We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

Showing results for 
Search instead for 
Did you mean: 
Participant nahol
Registered: ‎05-31-2016

TrustZone violation on PL-PS interfaces ?

Hi, as far I understood the TrustZone configuration for the PL-PS interface is defined on a per transaction basis. Let us now consider a unsecure Master in the PL which modifies the AWPROT[1]/ARPROT[1] signals to generate a secure memory transaction through one of the FPD interfaces. What are the current possibilities  to prevent this privilege escalation ? For me one solution would be to define the isolation correctly with the Isolation Configuration flow. Is it also possible to prevent this at the FPD interface itself ?

Best regards,


0 Kudos
1 Reply
Xilinx Employee
Xilinx Employee
Registered: ‎10-11-2011

Re: TrustZone violation on PL-PS interfaces ?

Firts of all I suggest to authenticate the PL bitstream so you are only loading "authorized cores".

Now if your core has a bug with those signals, some Isolation in the PS could definetly help since the transaction can be blocked or allowed depending on the MASTER ID.

0 Kudos