Intel® Quartus® Prime Pro Edition User Guide: Platform Designer

ID 683609
Date 4/02/2022
Public

A newer version of this document is available. Customers should click here to go to the newest version.

Document Table of Contents

2.11.2. Specifying a Default Avalon Agent or AXI Subordinate

If an AXI manager issues "per-access" or "not allowed" transactions, your design must contain a default subordinate. Per-access refers to the ability of a TrustZone® -aware AXI manager to allow or disallow access or transactions.

You can achieve an optimized secure system by partitioning your design and carefully designating secure or non-secure address maps to maintain reliable data. Avoid a design that includes a non-secure AXI manager or Avalon host that initiates transactions to a secure subordinate or agent resulting in unsuccessful transfers, within the same hierarchy.

A transaction that violates security is rerouted to the default subordinate or agent and subsequently responds to the AXI manager or Avalon host with an error. The following rules apply to specifying a default subordinate or agent:

  • You can designate any AXI subordinate or Avalon agent as the default subordinate or agent.
  • You can share a default subordinate or agent between multiple AXI managers or Avalon hosts, respectively.
  • You should have one default subordinate or agent for each interconnect domain.
  • An interconnect domain is a group of connected memory-mapped managers and subordinates or hosts and agents that share the same interconnect. The altera_error_response_slave component includes the required TrustZone® features.
To designate a subordinate or agent interface as the default subordinate or agent for non- TrustZone® -aware interfaces, follow these steps:
  1. Specify interconnect security settings, as Configuring Platform Designer System Security describes.
  2. In the System View , right-click any column and turn on the Security and Default Slave columns.
  3. In the System View tab, turn on the Default Slave option for the subordinate or agent interface. A manager or host can have only one default subordinate or agent.
    Figure 40. Security and Other Columns
Table 15.  Secure and Non-Secure Access Between Manager or Host, Subordinate or Agent, and Memory Components

Transaction Type

TrustZone® -aware manager

Non- TrustZone® -aware manager/host

Secure

Non- TrustZone® -aware manager/host

Non-Secure

TrustZone® -aware subordinate memory

OK

OK

OK

Non- TrustZone® -aware subordinate/agent (secure)

Per-access

OK

Not allowed

Non- TrustZone® -aware subordinate/agent (non-secure)

OK

OK

OK

Non- TrustZone® -aware memory (secure region)

Per-access

OK

Not allowed

Non- TrustZone® -aware memory (non-secure region)

OK

OK

OK