Hi Amit
-----Original Message----- From: Nagal, Amit via TF-A tf-a@lists.trustedfirmware.org Sent: Saturday, April 13, 2024 6:52 AM
Can you please provide an example of any hardware implemented with bus controller firewall ? Is it the same as TZASC ?
Some examples here: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/+/refs/heads/mas...
The TZCs are standalone IP. The DMCs have TZASC functionality integrated into the memory controller. One of these will be integrated into all Arm reference platforms (and others).
In theory there should be non Secure Memory declaration in the device tree
passed to Operating Systems like Linux. You mean "No secure memory declaration" right ?
Yes, I'm pretty sure that was what was meant.
Raspberry PIs do NOT have such hardware so all the rules , we talked about
here are moot: there are no secure memory or secure devices. So what I am inferring is , that to have secure memory protected from NS world , we should have support both in processor side via NS bit as well as protection is needed to be enforced via TZASC or bus controller .
Correct. Raspberry PI does not enforce secure memory isolation.
Dan