Hi all,

 

I have a few questions regarding an521 platform protection settings for Level 3 isolation.

 

In platform/ext/target/arm/mps2/an521/tfm_hal_isolation.c there is an const static struct mpu_armv8m_region_cfg_t region_cfg[] – for L3 it specifies to protect:

• Code (from Image$$PT_RO_START$$Base to Image$$PT_RO_END$$Base) to be accessible in both PRIV and UNPRIV states.
• PSA RoT partitions data in RAM (from Image$$PT_PRIV_RWZI_START$$Base to Image$$PT_PRIV_RWZI_END$$Base)to be accessible only in UNPRIV state.
• TFM_SP_META_PTR to be accessible in both PRIV and UNPRIV states.

 

Also in this file mpu_armv8m_enable() function call specifies PRIVILEGED_DEFAULT_ENABLE for MPU.

 

I have following question to this configuration

• Does this configuration mean that in L3 PSA RoT code is not isolated from APP RoT (APP RoT can read/execute PSA RoT domain code)?
• How SPM data (TFM_BSS and TFM_DATA sections from scatter file) is  protected? I cant see it being protected by MPU.
  • Is it skipped because PRIVILEGED_DEFAULT_ENABLE is set which means that SPM will be able to access this data and this allows to save one MPU region?
    • If so then why MPU region is used for PSA RoT partitions data?

 

 

 

Regards,

Bohdan Hunko

 

Cypress Semiconductor Ukraine

Engineer

CSUKR CSS ICW SW FW

Mobile: +38099 50 19 714
Bohdan.Hunko@infineon.com