Software - 2020.2 English

Zynq UltraScale+ MPSoC Software Developer Guide (UG1137)

Document ID
Release Date
2020.2 English
To securely authenticate the bitstream partition, FSBL uses the ATF section's OCM memory to copy the bitstream in chunks from FLASH or DDR.
Important: While creating a boot image, the bitstream partition should be before the ATF partition. Otherwise, ATF memory is over-written while processing the bitstream partition.

The workflow for the DDR and DDR-less systems is nearly identical. The only difference is that for systems with the DDR, FSBL copies the entire bitstream partition (bitstream and authentication certificates) to the DDR from the FLASH devices, because DDR is faster to access. FSBL then, each time, copies a chunk of bitstream from the DDR. For the DDR-less systems, FSBL copies a chunk of bitstream directly from the FLASH devices.

The following is the software workflow for authenticating the bitstream:

  1. FSBL identifies the availability of the DDR on the system based on the XFSBL_PS_DDR macro. FSBL has two buffers in OCM, ReadBuffer buffer of size 56 KB and HashsOfChunks[] to store intermediate hashs calculated for each 56 KB of 8 MB blocks.
  2. FSBL copies a 56 KB chunk from the first 8 MB block to ReadBuffer.
  3. FSBL calculates hash on 56 KB and stores in HashsOfChunks.
  4. FSBL repeats the previous steps until the entire 8 MB of block is completed.
    Note: 56 KB is taken for performance; it can be of any size.
  5. FSBL authenticates the bitstream.
  6. Once the authentication is successful, FSBL starts copying 56 KB starting from the first block which is located in DDR/FLASH to ReadBuffer, calculates the hash, and then compares it with the hash stored at HashsOfChunks.
  7. If hash comparison is successful, FSBL transmits data to PCAP via DMA (for unencrypted bitstream) or AES (if encryption is enabled).
  8. FSBL repeats the previous two steps until the entire 8 MB block is completed.
  9. Repeats the entire process for all the blocks of bitstream.
Note: If there is any failure at any stage, PL is reset and FSBL is exited.

The bitstream is directly routed to PCAP via CSU DMA by configuring secure stream switch.

For a DDR system, the whole encrypted bitstream is copied to DDR. For DDR-less system, decryption is copied to OCM(ATF section) in chunks.

Note: Xilinx recommends that you have a bitstream partition immediately after the FSBL partition in the boot image.