tzasc

package
v0.0.0-...-d73fcdd Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 7, 2022 License: BSD-3-Clause Imports: 3 Imported by: 0

Documentation

Overview

Package tzasc implements a driver for the TrustZone Address Space Controller (TZASC) included in NXP i.MX6ULL/i.MX6ULZ SoCs.

Note that the TZASC must be initialized early in the boot process, see TZASC_BYPASS for information.

The driver is based on the following reference specifications:

  • TZC-380 TRM - CoreLink™ TrustZone Address Space Controller TZC-380 - Revision: r0p1

This package is only meant to be used with `GOOS=tamago GOARCH=arm` as supported by the TamaGo framework for bare metal Go on ARM SoCs, see https://github.com/f-secure-foundry/tamago.

Index

Constants

View Source
const (
	IOMUXC_GPR_GPR1       = 0x020e4004
	GPR1_TZASC1_BOOT_LOCK = 23

	// TZASC_BYPASS represents the register that allows to enable the TZASC
	// monitoring of DDR transactions.
	//
	// To use the TZASC the bypass must be disabled early in the boot
	// process, before DDR use.
	//
	// To do so the register can be written in the board DCD file (e.g.
	// imximage.cfg in usbarmory package):
	// 	`DATA 4 0x020e4024 0x00000001`
	//
	// This is a one time operation, until the next power-up cycle.
	TZASC_BYPASS = 0x020e4024

	TZASC_BASE = 0x021d0000
)

TZASC imx6 specific registers

View Source
const (
	TZASC_CONF   = TZASC_BASE + 0x000
	CONF_REGIONS = 0

	TZASC_ACTION          = TZASC_BASE + 0x004
	TZASC_LOCKDOWN_RANGE  = TZASC_BASE + 0x008
	TZASC_LOCKDOWN_SELECT = TZASC_BASE + 0x00c
	TZASC_SEC_INV_EN      = TZASC_BASE + 0x034

	TZASC_REGION_SETUP_LOW_0  = TZASC_BASE + 0x100
	TZASC_REGION_SETUP_HIGH_0 = TZASC_BASE + 0x104

	TZASC_REGION_ATTRS_0 = TZASC_BASE + 0x108
	REGION_ATTRS_SP      = 28
	REGION_ATTRS_SIZE    = 1
	REGION_ATTRS_EN      = 0

	SIZE_MIN = 0b001110
	SIZE_MAX = 0b111111
)

TZASC registers (p37, Table 3-1 Register summary, TZC-380 TRM).

View Source
const (
	// Secure Read Access bit
	SP_SW_RD = 3
	// Secure Write Access bit
	SP_SW_WR = 2
	// NonSecure Read Access bit
	SP_NW_RD = 1
	// NonSecure Write Access bit
	SP_NW_WR = 0
)

TZASC security permissions, (p28, Table 2-4, TZC-380 TRM).

Variables

This section is empty.

Functions

func DisableRegion

func DisableRegion(n int) (err error)

DisableRegion disables a TZASC region.

func EnableRegion

func EnableRegion(n int, start uint32, size int, sp int) (err error)

EnableRegion configures a TZASC region with the argument start address, size and security permissions, for region 0 only security permissions are relevant.

func EnableSecurityInversion

func EnableSecurityInversion()

EnableSecurityInversion allows configuration of arbitrary security permissions, disabling automatic enabling of secure access on non-secure only permissions (p49, 3.2.12 Security Inversion Enable Register, TZC-380 TRM).

func Lock

func Lock()

Lock enables TZASC secure boot lock register writing restrictions (p30, 2.2.8 Preventing writes to registers and using secure_boot_lock, TZC-380 TRM).

func Regions

func Regions() int

Regions returns the number of regions that the TZASC provides.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL