FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

i.MX93: Addressing Secure Loading Concerns for SPL, ATF, and OP-TEE in i.MX Yocto Project Builds

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

i.MX93: Addressing Secure Loading Concerns for SPL, ATF, and OP-TEE in i.MX Yocto Project Builds

‎02-22-2024 11:24 PM
869 Views
koichi_fujimoto123
Contributor I

Regarding the i.MX Yocto Project User's Guide and building container images, it appears that when checking the generated image (imx-boot), the load addresses for SPL, ATF, and OP-TEE are set to Non-Secure addresses as follows: ELE FW: 0xE7FF8000 (NS) DRAM SPL: 0x2049A000 (NS) OCRAM ATF: 0x204E0000 (NS) OCRAM OP-TEE: 0x96000000 (NS) DRAM If my understanding is correct, I believe these images should be loaded into Secure addresses for protection by TrustZone, yet they seem to be set to load into Non-Secure addresses. Could there be a reason for configuring them to load into Non-Secure addresses? Moreover, how can we load these images into Secure addresses?

Tags (2)
0 Kudos
Reply
1 Reply

‎02-25-2024 11:01 PM
830 Views
Harvey021
NXP TechSupport
NXP TechSupport

Secure/non-secure address have no difference for A core application. Which means you can use them for both secure and non-secure applications like ATF and U-Boot.

As for accessing from M33 core, secure software can access both Secure and Non-secure memories and resources, while Normal software(non-secure) can only access Non-secure memories and resources. For more information about TrustZone-M, you can refer to ARM official docs like TrustZone technology for Armv8-M Architecture Version 2.1.

Note that every access to SOC resources is ultimately determined by TRDC.

 

Regards

Harvey

0 Kudos
Reply