.

3 Peripheral usage and associated software[edit]

3.1 Boot time[edit]

The TZC is configured at boot time to setup DDR accesses.

3.2 Runtime[edit]

3.2.1 Overview[edit]

The TZC is a system peripheral and is controlled by the Arm® Cortex®-A7 secure.

3.2.2 Software frameworks[edit]

Internal peripherals software table template

| Security
| OP-TEE TZC driver

3.2.3 Peripheral configuration[edit]

The configuration is applied by the firmware running in the secure context.

This configuration is done in TF-A or in OP-TEE.

3.2.4 Peripheral assignment[edit]

Internal peripherals assignment table template

| rowspan="1" | Security
| rowspan="1" | TZC

4 How to go further[edit]

The TZC is an Arm® peripheral: TZC-400 TrustZone Address Space Controller[1]

5 References[edit]