The following measures are used to protect the XPPU itself.
•The master ID list and the aperture permission list can only be written and read by secure masters.
•The master ID list and the aperture permission list can be locked from further writes (by secure masters) through the same protection mechanism as for other peripherals (that is, setting appropriate entries in the master ID list and aperture permission list).
RECOMMENDED: Xilinx recommends setting up the XPPU one time during boot by the FSBL or other secure agent. Programming the XPPU requires access through the XPPU.
The XPPU programming interface uses the XPPU itself for protection, an access destined to a location in the XPPU (including master ID and aperture registers) visits the XPPU twice.
•The first visit comes from AXI, and passes through the protection logic to the AXI interconnect and on to the APB bridge.
•The second visit comes from the APB, and arrives at the addressed location, assuming its first visit passed the XPPU permission check.