An incoming read or write transaction is checked against the XMPU regions as described in this section. For the enabled regions, two checks are done first:
- The AXI_ADDR address is within the region: START_ADDR ≤ AXI_ADDR ≤ END_ADDR
- The incoming AXI_SMID is allowed by the SMID_xx registers: AXI_SMID & [MASK] == [SMID] & [MASK]
If these checks are true, the region configuration is checked as to:
- The security of the transaction and is allowed
- The read and write permissions are satisfied
Functional Figure
The XMPU functional block diagram is shown in the following figure.
Memory Region Validation
Each XMPU has 16 regions, numbered from 0 to 15. Each region is defined by a start address and an end address. There are two region address alignment types. The 4 KB granularity is used for all XMPUs except the DDRMC unit.
When a memory space is included in more than one XMPU region configuration, the higher region number has higher priority (that is, region 0 has lowest priority). Each region can be independently enabled or disabled. If a region is disabled, it does not include protection checking.
SMID Validation
Each XMPU uses the inbound SMID in each AXI transaction to validate the transfer. The SMID is masked by the [MASK] bit field and then compared against the [ID] bit field of the Rxx_SMID region registers.
AMD Versal™ adaptive SoC register example: R00_SMID .
If the following equation is satisfied (along with security and read/write checks), the transaction is allowed. In this equation, these are [10-bit parameters] in the Rxx_SMID register
[ID] & [MASK] == AXI_SMID & [MASK]
Security Validation
- If the region is configured as secure, then only the secure request can access this region.
- If the region is configured as secure, then the read and write permissions are independently checked to determine whether or not the transactions are allowed.
- If the transaction is non-secure and the region is configured as secure, then the check fails, and the transaction generates a system error.
- If the region is configured as non-secure and the transaction is non-secure, then read and write permissions are independently checked to determine whether or not the transaction is allowed. If the check fails, the transaction is handled by the error handler.