@@ -223,23 +223,26 @@ void hal_gtzc_init(void)
223223 SET_GTZC1_MPCBBx_SECCFGR_VCTR (1 , i , 0xFFFFFFFF );
224224 }
225225
226- /* Configure SRAM2 as non-secure (64 KB) and unprivileged.
227- * wolfBoot does not use SRAM2; ceding it to the NS application
228- * widens the NS RAM window from 320 KB (SRAM3 only) to 384 KB
229- * (SRAM2 + SRAM3). The PRIVCFGR clear is required because the
230- * H5 ETH DMA master is unprivileged; with the reset default
231- * (PRIVCFGR=0xFFFFFFFF) the DMA's descriptor/buffer reads from
232- * SRAM2 raise illegal-access (TZIC1_SR4 bit 26) and the channel
233- * suspends with TPS=6 (TBU). */
226+ /* Configure SRAM2 as non-secure (64 KB) and unprivileged. SRAM2 is
227+ * the ETH DMA arena: the NS wolfIP app pins its ETH descriptors and
228+ * buffers (.eth_buffers) into SRAM2. wolfBoot does not use SRAM2.
229+ * The PRIVCFGR clear is required because the H5 ETH DMA master is
230+ * unprivileged; with the reset default (PRIVCFGR=0xFFFFFFFF) the
231+ * DMA's descriptor/buffer reads from SRAM2 raise illegal-access
232+ * (TZIC1_SR4 bit 26) and the channel suspends with TPS=6 (TBU). */
234233 for (i = 0 ; i < 4 ; i ++ ) {
235234 SET_GTZC1_MPCBBx_SECCFGR_VCTR (2 , i , 0x0 );
236235 SET_GTZC1_MPCBBx_PRIVCFGR_VCTR (2 , i , 0x0 );
237236 }
238237
239- /* Configure SRAM3 as non-secure (320 KB) and unprivileged. */
238+ /* Configure SRAM3 as non-secure (320 KB) but PRIVILEGED. The NS CPU
239+ * runs privileged (Thread mode) and can use SRAM3 freely; only the
240+ * unprivileged ETH DMA master needs unprivileged RAM, and its
241+ * descriptors/buffers are pinned to SRAM2 (.eth_buffers). Leaving
242+ * SRAM3 privileged lets a future NS OS own the unprivileged
243+ * boundary. */
240244 for (i = 0 ; i < 20 ; i ++ ) {
241245 SET_GTZC1_MPCBBx_SECCFGR_VCTR (3 , i , 0x0 );
242- SET_GTZC1_MPCBBx_PRIVCFGR_VCTR (3 , i , 0x0 );
243246 }
244247}
245248
0 commit comments