This chapter details the AMD Zynq™ UltraScale+™ MPSoC features that you can leverage to address security during boot time and runtime of an application. The Secure Boot mechanism is described in detail in the Security chapter of the Zynq UltraScale+ Device Technical Reference Manual (UG1085).
The system protection units (SPU) provide the following hardware features for runtime security of an application running on Zynq UltraScale+ MPSoCs:
- AMD Memory Protection Unit
- AMD Peripheral Protection Unit
- System Memory Management Unit
- A53 Memory Management Unit
- R5 Memory Protection Unit
- TrustZone
One of the runtime security features is access controls on the PMU and CSU global registers from Linux. These registers are classified into two lists: The white list (accessible all the time by default) and the black list (accessible only when a compile time flag is set). For more details, see CSU/PMU Register Access.