TZC-400学习

ARM® CoreLink™ TZC-400 TrustZone® Address Space Controller

该篇文档的翻译及一些总结说明：https://www.cnblogs.com/lvzh/p/16582717.html

TZC400学习总结

这是个大佬的总结：https://blog.csdn.net/weixin_42135087/article/details/107161137

TZC400总结之于SOC安全域

https://zhuanlan.zhihu.com/p/627274503

配置：

关键寄存器配置：

实际上，代码中并未严格遵循该顺序。努力学习中。。。

1. 0x004: ACTION
2. 0x00C: SPECULATION_CTRL
3. 0x008: GATE_KEEPER
4. 0x120~0x200: REGION_BASE_LOW_<n>
5. 0x128~0x208: REGION_TOP_LOW_<n>
6. 0x110、0x130~0x210: REGION_ATTRIBUTES_0、REGION_ATTRIBUTES_<n>
7. 0x114、0x134~0x214: REGION_ID_ACCESS_0、REGION_ID_ACCESS_<n>
8. 读取0x008，检查gate keeper status

TZC_REGION配置宏定义：

#define CONFIG_TZC_REGION0(t, attr, access) \
  mmio_write_32(TZC##t##_REGION_ATTRIBUTES_0, attr);\
  mmio_write_32(TZC##t##_REGION_ID_ACCESS_0, access)

#define CONFIG_TZC_REGION(t, r, base_l, base_h, top_l, top_h, attr, access) \
  mmio_write_32(TZC##t##_REGION_BASE_LOW_##r, base_l);\
  mmio_write_32(TZC##t##_REGION_BASE_HIGH_##r, base_h);\
  mmio_write_32(TZC##t##_REGION_TOP_LOW_##r, top_l);\
  mmio_write_32(TZC##t##_REGION_TOP_HIGH_##r, top_h);\
  mmio_write_32(TZC##t##_REGION_ATTRIBUTES_##r, attr);\
  mmio_write_32(TZC##t##_REGION_ID_ACCESS_##r, access)

配置流程：

  // configure TZC0
  mmio_write_32(TZC0_GATE_KEEPER, 0);
  mmio_write_32(TZC0_ACTION, 0x3);

  CONFIG_TZC_REGION0(0, 0, 0);
  CONFIG_TZC_REGION(0, 1, DDR_REGION_START, 0, DDR_BL31_REGION_START - 1, 0, 0xc000000f, 0xffffffff);
  CONFIG_TZC_REGION(0, 2, DDR_BL31_REGION_START, 0, DDR_BL31_REGION_END, 0, 0xc000000f, 0x0);
  CONFIG_TZC_REGION(0, 3, DDR_BL31_REGION_END + 1, 0, DDR_TEE_REGION_START - 1, 0, 0xc000000f, 0xffffffff);
  CONFIG_TZC_REGION(0, 4, DDR_TEE_REGION_START, 0, DDR_TEE_REGION_END, 0, 0xc000000f, 0x0);
  CONFIG_TZC_REGION(0, 5, DDR_TEE_REGION_END + 1, 0, ddr_top_l, ddr_top_h, 0xc000000f, 0xffffffff);
  if (ddr_cap < 6)
  {
    CONFIG_TZC_REGION(0, 8, ddr_inv_l, ddr_inv_h, DDR_REGION_END_LOW, DDR_REGION_END_HIGH, 0x0, 0x0);
  }

  mmio_write_32(TZC0_SPECULATION_CTRL, 0x3);
  mmio_write_32(TZC0_GATE_KEEPER, 0xf);

  // configure TZC1
  mmio_write_32(TZC1_GATE_KEEPER, 0);
  mmio_write_32(TZC1_ACTION, 0x3);

  CONFIG_TZC_REGION0(1, 0, 0);
  CONFIG_TZC_REGION(1, 1, DDR_REGION_START, 0, DDR_BL31_REGION_START - 1, 0, 0xc000000f, 0xffffffff);
  CONFIG_TZC_REGION(1, 2, DDR_BL31_REGION_START, 0, DDR_BL31_REGION_END, 0, 0xc000000f, 0x0);
  CONFIG_TZC_REGION(1, 3, DDR_BL31_REGION_END + 1, 0, DDR_TEE_REGION_START - 1, 0, 0xc000000f, 0xffffffff);
  CONFIG_TZC_REGION(1, 4, DDR_TEE_REGION_START, 0, DDR_TEE_REGION_END, 0, 0xc000000f, 0x0);
  CONFIG_TZC_REGION(1, 5, DDR_TEE_REGION_END + 1, 0, ddr_top_l, ddr_top_h, 0xc000000f, 0xffffffff);
  if (ddr_cap < 6)
  {
    CONFIG_TZC_REGION(1, 8, ddr_inv_l, ddr_inv_h, DDR_REGION_END_LOW, DDR_REGION_END_HIGH, 0x0, 0x0);
  }

  mmio_write_32(TZC1_SPECULATION_CTRL, 0x3);
  mmio_write_32(TZC1_GATE_KEEPER, 0xf);

Programmable parameters of regions：

 

Gate keeper：

Gate keeper to allow or block accesses to each filter unit.

Software can use the gate keeper to request that all gates are closed. When all gate
keeper status bits go to 0, there are no outstanding accesses and therefore changes
to the regions can be made before opening the gates again.

所以是配置为0时，才可以进行region的配置？这样倒是和上面的代码逻辑能对上。

Region attributes register：

 

Speculation control register：