path: root/doc
diff options
authorBhupesh Sharma <>2015-01-06 13:11:21 -0800
committerYork Sun <>2015-02-24 13:08:06 -0800
commit9c66ce662c076fc1f5e57c4e72126e41d56d0b80 (patch)
treebb3c49d17da0fad2006a3dc2a26d96af08161bf1 /doc
parent38dac81b3d0e777f301ca98100bfbcab01d616c2 (diff)
fsl-ch3/lowlevel: TZPC and TZASC programming to configure non-secure accesses
This patch ensures that the TZPC (BP147) and TZASC-400 programming happens for LS2085A SoC only when the desired config flags are enabled and ensures that the TZPC programming is done to allow Non-secure (NS) + secure (S) transactions only for DCGF registers. The TZASC component is not present on LS2085A-Rev1, so the TZASC-400 config flag is turned OFF for now. Signed-off-by: Bhupesh Sharma <> Reviewed-by: York Sun <>
Diffstat (limited to 'doc')
1 files changed, 25 insertions, 0 deletions
diff --git a/doc/README.fsl-trustzone-components b/doc/README.fsl-trustzone-components
new file mode 100644
index 0000000000..a3afd1f5f4
--- /dev/null
+++ b/doc/README.fsl-trustzone-components
@@ -0,0 +1,25 @@
+Freescale ARM64 SoCs like LS2085A have ARM TrustZone components like
+TZPC-BP147 (TrustZone Protection Controller) and TZASC-400 (TrustZone
+Address Space Controller).
+While most of the configuration related programming of these peripherals
+is left to a root-of-trust security software layer (running in EL3
+privilege mode), but still some configurations of these peripherals
+might be required while the bootloader is executing in EL3 privilege
+mode. The following sections define how to turn on these features for
+LS2085A like SoCs.
+TZPC-BP147 (TrustZone Protection Controller)
+- Depends on CONFIG_FSL_TZPC_BP147 configuration flag.
+- Separates Secure World and Normal World on-chip RAM (OCRAM) spaces.
+- Provides a programming model to set access control policy via the TZPC
+ TZDECPROT Registers.
+TZASC-400 (TrustZone Address Space Controller)
+- Depends on CONFIG_FSL_TZASC_400 configuration flag.
+- Separates Secure World and Normal World external memory spaces for bus masters
+ such as processors and DMA-equipped peripherals.
+- Supports 8 fully programmable address regions, initially inactive at reset,
+ and one base region, always active, that covers the remaining address space.
OpenPOWER on IntegriCloud