TrustZone Profile Table

Zynq UltraScale+ Device Technical Reference Manual (UG1085)
Document ID
UG1085
Release Date
2023-12-21
Revision
2.4 English

The security profile for master and slaves are listed in Table: TrustZone Profile.

Table 16-2:      TrustZone Profile

PS Entity

Slave Port

Master Port

Notes

APU

APU MPCore/L2

~

Both

 

GIC

Both

~

Global interrupt controller (GIC).

APU system counter

Secure

~

System counter uses two APB ports (secure and non-secure).

APU system counter

Non-secure

~

CCI

CCI_REG control registers

Both (internal)

~

Cache coherent interconnect (CCI) control registers can be configured to be secure or non-secure.

CCI GPV

Secure

~

Can be programmed to have a non-secure access to all the CCI 400 registers.

SMMU

TCU APB

Secure

~

SMMU_REG

TBU AXI

Both

Both

Programmable.

XPPU, XMPU

APB interface

Secure

~

XPPU, XMPU_{DDR, FPD, OCM} registers

AXI interface

Both

Both

Programmable.

FPD and LPD DMA Units

DMA channels

SLCR configurable

SLCR configurable

Programmable on a per channel basis.

RPU

RPU R5_0/1

~

SLCR configurable

 

RPU TCMs

XPPU configurable

~

External AXI slave port.

LPD Peripherals and Slaves

Secure SLCR

Secure

~

See Table: System-level Register Sets.

CSU

Secure

Secure

 

PMU

Secure

Secure

 

eFUSE/BPD/PS_SYSMON

Secure

~

Fuses, battery power unit, PS SYSMON unit.

CoreSight

Secure

Secure

 

IOP peripherals

XPPU configurable

SLCR configurable

I2C, GPIO, SPI, GEM Ethernet, SDIO, CAN, USB, UART, Quad-SPI, and NAND.

LP slave interfaces on APB

XPPU configurable

~

Potential secure slaves: reset-controller.

TTC{0:3}   

Configurable

~

 

{LPD, FPD, CSU}_SWDT   

TBD

~

 

FPD Peripherals and Slaves (FPD_GPV) can be configured to be secure.

Secure SLCR

Secure

~

 

GPU/SATA/DP/PCIe

XPPU configurable

SLCR configurable

 

FP slaves APB

XPPU configurable

~

Potential secure slaves: reset-controller and PCIe.

DDR System Memories and OCM

OCM

XMPU configurable

~

Secure/non-secure per region with 4 KB granularity.

DDR DRAM

XMPU configurable

~

Secure/non-secure per region with 1 MB granularity.

Notes:

1.Secure: Peripheral or memory device is always secure, independent of the condition.

2.Non-secure: Peripheral or memory device is always non-secure, independent of the condition.

3.Configurable: Peripheral or memory device could be configured as secure or non-secure but only one mode is allowed at any given time.

4.Both: Part of the peripheral or memory device is secure while the other part is non-secure.
Table 16-3:      CCI Registers

Module Name

Registers

Description

CCI_REG

MISC_CTRL

Controls for the register block

ISR_0

Interrupt Status Register

IMR_0

Interrupt Mask Register

IER_0

Interrupt Enable Register

IDR_0

Interrupt Disable Register

CCI_MISC_CTRL

Misc. Control Register

CCI_GPV (CCI 400)

Control_Override_Register

Additional control register that provides a fail-safe override for some CCI-400 functions.

Speculation_Control_Register

Disables speculative fetches for a master interface or for traffic through a specific slave interface.

Secure_Access_Register

Secure_Access_Control, Enable non-secure access to CCI-400 registers

Status_Register

Safely enables and disables snooping

Imprecise_Error_Register

Records the CCI-400 interfaces that receive an error that is not signaled precisely.

Performance_Monitor_Control_Register

Controls the performance monitor.

Snoop_Control_Register_S0/S1/S2/S3/S4

One Snoop Control Register exists for each slave interface.

Shareable_Override_Register_S0/S1/S2/S3

Overrides shareability of normal transactions

Read_Qos_OverCCride_Register_S0/S1/S2/S3/S4

Contains override values for ARQOS, with a register for each slave interface.

Write_Qos_Override_Register_S0/S1/S2/S3/S4

Contains override values for AWQOS, with a register for each slave interface.

Qos_Control_Register_S0/S1/S2/S3/S4

Controls the regulators that are enabled on the slave interfaces.

Max_OT_Register_S0/S1/S2

Determine how many outstanding transactions are permitted when the OT regulator is enabled for each ACE-Lite slave interface.

Target_Latency_Register_S0/S1/S2/S3/S4

Determine the target latency, in cycles, for the regulation of reads and writes.

Latency_Regulation_Register_S0/S1/S2/S3/S4

Latency regulation value, AWQOS or ARQOS, scale factor coded for powers of 2 in the range 2-5-2-12, to match a 16-bit integrator.

CCI_GPV (CCI 400)

(Cont’d)

Qos_Range_Register_S0/S1/S2/S3/S4

Enables you to program the minimum and maximum values for the ARQOS and AWQOS signals that the QV regulators generate.

Cycle_Counter

The cycle counter counts either every CCI-400 clock cycle depending on the PMCR bit.

Cycle_Counter_Control

Enable or disable the cycle and event counters.

Cycle_Count_Overflow

Detects for an overflow of the event counter.

Event_Select_Register_0/1/2/3

Selects the event.

 

ESR0/1/2/3

 

Event_Counter0/1/2/3

 

Event_Counter0/1/2/3_Control

 

Event_Counter0/1/2/3_Overflow

 

Event_Counter_0/1/2/3

Indicates the number of events occur.

Event_Counter_0/1/2/3_Control

Enables or disables the event counter.

Event_Counter_0/1/2/3_Overflow

Detects for overflow of the event counter.