For every read and write transaction, the XPPU determines if the transaction is allowed to proceed with fine grain control of specific memory addresses. If the transaction is allowed, it proceeds normally. If the transaction is not allowed, it invalidates the transaction by address poisoning. When an address is poisoned, the transaction is sent to the XPPU_Sink unit.
An AXI transaction request is allowed to access the memory range defined by an APERPERM_xxx register if three conditions are satisfied:
•The requesting Master fits one or more of the profiles of a MASTER_IDxx register.
•The bit for the that profile is set in the [PERMISSION] bit field. For example, if the master satisfies the MasterID and read/write permissions of the MASTER_ID00 register and bit 0 of the [PERMISSION] bit field = 1, then the transaction is allowed to proceed.
•The transaction request satisfies the APERPERM_xxx [TRUSTZONE] bit setting.
IMPORTANT: XPPU is used to configure the device control address space to be TZ or non-TZ. Devices (peripherals) are configured to be TZ or non-TZ by separate registers—this control is not provided by XPPU.
A block-level diagram summarizing the XPPU operation is shown in This Figure.