2019-09-09 04:53 AM
Hey everyone,
I am working on STM32MP157-DK1 with trustzone cortex-A.
I want to use SPI in secure side, but it's possible only with SPI6 that is not mapped to the outside.
It's possible to activate SPI (1 ... 5) peripherals in secure side ? if not, why ?
Best regards
2019-09-09 05:24 AM
Hello,
from HW point of view, only SPI6 could be set as only allowing trustzone secure access (using ETZPC settings).
There is no blocking point to use any SPI from secure SW (trustzone), but obviously they will not be protected from unwanted non-secure accesses.
On STM32MP157A-DK1 board, SPI6 could be made available on PZ0, PZ1 and PZ2 (secure GPIOs), but those signals are not available on a header (need to solder wires on U8 which is not populated on this board).
Another option is to use STM32MP157x-EV1 board where SPI6 could be made available on GPIO expansion connector of MB1262 board (same pins than SPI1)
2019-09-09 06:10 AM
Hi,
thanks a lot for your quick answer. It was my understanding (BTW I've ordered a EV1...)
When you say: "that any SPI from secure SW (trustzone), will not be protected from unwanted non-secure accesses". I understand from M4 point of view, but if the TF-A mapping is modified (configuring the memory region of SPI in TZ only) , the ARM7 core will not be allowed to access to this SPI. (not using EXTZC but the core itself)
Is it correct ?
2019-09-09 06:19 AM
This is true for Cortex-A7 alone as protection is done using MMU inside the core.
Nevertheless, any other master e.g. MDMA or DMA1/2 will not be protected to be set-up to access any non-secure area as their master accesses are not visible by the Cortex-A7 MMU.
Note that MDMA could be set to have all channel secure, but this will restrict a lot it's usage by Linux non-secure SW.
Note that if needed DMA1/2 could be restricted to be Cortex-M4 access only.
2019-09-09 07:22 AM
Thank you. It's clear now.