I’m currently experimenting with the TrustZone feature of the A8 of the imx53. My current goal is to just boot a OS into the normal world. For that purpose I modified u-boot such, that it executes a routine which grants the NW access to everything, meaning:
configuring the CSU:
- CSL0-31 to 0x00FF_00FF
- SA to 0x5555_5555 (0x1555_5555 is actually written)
configure the TZIC
- TZIC_INTSEC0-1 to 0xFFFF_FFFF
- TZIC_PRIORITY0-31 to 0x1F1F_1F1F
- TZIC_INTCTRL to 0x8001_0001
configure Nonsecure Access Control Register
- PLE=1 TL=1 CL=1 CP0-13=1 => 0x0007_3FFF (0x0007_0C00 is actually written)
configure Secure Configuration Register
- NS=1 IRQ=0 FIQ=0 EA=0 FW=1 AW=1 => 0x31
From what I can get out of the manuals (iMX53RM, IMX53SRM & A8 tech. man.) this should be sufficient to make the SW transparent to the NW. However, when u-boot inits the L2 cache the instruction „mcr 15, 1, r0, c9, c0, 2“ (Write L2 Cache Auxiliary Control Register) leads to a fault (not sure which, but when I halt the CPU via JTAG it is in ABORT mode).
So what am I missing during the configuration of the TZ elements?