Is there any way to access Trusted RAM in normal domain?

I am using Juno Board with Linaro's trusted firmware.

For the convenience of debugging, I want to access the Trusted RAM(0x04000000-0x04040000) in normal domain, and directly flash the image into memory instead of erasing the flash every time. But it seems that the normal domain has no privilege to access that address region.  I attempted to add that memory region into TZC-400 with corresponding attribute, but it did not work.

But I think there should be some approach to make that region accessible to normal domain. Does anyone know the details?

Thanks very much for any help!!!

Parents
  • Hi,

    No, there is no way to make that region accessible to Non-secure accesses. Reprogramming the TZC-400 won't work, as that's only used to control the security attributes of the memory that sits behind it (i.e. DDR).

    This is a deliberate design decision to allow for a Trusted Execution Environment in the Secure world that is isolated from software running in the Normal world. One example use case for this is to host Trusted Services in the Secure world, such as for securely processing payments on a mobile device, or for DRM-protected media content playback. These Trusted Services can then be requested by software running in the Normal world (i.e. Linux).

    That whole paradigm would be inherently broken if Secure-only areas on the memory map (such as Trusted RAM) were somehow accessible to Non-secure accesses

    Unfortunately I haven't had a chance to try this, but if you're using DS-5 to upload your image to the board, you could try prefixing the load address with either EL3: or AXI<PROT=1>:. You can see us using the AXI<PROT=1>: prefix in this tutorial, as this ensures that the access is made as a Secure access. Failing that, you can try prefixing with EL3:, but note that this will use EL3's virtual address space, so you'd probably want to disable the MMU at EL3 before trying that one.

    Hope that helps,

    Ash.

Reply
  • Hi,

    No, there is no way to make that region accessible to Non-secure accesses. Reprogramming the TZC-400 won't work, as that's only used to control the security attributes of the memory that sits behind it (i.e. DDR).

    This is a deliberate design decision to allow for a Trusted Execution Environment in the Secure world that is isolated from software running in the Normal world. One example use case for this is to host Trusted Services in the Secure world, such as for securely processing payments on a mobile device, or for DRM-protected media content playback. These Trusted Services can then be requested by software running in the Normal world (i.e. Linux).

    That whole paradigm would be inherently broken if Secure-only areas on the memory map (such as Trusted RAM) were somehow accessible to Non-secure accesses

    Unfortunately I haven't had a chance to try this, but if you're using DS-5 to upload your image to the board, you could try prefixing the load address with either EL3: or AXI<PROT=1>:. You can see us using the AXI<PROT=1>: prefix in this tutorial, as this ensures that the access is made as a Secure access. Failing that, you can try prefixing with EL3:, but note that this will use EL3's virtual address space, so you'd probably want to disable the MMU at EL3 before trying that one.

    Hope that helps,

    Ash.

Children
No data
More questions in this forum