www.ti.com
Architecture
87
SPRUH91D–March 2013–Revised September 2016
Submit Documentation Feedback
Copyright © 2013–2016, Texas Instruments Incorporated
Memory Protection Unit (MPU)
5.2.4 Protection Check
During a memory access, the MPU checks if the address range of the input transfer overlaps one of the
address ranges. When the input transfer address is within a range the transfer parameters are checked
against the address range permissions.
The MPU first checks the transfer’s privilege ID against the AID settings. If the AID bit is 0, then the range
will not be checked; if the AID bit is 1, then the transfer parameters are checked against the memory
protection page attribute register (MPPA) values to detect an allowed access.
For non-debug accesses, the read, write, and execute permissions are also checked. There is a set of
permissions for supervisor mode and a set for user mode. For supervisor mode accesses, the SR, SW,
and SX bits are checked. For user mode accesses, the UR, UW, and UX bits are checked.
If the transfer address range does not match any address range then the transfer is either allowed or
disallowed based on the configuration of the MPU. The MPU can be configured for “assumed allowed” or
“assumed disallowed” mode as dictated by the ASSUME_ALLOWED bit in the configuration register
(CONFIG).
In the case that a transfer spans multiple address ranges, all the overlapped ranges must allow the
access, otherwise the access is not allowed. The final permissions given to the access are the lowest of
each type of permission from any hit range. Therefore, if a transfer matches 2 ranges, one that is RW and
one that is RX, then the final permission is just R.
The MPU has a special mechanism for handling DSP L1/L2 cache controller read accesses, see
Section 5.2.5 for more details.
5.2.5 DSP L1/L2 Cache Controller Accesses
A memory read access that originates from the DSP L1/L2 cache is treated differently to allow memory
protection to be enforced by the DSP level. This is because a subsequent memory access that hits in the
cache does not pass through the MPU. Instead the memory access is serviced directly by the L1/L2
memory controllers.
During a cache memory read, the permission settings stored in the memory protection page attribute
registers (MPPA) are passed to the L1/L2 memory controllers along with the read data. The permissions
settings returned by the MPU are taken from MPPA that covers the address range of the original
request—only the SR, SW, SX, UR, UW, and UX bits are passed. If the request address is covered by
multiple address ranges, then the returned value is the logical-AND of all MPPA permissions. If the
transfer address range is not covered by an address range then the transfer is either allowed or
disallowed based on the configuration of the MPU.
5.2.6 MPU Register Protection
Access to the range start and end address registers (MPSAR and MPEAR) and memory protection page
attribute registers (MPPA) is also protected. All non-debug writes must be by a supervisor entity. A
protection fault can occur from a register write with invalid permissions and this triggers an interrupt just
like a memory access.
Faults are not recorded (nor interrupts generated) for debug accesses.
To Next Page
Loading...
