美文网首页
TZPC(TrustZone Protection Contro

TZPC(TrustZone Protection Contro

作者: 时朝辉 | 来源:发表于2019-06-26 17:44 被阅读0次

Features

  1. it has protection bits to enable you to program up to 24 areas of memory as secure
    or non-secure (可以设置最多24个区域的内存为secure或non-secure)
  2. it has secure region bits to enable you to split an area of internal RAM into both
    secure and non-secure regions(可以将内部的ram划分为secure和non-secure)
  3. it has an AMBA APB system interface(拥有AMBA APB的系统接口)
  4. it does not generate any APB wait states or a slave error response and is therefore
    compatible with the AMBA 2 APB protocol.(不会产生任何APB等待状态,或者外设的错误回应,因此兼容于AMBA 2 APB协议)

Block diagram

tzpc-block=diagram.PNG

功能介绍:

TZPC提供了将内存区域划分为secure和non-secure的软件接口,有两种办法可以做到。

  1. Programmable protection bits that can be allocated to areas of memory as
    determined by an external decoder.
    设置地址解码器所指定的内存区域的保护位(通过TZPCDECPROT)
  2. Programmable region size value for use by an AXI TrustZone Memory Adapter
    (TZMA). You can use this to split the RAM into two regions:
    — one secure
    — one non-secure.
    设置TZMA所使用的内存区大小,可以分割RAM为两个区域:一个secure,一个non-secure (通过TZPCR0SIZE)

TZPC typical configuration

tzpc-typical-configuration.PNG

从上图,TZPC是通过APB总线访问,设置好寄存器之后,有TZMA去阻止内存的访问操作。

程序员视图

  1. tzpc寄存器应该放置于secure的内存区域
  2. tzpc寄存器的基地址是可以配置的,但是寄存器的相对偏移不能改变
  3. 不能访问保留,以及未使用的地址,如果访问,将会导致不可预料的结果。
  4. 对于保留以及未使用的寄存器位,必须写成0,读取时需要忽略,除非在相关文档上有对应的说明
  5. 所有的寄存器在上电时都会重置为0,除非在相关文档有说明
  6. 所有的寄存器都是可以读写的。
  7. 访问所有寄存器都不会出现等待状态。

寄存器

  1. TZPCR0SIZE(Secure RAM Region Size Register RW default:0x00000200)

[31:10] - Read undefined. Write as zero.
[9:0] R0SIZE Secure RAM region size in 4KB steps:
0x00000000 = no secure region
0x00000001 = 4KB secure region
0x00000002 = 8KB secure region

0x000001FF = 2044KB secure region.
0x00000200 or above sets the entire RAM to secure regardless of size

  1. TZPCDECPROT[0-2]Stat (Decode Protection 0-2 Status Registers RO default: 0x0)
  2. TZPCDECPROT[0-2]Set (Decode Protection 0-2 Set Registers RO default: 0x0)
  3. TZPCDECPROT[0-2]Clr (Decode Protection 0-2 Clear Registers RO default: 0x0)
    [31:8] - Read undefined.
    [7:0] DECPROTxStat Shows the status of the decode protection output:
    0 = decode region corresponding to the bit is secure
    1 = decode region corresponding to the bit is non-secure.
    There is one bit of the register for each protection output, eight outputs are implemented as standard.
    TZPCDECPROT寄存器用来设置内存区域为secure 或者non-secure,总共可以控制3*8 = 24个区域
  4. TZPCPERIPHID[0-3] (Peripheral Identification Register 0-3)
  5. TZPCPCELLID0[0-3] (TZPC Identification Register 0-3)
    TZPCPERIPHID和TZPCPCELLID0都是存放的只读ID

TZPC功能总结:

tzpc-typical-usage.png
  1. TZPCDECPROT有三组寄存器[0-2]每组有8个bit来控制secure 或non secure,所以一共可以控制3*8 = 24个外设地址空间为secure 或non secure
  2. TZPCR0SIZE可以通过TZMA来将内部RAM划分为secure 内存.

The TZMA allows a single static memory of up to 2MB to be partitioned into two regions where the lower part is Secure, and the upper part Non-secure.

Refs:
ARM Security Technology
PrimeCell® Infrastructure AMBA™ 3 TrustZone™Protection Controller
PrimeCell® Infrastructure AMBA™ 3 AXI™ TrustZone™Memory Adapter

相关文章

  • TZPC(TrustZone Protection Contro

    Features it has protection bits to enable you to program ...

  • ARM Trustzone 技术(二) ARMv7-A Proc

    ARM 引入 Trustzone 技术,最重要的改动就是 CPU 架构的调整。ARM trustzone secu...

  • TrustZone

    1.TrustZone是ARM的一种硬件架构,其简介可以在ARM的官方网站上找到https://developer...

  • ARMv8-M中的TrustZone技术架构

    什么是TrustZone技术 TrustZone是ARMv8-M的一个安全扩展选项,主要目的是为各种嵌入式应用提供...

  • protection

    我得比我妈还爱我才能成最爱自己的人。 每天的化妆就是一种遮盖,一种面具。 现在发现事实我真的会好想一点,也终于卸下...

  • Protection

    画画于我, 犹如臭氧层之于地球。 它与自我的思维和情绪、 或与他人的思想碰撞, 不断地进行合成和分裂, 形成了包裹...

  • 无标题文章

    Process=Polictics=Protection

  • Proxy(代理)

    Protection Proxy Virtual Proxy

  • Eye protection

    In the U.S, every 13 min, a person was to be sent tothe ...

  • Environmental Protection

    Today the quality of our natural environment has become a...

网友评论

      本文标题:TZPC(TrustZone Protection Contro

      本文链接:https://www.haomeiwen.com/subject/plytcctx.html