This chapter details the Zynq® UltraScale+™ MPSoC features that you can leverage to address security during boot time and run time of an application. The Secure Boot mechanism is described in detail in this link to the Security chapter of the Zynq UltraScale+ Device Technical Reference Manual (UG1085).
The system protection unit (SPU) provides the following hardware features for run-time security of an application running on Zynq UltraScale+ MPSoCs:
- Xilinx Memory Protection Unit
- Xilinx Peripheral Protection Unit
- System Memory Management Unit
- A53 Memory Management Unit
- R5 Memory Protection Unit
One of the runtime security features is access controls on the PMU and CSU global registers from Linux. These registers are classified into two lists: The white list (accessible all the time by default) and the black list (accessible only when a compile time flag is set). For more details, see CSU/PMU Register Access.