Hard Processor System Technical Reference Manual: Agilex™ 5 SoCs

ID 814346
Date 11/27/2024
Public
Document Table of Contents

13.4.2.4.1. CCU-to-DDR Firewalls (MPU Firewall and F2H Firewall)

The MPFE NoC implements a firewall on the output of the CCU_DMI0 and CCU_DMI1 initiator NIUs that supports 8 memory regions. The firewall region can be configured by software to be as small as 64 kbytes or as large as 128 Gbytes, aligned to a 64 kbyte boundary.

By convention, accesses from F2H:
  • AxUSER[7:0] must be set to 0x04

The firewall checks the Secure bit of a transaction (AxPROT) against the secure state of the slave. A transaction that passes the firewall proceeds normally to the slave. A transaction that fails the firewall receives an error response with random data. Transactions that fail the firewall must never be presented to the slave interface.

The registers in the following table are associated with the MPU firewall and the F2H firewall.
Table 385.  Associated firewalls must be the same
DDR_CCU_dmi0_SCR Must Equal DDR_CCU_dmi1_SCR
mpuregion<n>addr_base = mpuregion<n>addr_base
mpuregion<n>addr_baseext = mpuregion<n>addr_baseext
mpuregion<n>addr_limit = mpuregion<n>addr_limit
mpuregion<n>addr_limitext = mpuregion<n>addr_limitext
nonmpuregion<n>addr_base = nonmpuregion<n>addr_base
nonmpuregion<n>addr_baseext = nonmpuregion<n>addr_baseext
nonmpuregion<n>addr_limit = nonmpuregion<n>addr_limit
nonmpuregion<n>addr_limitext = nonmpuregion<n>addr_limitext
MPFE_SCR.IO96B0_reg[mpu] = MPFE_SCR.IO96B1_reg[mpu]
MPFE_SCR.IO96B0_reg[f2h] = MPFE_SCR.IO96B1_reg[f2h]
Note:

“mpuregion” is associated with MPU transactions.

“nonmpuregion” is associated with F2H transactions.

Note: Since CCU_DMI0 and CCU_DMI1 are interleaved in some use cases on a 4K boundary, the configuration of the associated firewalls must be the same. Failure to do so might lead to unpredictable results.

For the MPU-to-SDRAM path, the firewall checks the secure bit of a transaction (AxPROT[1]) against the secure state of the slave (IO96B0_reg[mpu] = IO96B1_reg[mpu]), as described in the following table.

Table 386.  MPU-to-SDRAM Firewall Decision Table
MPU AxPROT[1] IO96B<1:0>_reg[mpu] Result
0 – Secure 0 – Secure Pass – transaction allowed for entire DRAM space
0 – Secure 1 – Non-Secure Pass – transaction allowed for entire DRAM space
1 – Non-Secure 0 – Secure Fail
1 – Non-Secure 1 – Non-Secure Pass – transaction only allowed in 8 regions for MPU

For the F2H-to-SDRAM path, the firewall checks the secure bit of a transaction (AxPROT[1]) against the secure state of the slave (IO96B0_reg[f2h]=IO96B1_reg[f2h]), as described in the following table.

Table 387.  MPU-to-SDRAM Firewall Decision Table

F2H

AxPROT[1]
IO96B<1:0>_reg[f2h] Result
0 – Secure 0 – Secure Pass – transaction allowed for entire DRAM space
0 – Secure 1 – Non-Secure Pass – transaction allowed for entire DRAM space
1 – Non-Secure 0 – Secure Fail
1 – Non-Secure 1 – Non-Secure Pass – transaction only allowed in 8 regions for F2H