8.4.4.5 Denied Transaction

If a transaction has insufficient security privileges, then for:

• Reads: the TZC responds to the Host by setting all bits of the read data bus to zero.
• Writes: the TZC prevents the transfer of data from the Host to the Client.

TZC_nnn_ACTION controls how the TZC signals the region permission failure of an access. This does not include region overlap conditions. See TZC_SYS_ACTION and TZC_CPU_ACTION. The available response strategies of TZC are:

• OK and raise no interrupts

  This enables the access to fail without permitting the read data to be returned or the write data to be committed. From the perspective of the host that issued the access, the access was permitted.

• OK and raise an interrupt

  This enables the access to fail without permitting the read data to be returned or the write data to be committed. However, the TZC generates an interrupt that must be routed to a Secure OS to notify it that a security violation has occurred.

• Decode error and raise no interrupts

  This enables the issuing host to behave as though the memory location is absent. The TZC presents a DECERR response to indicate that the transaction has failed.

• Decode error and raise an interrupt

  This enables the issuing host to behave as though the memory location is absent. The TZC presents a DECERR response and generates an interrupt that must be routed to a Secure OS to notify it that a security violation has occurred.

Separate interrupt status, overflow, and clear bits are available for every filter unit. For information on controlling interrupt actions, see TZC_SYS_ACTION and TZC_CPU_ACTION.