TZASC: Protect peripherals other than DRAM

philip-ro · ‎04-14-2023

Hi community!

I'm trying to understand how the TZASC works on i.MX6UL.

Can the TZASC protect any memory-mapped peripheral? Only some of them? Or can it only protect DRAM and nothing else?

Best regards,

Philip

joanxie · ‎04-16-2023

Its main feature is to protect security-sensitive software and data in a trusted execution
environment (TEE) against potentially compromised software running on the platform.

For complete details on TZASC and its functionality, please refer to "CoreLink™
TrustZone Address Space Controller TZC-380 Technical Reference Manual”,
available at http://infocenter.arm.com.

philip-ro · ‎04-17-2023

Hi,

I am aware of the RM. I've been trying though, to protect something else than DRAM on my i.MX6UL, i.e. OCRAM or the SNVS address range.

In both cases, despite of the TZASC, the "protected" address ranges can be accessed from the REE.