Enhanced SPK Revocation

Zynq UltraScale+ Device Technical Reference Manual (UG1085)

Document ID
Release Date
2.4 English

An alternative method of SPK revocation, called enhanced SPK revocation, utilizes the user eFUSEs (USER_{0:7}) in addition to the SPK ID eFUSEs. This approach provides these advantages over the standard SPK revocation method:

An increase in the number of revocations – up to 256

Allows each partition to have its own SPK, which allows one partition to be invalidated without invalidating all partitions

Reduces the risk of failure during an upgrade process


IMPORTANT:   The enhanced SPK revocation is not applicable for the FSBL loaded by the CSU ROM. The standard SPK revocation is used on the FSBL. Everything else that is securely loaded during the boot process can use the enhanced SPK method.

The enhanced SPK revocation uses the user eFUSEs, rather than SPK ID eFUSEs to determine if an SPK has been revoked. Since the user eFUSEs are a general purpose resource, it is important to allocate as many eFUSEs as are required in the architecture to avoid conflict.

Note:   All user eFUSEs do not have to be used. As many eFUSEs as needed can be allocated.

When using enhanced SPK revocation, the user eFUSE represents which SPK has been revoked, thereby allowing many SPKs to be valid at one time. Revocation of the SPK occurs when the specific user eFUSE has been programmed. The authenticated boot image specifies which revocation method is employed and the FSBL, XilSecure, and XilFPGA libraries check the appropriate eFUSEs (user or SPK ID). A user specifies which revocation method to use, on a partition by partition basis, by selecting either user-efuse or spk-efuse for the spk_select option in the BIF file. For more details, see the Bootgen User Guide (UG1283) [Ref 36].

This Figure below compares and contrasts the standard and enhanced SPK revocation methods.

Figure 12-14:      Key Revocation in Boot Image

X-Ref Target - Figure 12-14