XPPU Protection of Slaves

Zynq UltraScale+ Device Technical Reference Manual (UG1085)

Document ID
UG1085
Release Date
2022-09-15
Revision
2.3 English

The XPPU is used to protect LPD peripheral and control registers (SLCR) along with message buffers (IPI) rather than memory (DDR, OCM). Controlled access to these registers helps achieve security, safety, and operating system isolation. The XPPU is located in the LPD to protect the IOP from erroneous read and write transactions. The XPPU is shown in the IOP interconnect in This Figure.

Two data structures are used by the XPPU to control access.

The master ID list (part of the register set shown in This Figure), is partially user programmable to allow the enumeration of the masters that are allowed to access peripherals. The list defines a pool of potential masters. Out of 20 master IDs to be programmed in the list, the first eight master ID entries on the list are predefined and the rest can be defined and allocated by user software. The master ID list should be initialized before the XPPU is enabled.

The aperture permission list defines the set of accessible address apertures (where apertures refer to the peripheral IP address space) and identifies the masters that can access each aperture. The XPPU includes 400 apertures. As shown in This Figure, a RAM is used to store the permission settings set up by the software. This RAM is on the system address map and is accessible like regular software programmable registers.

Note:   The XPPU must be programmed once before being used and should only be enabled when there are no transactions going through it to avoid misbehavior. Transactions can be generated from several sources including another system master or a CSU event.

The master ID list and the aperture permission list provides access control for all peripheral apertures. The apertures can be made accessible or hidden from any master ID.