Can I make ETM and PMU secure access only?

ARMv8 manual says that we can make system register access to trace registers and PMU registers trap to EL3. However, ETM and PMU in Juno can be accessed through memory-mapping interface. Is there anyway to make the memory-mapping access also trapping to EL3 or secure only?

Also, I found that TrustZone Protection Controller should be able to control the accessibility of peripherals, does Juno contain TZPC?

Parents
  • Hi Zhenyu,

    Architecturally, no - the sane default is that if Secure debug is enabled then Non-Secure debug is enabled, too. What the architecture (and implementation on Juno) offers is a way to prevent the ETM and PMU emitting trace or performance data while in Secure state, and also nominally in EL2 for Non-Secure.

    If there is some kind of protection controller in the system that allows ETM and PMU access from the Secure world but not the Non-Secure world then it would have to be integrated at the cluster level or at a higher level placed between the APB interconnect inside the DAP and the system interconnect. It might be possible to prevent access to the entire debug APB since they'll all share a master port on the system interconnect (which a TZPC might be able to reconfigure access to), but I'm not sure that is implemented on Juno. If it is, then the effect is loss of access to all the debug components in the Non-Secure world, not just the ETM and PMU, which might not be what you want.

    Ta,

    Matt

Reply
  • Hi Zhenyu,

    Architecturally, no - the sane default is that if Secure debug is enabled then Non-Secure debug is enabled, too. What the architecture (and implementation on Juno) offers is a way to prevent the ETM and PMU emitting trace or performance data while in Secure state, and also nominally in EL2 for Non-Secure.

    If there is some kind of protection controller in the system that allows ETM and PMU access from the Secure world but not the Non-Secure world then it would have to be integrated at the cluster level or at a higher level placed between the APB interconnect inside the DAP and the system interconnect. It might be possible to prevent access to the entire debug APB since they'll all share a master port on the system interconnect (which a TZPC might be able to reconfigure access to), but I'm not sure that is implemented on Juno. If it is, then the effect is loss of access to all the debug components in the Non-Secure world, not just the ETM and PMU, which might not be what you want.

    Ta,

    Matt

Children
More questions in this forum