FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Protecting i.MX6 OCRAM with TZASC

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

Protecting i.MX6 OCRAM with TZASC

Jump to solution
‎01-06-2017 03:40 AM
1,364 Views
vsiles
Senior Contributor I

Hi !

From the reference manual of the i.MX6(Q) board, we can see that the OCRAM can be splitted in two, having the end (from START_ADDR to the end of the OCRAM) of the memory protected by a TZASC. The configuration of the start address and the activation of the feature is done i IOMUX GPR10 register.

It is also explained that the security policy (S / NS, User vs Priv) should be programmed in the CSU.

However, I didn't found any occurrences of the OCRAM in the CSU CSL registers from the Security RefMan. Also the "OCRAM Trustzone" section of the security manual makes reference to a CSU section which is not in the document.

  1. Can someone point me to the correct input to correct location to learn which CSU register I need to configure for this purpose ?
  2. We can also find in the IOMUX GPR10 register a bit called SEC_ERR_RESP. I'm not sure which security response it refers to ? Is it only for the Secure OCRAM access or is it used elsewhere ?

Best, V.

Tags (3)
0 Kudos
Reply
1 Solution

Jump to solution
‎06-08-2017 01:52 AM
844 Views
vsiles
Senior Contributor I

For the record and future readers: it is possible to protect part of the OCRAM with a TZASC. The CSU registers which are referenced in the Ref Manual / Security Manual are not documented (and I can't tell more because of NDA) but they exist.

View solution in original post

0 Kudos
Reply
5 Replies

Jump to solution
‎01-19-2017 12:26 AM
844 Views
Yuri
NXP Employee
NXP Employee

Hello

   OCRAM Trustzone is not supported by the CSU. Sorry.

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply

Jump to solution
‎01-23-2017 12:57 AM
844 Views
vsiles
Senior Contributor I

Dear YuriMuhin_ng‌, do you mean that the proper way to configure the OCRAM TZASC is not via CSU, or do you mean that i.MX6 boards do not have any way to protect the OCRAM using a TZASC, as it is stated in the board ?

In the former, could you point me to the right component ?

Best regards,

Vincent

0 Kudos
Reply

Jump to solution
‎01-23-2017 02:01 AM
844 Views
Yuri
NXP Employee
NXP Employee

Hello,

  no way to protect the OCRAM using a TZASC.

Regards,

Yuri.

0 Kudos
Reply

Jump to solution
‎06-08-2017 01:52 AM
845 Views
vsiles
Senior Contributor I

For the record and future readers: it is possible to protect part of the OCRAM with a TZASC. The CSU registers which are referenced in the Ref Manual / Security Manual are not documented (and I can't tell more because of NDA) but they exist.

0 Kudos
Reply

Jump to solution
‎01-23-2017 04:46 AM
844 Views
vsiles
Senior Contributor I

Oh, ok. This is quite disturbing since both RM and Security Manual refers to this, and there are even some register to activate such TZASC, but none to configure the policy.

Thank you for your time.

Best regards,

Vincent

0 Kudos
Reply