Hi !
From the reference manual of the i.MX6(Q) board, we can see that the OCRAM can be splitted in two, having the end (from START_ADDR to the end of the OCRAM) of the memory protected by a TZASC. The configuration of the start address and the activation of the feature is done i IOMUX GPR10 register.
It is also explained that the security policy (S / NS, User vs Priv) should be programmed in the CSU.
However, I didn't found any occurrences of the OCRAM in the CSU CSL registers from the Security RefMan. Also the "OCRAM Trustzone" section of the security manual makes reference to a CSU section which is not in the document.
Best, V.
Solved! Go to Solution.
For the record and future readers: it is possible to protect part of the OCRAM with a TZASC. The CSU registers which are referenced in the Ref Manual / Security Manual are not documented (and I can't tell more because of NDA) but they exist.
Hello
OCRAM Trustzone is not supported by the CSU. Sorry.
Have a great day,
Yuri
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------
Dear YuriMuhin_ng, do you mean that the proper way to configure the OCRAM TZASC is not via CSU, or do you mean that i.MX6 boards do not have any way to protect the OCRAM using a TZASC, as it is stated in the board ?
In the former, could you point me to the right component ?
Best regards,
Vincent
Hello,
no way to protect the OCRAM using a TZASC.
Regards,
Yuri.
For the record and future readers: it is possible to protect part of the OCRAM with a TZASC. The CSU registers which are referenced in the Ref Manual / Security Manual are not documented (and I can't tell more because of NDA) but they exist.
Oh, ok. This is quite disturbing since both RM and Security Manual refers to this, and there are even some register to activate such TZASC, but none to configure the policy.
Thank you for your time.
Best regards,
Vincent