TZC-400 Memory Regions Question

Hi experts,

Based on the manual of TZC-400, we could set up at most 8 regions with different security settings.

However, I'm wondering, when a normal world(non-secure) application read or write a specific address, how does the TZC-400 decide whether the address is secure or not?

I think region 1-8 could overlap addresses with each other so I'm confused about how to decide the security of an address.

Any suggestion or discussion is welcomed.

Thank you.

Simon

Parents
  • Hi Simon,

    I believe Section 2.2.1 of the Technical Reference Manual should help to explain this process: (namely the last two bullet points)

    Region access rules

    The TZC-400 implements the following region rules:

    • A region must be enabled for a filter unit to provide a valid match.

    • Region 0 is always enabled.

    • TZC-400 checks the access against Region 0 security settings only if the access cannot be

    found in any of the other enabled regions for that filter unit.

    • Where an address maps to region 1 or higher, TZC-400 checks the access against the

    security settings of that region.

    • For region 1 and higher, any enabled region in a filter unit must not overlap memory areas

    from another enabled region in the same filter unit.

    ---- Note ----

    • Other regions can overlap the address area of Region 0. You can use an overlap between

    Region 0 and a higher region to manage all access rights for a Secure OS, by defining the

    security of the default region, Region 0, and then defining security for higher regions

    overlapping the default base region. For example, you can make Region 0 inaccessible to

    any Non-secure masters. The Secure OS can then selectively release regions for global

    access later.

    • Regions 1 and higher can have address regions that overlap with each other, but only if

    they are set for different filters.

    • The behavior of the TZC-400 is UNDEFINED for configurations where Regions 1 and

    higher overlap when enabled on the same filter unit. When an access to an overlapping

    region occurs, the TZC-400 sets a status bit to indicate an overlapping access. The

    TZC-400 can generate an interrupt when this occurs. Interrupt generation is a

    programmable feature of the TZC-400. See Action register on page 3-6.

    Hope that helps,

    Ash.

  • Hi ashwildingarm,

    Thank you for the replying. I did read this section before.

    However, based on the document I read, the filters only check the operations from those "master" like GPU, USB and so on.

    So I'm wondering does the filter also check the operations from the CPU? If it does, is there any document describe how the filter output the signals about CPU read/write?

    Thank you again for your help.

    Shengye

Reply Children
More questions in this forum