Visible to Intel only — GUID: mwh1409958643425
Ixiasoft
Visible to Intel only — GUID: mwh1409958643425
Ixiasoft
1.9.2. Specifying a Default Slave
You can achieve an optimized secure system by partitioning your design and carefully designating secure or non-secure address maps to maintain reliable data. Avoid a design that includes a non-secure AXI master that initiates transactions to a secure slave resulting in unsuccessful transfers, within the same hierarchy.
A transaction that violates security is rerouted to the default slave and subsequently responds to the AXI master with an error. The following rules apply to specifying a default slave:
- You can designate any slave as the default slave.
- You can share a default slave between multiple AXI masters.
- Have one default slave for each interconnect domain.
- An interconnect domain is a group of connected memory-mapped masters and slaves that share the same interconnect. The altera_error_response_slave component includes the required TrustZone® features.
- Specify interconnect security settings, as Configuring Platform Designer System Security describes.
- In the System View , right-click any column and turn on the Security and Default Slave columns.
- In the System View tab, turn on the Default Slave option for the slave interface. A master can have only one default slave.
Figure 39. Security and Default Slave Columns
Transaction Type |
TrustZone® -aware Master |
Non- TrustZone® -aware Master Secure |
Non- TrustZone® -aware Master Non-Secure |
---|---|---|---|
TrustZone® -aware slave/memory |
OK |
OK |
OK |
Non- TrustZone® -aware slave (secure) |
Per-access |
OK |
Not allowed |
Non- TrustZone® -aware slave (non-secure) |
OK |
OK |
OK |
Non- TrustZone® -aware memory (secure region) |
Per-access |
OK |
Not allowed |
Non- TrustZone® -aware memory (non-secure region) |
OK |
OK |
OK |