On Thu, Nov 24, 2016 at 9:47 AM, Volodymyr Babchuk vlad.babchuk@gmail.com wrote:
Patrick,
Memory security is enforced on hardware level. There are reference ARM implementation named ARM TZC-400. But I haven't seen SoC that use that controller.
Ahhh.... things are starting to make sense. Thank you for your explanation. I am trying to map what I learn about OP-TEE onto the SAMA5D2x processor from Atmel/Microchip since that is the SoC with which I have the most (recent) experience. I see in the data sheet for that part that it has a pair of switch matrices (H64MX/H32MX) through which access to the external SDRAM is mediated. I see also that it has a mechanism for splitting external memory into secure & non-secure banks. (I haven't completely grokked the details of that split, but for this level of understanding, I don't need to -- I just need to see for myself how it was done on a system I recognize). I'll bet I'll be able to find a similar mechanism on one of the op-tee supported processors, now that I know what it should look like.
Thanks for you help.
--wpd