Hi experts,
I have tried to configure the attribute of one memory region not able to be write in secure world and then try to write data into this region.
What I expect is that there will be an exception raising after write data into this region. But what I saw is that the write data successfully and the read data successfully.
It could be that the data already is in the cache when reading, so I have tried using "device memory" - GIC mapped address as memory region. There was still no exception raising.
I'm wondering if the functionality of TZC400 is ready on ARMv8 FVP base model.
Hello Sudeep,
For TZC, I think we can control the secure/non-secure access behavior.
If we denied secure access for a region, we don't need to have NS attribute
in page tables, and TZC should deny the access.
We can confirm the asynchronous data abort raised by access violation.
But only for address 0x8000_0000 to 0xffff_ffff (which is external DRAM).
When we try to access GIC or TZDRAM (0x0600_0000 to 0x0800_0000),
the filter does no effect. (and I don't see the permission check reported by
fvp tzc400 diagnostic log)
Does GIC and TZDRAM not connected through TZC400 filter0 ? Or we missing
something?