Versal ACAP Partition Header - 2021.2 English

Bootgen User Guide (UG1283)

Document ID
UG1283
Release Date
2021-10-22
Version
2021.2 English

The partition header contains details of the partition and is described in the table below.

Table 1. Versal ACAP Partition Header Table
Offset Name Description
0x0 Partition Data Word Length Encrypted partition data length
0x4 Extracted Data Word Length Unencrypted data length
0x8 Total Partition Word Length (Includes Authentication Certificate) The total encrypted + padding + expansion + authentication length
0xC Next Partition header offset Offset of next partition header
0x10 Destination Execution Address (Lower Half) The lower 32 bits of the executable address of this partition after loading.
0x14 Destination Execution Address (Higher Half) The higher 32 bits of the executable address of this partition after loading.
0x18 Destination Load Address (Lower Half) The lower 32 bits of the RAM address into which this partition is to be loaded. For elf files Bootgen will automatically read from elf format. For RAW data users has to specify where to load it. For CFI and configuration data it should be 0xFFFF_FFFF
0x1C Destination Load Address (Higher Half) The higher 32 bits of the RAM address into which this partition is to be loaded. For elf files Bootgen will automatically read from elf format. For RAW data users has to specify where to load it. For CFI and configuration data it should be 0xFFFF_FFFF
0x20 Data Word Offset in Image The position of the partition data relative to the start of the boot image.
0x24 Attribute Bits See Partition Attributes Table
0x28 Section Count If image type is elf, it says how many more partitions are associated with this elf.
0x2C Checksum Word Offset The location of the checksum word in the boot image.
0x30 Partition ID Partition ID
0x34 Authentication Certification Word Offset The location of the Authentication Certification in the boot image.
0x38 – 0x40 IV IV for the secure header of the partition.
0x44 Encryption Key select

Encryption status:

  • 0x00000000 – Unencrypted
  • 0xA5C3C5A3 - eFuse Red Key
  • 0xA5C3C5A5 - eFuse Black Key
  • 0x3A5C3C5A - BBRAM Red Key
  • 0x3A5C3C59 - BBRAM Black Key
  • 0xA35C7C53 - Boot Header Black Key
  • 0xC5C3A5A3 - User Key 0
  • 0xC3A5C5B3 - User Key 1
  • 0xC5C3A5C3 - User Key 2
  • 0xC3A5C5D3 - User Key 3
  • 0xC5C3A5E3 - User Key 4
  • 0xC3A5C5F3 - User Key 5
  • 0xC5C3A563 - User Key 6
  • 0xC3A5C573 - User Key 7
  • 0x5C3CA5A3 - eFuse User Key 0
  • 0x5C3CA5A5 - eFuse User Black Key 0
  • 0xC3A5C5A3 - eFuse User Key 1
  • 0xC3A5C5A5 - eFuse User Black Key 1
0x48 Black IV IV used for encrypting the key source of that partition.
0x54 Revoke ID Partition revoke ID
0x58-0x78 Reserved 0
0x7C Header Checksum A sum of the previous words in the Partition Header

The following table lists the partition header table attributes.

Table 2. Versal ACAP Partition Header Table Attributes
Bit Field Name Description
31:29 Reserved 0x0
28:27 DPA CM Enable

0 – Disabled

1 – Enabled

26:24 Partition Type

0 – Reserved

1 - elf

2 - Configuration Data Object

3 - Cframe Data (PL data)

4 – Raw Data

5 – Raw elf

6 – CFI GSR CSC unmask frames

7 – CFI GSR CSC mask frames

23 HiVec

VInitHi setting for RPU/APU(32-bit) processor

0 – LoVec

1 – HiVec

22:19 Reserved 0
18 Endianness

0 – Little Endian (Default)

1 – Big Endian

17:16 Partition Owner

0 - PLM (Default)

1 - Non-PLM

2,3 – Reserved

15:14 PUF HD location

0 - eFuse

1 - Boot header

13:12 Checksum Type

000b - No Checksum(Default)

011b – SHA3

11:8 Destination CPU

0 – None (Default for non-elf files)

1 - A72-0

2 - A72-1

3 - Reserved

4 - Reserved

5 - R5-0

6 - R5-1

7- R5-L

8 – PSM

9 - AIE

10-15 – Reserved

3 A72 CPU execution state

0 - Aarch64 (default)

1 - Aarch32

2:1 Exception level (EL) the A72 core should be configured for

00b – EL0

01b – EL1

10b – EL2

11b – EL3 (Default)

0 TZ secure partition

0 – Non-Secure (Default)

1 – Secure

This bit indicates if the core that the PLM needs to configure (on which this partition needs to execute) should be configured as TrustZone secure or not. By default, this should be 0.