2.2.7. Speculative accesses

By default, the TZASC performs read or write speculative accesses that means it forwards an AXI transaction address to a slave, before it verifies that the AXI transaction is permitted to read address or write address respectively.

The TZASC only permits the transfer of data between its AXI bus interfaces, after verifying the access that the read or write access is permitted respectively. If the verification fails, then it prevents the transfer of data between the master and slave as Denied AXI transactions describes.

You can disable speculative accesses by programming the speculation_control Register. See Speculation Control Register. When speculative accesses are disabled, the TZASC verifies the permissions of the access before it forwards the access to the slave. If the TZASC:


Enabling speculative access is a potential security risk, if the device that is being protected reacts to this transaction. Most devices do not have to react to this level of access, and speculative access is much faster than validating the address before issuing the transaction.

Copyright © 2008, 2010 ARM Limited. All rights reserved.ARM DDI 0431B