Because the CSU ROM supports the MultiBoot option, there can be more than one boot image in a boot device. The boot image consists of a boot header and partitions for different images along with a partition header. This Figure shows the simplest form of a boot image with only a mandatory image partition (FSBL) with associated mandatory headers. A detailed secure image format is illustrated in Table: Secure Boot Image Encryption and Authentication.
With secure boot, the authentication certificate follows the FSBL image. Both the boot header and partition header are always in plain text.
The boot header format is shown in Table: Boot Header Format. This is a plain-text header associated with each boot image that indicates various characteristics, attributes (Table: Image Attributes Offset Definition), and other details about that boot image.
Offset |
Description |
Details |
---|---|---|
0x000 - 0x01C |
Reserved for interrupts |
This field is used in case of XIP boot mode when the default 0x01F interrupt vectors are changed in the LQSPI address space. |
0x020 |
Width detection |
Quad-SPI width description. |
0x024 |
Image identification |
Boot image identification string. |
0x028 |
Encryption status |
This field is used to identify the AES key source. 0000_0000h: Unencrypted. 3A5C_3C5Ah: Red key in BBRAM. A35C_7CA5h: Obfuscated key in boot header. A35C_7C53h: Black key in boot header. A5C3_C5A3h: Red key in eFUSE. A5C3_C5A5h: Black key in eFUSE (PUF key). A5C3_C5A7h: eFUSE (Gray key). A3A5_C3C5h: User key. Note: The user key is only used with single partition boot images. |
0x02C |
FSBL execution address |
FSBL execution start address. |
0x030 |
Source offset |
PMU FW and FSBL source start address. |
0x034 |
PMU FW image length |
PMU FW original image length. |
0x038 |
Total PMU FW image length |
PMU FW total image length. This includes the complete PMU firmware image block size, AES key, AES IV, and GCM tag (in case of an encrypted image). This field size must be £128 KB. |
0x03C |
FSBL image length |
FSBL original image length. |
0x040 |
Total FSBL image length |
Total FSBL image length. |
0x044 |
Image attributes |
Image attributes are described in Table: Image Attributes Offset Definition. |
0x048 |
Header checksum |
Header checksum from 0x20 to 0x44. |
0x04C–0x068 |
Obfuscated key |
256-bit obfuscated key. Only valid when 0x028 (encryption status) is A35C_7CA5h. |
0x06C |
Reserved |
|
0x070–0x09C |
FSBL/User defined |
How to use the FSBL/user defined areas is explained in the Zynq UltraScale+ MPSoC Software Developer’s Guide (UG1137) [Ref 3]. |
0x0A0–0x0A8 |
Secure header initialization vector |
Initialization vector for a secure header for both PMU FW and FSBL. |
0x0AC–0x0B4 |
Obfuscated or black key initialization vector |
Initialization vector used when decrypting the obfuscated key. |
0x0B8–0x8B4 |
Register initialization |
Store register write pairs for system register initialization. |
0x8B8-0xEC0 |
PUF helper data |
Store the PUF helper data. The helper data is used only when the image attribute PUF HD location = 0x3. |