UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

cancel
Showing results for 
Search instead for 
Did you mean: 
Participant nahol
Participant
258 Views
Registered: ‎05-31-2016

TrustZone violation on PL-PS interfaces ?

Hi, as far I understood the TrustZone configuration for the PL-PS interface is defined on a per transaction basis. Let us now consider a unsecure Master in the PL which modifies the AWPROT[1]/ARPROT[1] signals to generate a secure memory transaction through one of the FPD interfaces. What are the current possibilities  to prevent this privilege escalation ? For me one solution would be to define the isolation correctly with the Isolation Configuration flow. Is it also possible to prevent this at the FPD interface itself ?

Best regards,

Mathieu

0 Kudos
1 Reply
Xilinx Employee
Xilinx Employee
164 Views
Registered: ‎10-11-2011

Re: TrustZone violation on PL-PS interfaces ?

Firts of all I suggest to authenticate the PL bitstream so you are only loading "authorized cores".

Now if your core has a bug with those signals, some Isolation in the PS could definetly help since the transaction can be blocked or allowed depending on the MASTER ID.

0 Kudos