Address translations for AXI
address is done based on BDF table programming (0x2420 to 0x2434). These BDF
table entries can be programmed through the AXI Slave CSR interface, s_axil_csr_*
. There are three regions that
you can use for slave data transfers. Each region can be further divided into many
windows for a different address translation. These regions and number of windows
should be configured in the IP wizard configuration. Each entry in the BDF table
programming represents one window. If a you need 2 windows then 2 entries need to be
programmed and so on.
There are some restrictions in programming BDF table.
- All PCIe slave bridge data transfers must be quiesced before programming the BDF table.
- There are six registers for each BDF table entry. All six registers must be programmed to make a valid entry. Even if some registers have 0s, you need to program 0s in those registers.
- All the six registers need to be programmed in an order for an
entry to be valid. Order is listed below.
- 0x2420
- 0x2424
- 0x2428
- 0x242C
- 0x2430
- 0x2434
BDF table entry start address = 0x2420 + (0x20 * i), where i = table entry number.
Protection
Specifying protection levels for different windows within a BAR is
facilitated by AXI4 prot
field via Trustzones. Any
access from PMC will have a*prot[1]=0
and hence
will get full access.
For the BDF space the protection domain ID itself is stored in the
BDF table. When a request comes in with a*rpot[1]=0
, it will be allowed full access. Requests with a*prot[1]=1
will only be allowed to access BDF entries
that have lower protection level.
The following table describes this behavior:
Access Type | BDF Table Value (prot[2:0]) | Value in a*prot[2:0] (AXI Interface) | Action |
---|---|---|---|
Secure access | 3'hXXX | 3'hX0X (bit 1=0) | Allow |
Non-secure access to secure entry | 3'hX0X | 3'hX1X (bit 1=1) | Do not allow |
Non-secure access to less secure entry | 3'hX1X | 3'hX1X (bit 1=1) | Allow if bits [2] and [0] match between a*prot and BDF entry |