FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Violation @0xdf800000, non-secure privileged read, AXI ID 4a0, write, AXI ID 480

Go to solution
DMårt
Lead

‎2024-09-29 02:28 AM - edited ‎2024-09-29 03:34 AM

Hi!

When I launch

 

 

 

apt-get update

 

 

 

I got this

 

 

 

E/TC:0   dump_fail_filter:420 Permission violation on filter 0
E/TC:0   dump_fail_filter:425 Violation @0xdf800000, non-secure privileged read, AXI ID 4a0
E/TC:0   tzc_it_handler:79 TZC permission failure
E/TC:0   dump_fail_filter:420 Permission violation on filter 0
E/TC:0   dump_fail_filter:425 Violation @0xdf800000, non-secure privileged write, AXI ID 480
E/TC:0   tzc_it_handler:79 TZC permission failure
E/TC:0   dump_fail_filter:420 Permission violation on filter 0
E/TC:0   dump_fail_filter:425 Violation @0xdf800020, non-secure privileged read, AXI ID 4a0
E/TC:0   tzc_it_handler:79 TZC permission failure
E/TC:0   dump_fail_filter:420 Permission violation on filter 0
E/TC:0   dump_fail_filter:425 Violation @0xdf800040, non-secure privileged read, AXI ID 4a0
E/TC:0   tzc_it_handler:79 TZC permission failure
E/TC:0   dump_fail_filter:420 Permission violation on filter 0
E/TC:0   dump_fail_filter:425 Violation @0xdf800080, non-secure privileged read, AXI ID 4a0

 

 

 

The memory 0xdf800000 is inside the DDR memory

screen.jpg

When I'm looking inside the datasheet and converting 0x4a0 and 0x480 to binary. Which becomes:

0x4a00x480
1001010000010010000000

So I guess it has to do with the CPU?

screen.jpg

By Op-tee device tree have a special node called Extended TrustZone Protection Controller.

 

 

 

&etzpc{
	status = "okay";
	st,decprot = <
	/*"NS_R S_W" peripherals*/
	DECPROT(STM32MP1_ETZPC_DDRCTRL_ID, DECPROT_NS_R_S_W, DECPROT_LOCK)
	DECPROT(STM32MP1_ETZPC_DDRPHYC_ID, DECPROT_NS_R_S_W, DECPROT_LOCK)
	/*"Non Secured" peripherals*/
	DECPROT(STM32MP1_ETZPC_DMA1_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_DMAMUX_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_ETH_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_CEC_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_I2C1_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_I2C4_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_SPI2_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_RNG1_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_UART4_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	DECPROT(STM32MP1_ETZPC_OTG_ID, DECPROT_NS_RW, DECPROT_UNLOCK)
	/*"Secured" peripherals*/
	DECPROT(STM32MP1_ETZPC_STGENC_ID, DECPROT_S_RW, DECPROT_UNLOCK)
	/*"Mcu Isolation" peripherals*/
	DECPROT(STM32MP1_ETZPC_DMA2_ID, DECPROT_MCU_ISOLATION, DECPROT_UNLOCK)

	/*Restriction: following IDs are not managed  - please to use User-Section if needed:
		  STM32MP1_ETZPC_SRAMx_ID  STM32MP1_ETZPC_RETRAM_ID  STM32MP1_ETZPC_BKPSRAM_ID*/

	/* USER CODE BEGIN etzpc_decprot */
		/*STM32CubeMX generates a basic and standard configuration for ETZPC.
		Additional device configurations can be added here if needed.
		"etzpc" node could be also overloaded in "addons" User-Section.*/
	/* USER CODE END etzpc_decprot */
	>;

	/* USER CODE BEGIN etzpc */
	/* USER CODE END etzpc */
};

 

 

 

 Question:

If I'm correct, that my linux kernel, or linux distribution, cannot write och read to the CPU. That means I need to configure that in the device tree? Right? So what chould I change inside the device tree to make premissions for my software to write or read to the address 0x4a0 and 0x480 inside the CPU?

 

Should I add this inside the Linux Device Tree?

	reserved-memory {
		#address-cells = <1>;
		#size-cells = <1>;
		ranges;

		/* USER CODE BEGIN reserved-memory */
		optee@de000000 {
			reg = <0xde000000 0x2000000>;
			no-map;
		};
        ..
        ..
        ..
        };
STM32MP151AAC3 custom board with STM32-OS as operating system: https://github.com/DanielMartensson/STM32-Computer
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
DMårt
Lead

‎2024-09-29 04:15 AM - edited ‎2024-09-29 04:16 AM

Yes!

 

This code need to be placed inside the Linux Device .dts file! By the way! I'm using STM32-OS https://github.com/danielmartensson/STM32-OS instead of OpenSTLinux. Memory usage is about 40 MB in RAM.

 

reserved-memory {
		#address-cells = <1>;
		#size-cells = <1>;
		ranges;

		/* USER CODE BEGIN reserved-memory */
		optee@de000000 {
			reg = <0xde000000 0x2000000>;
			no-map;
		};

 

 

STM32MP151AAC3 custom board with STM32-OS as operating system: https://github.com/DanielMartensson/STM32-Computer

View solution in original post

1 REPLY 1
Go to solution
DMårt
Lead

‎2024-09-29 04:15 AM - edited ‎2024-09-29 04:16 AM

Yes!

 

This code need to be placed inside the Linux Device .dts file! By the way! I'm using STM32-OS https://github.com/danielmartensson/STM32-OS instead of OpenSTLinux. Memory usage is about 40 MB in RAM.

 

reserved-memory {
		#address-cells = <1>;
		#size-cells = <1>;
		ranges;

		/* USER CODE BEGIN reserved-memory */
		optee@de000000 {
			reg = <0xde000000 0x2000000>;
			no-map;
		};

 

 

STM32MP151AAC3 custom board with STM32-OS as operating system: https://github.com/DanielMartensson/STM32-Computer
Top