The sample design demonstrates loading various types of images into the device. It includes loading a FSBL, PMU Firmware, U-Boot, Linux, RPU software and a PL configuration image. In this sample, all of these images are loaded by the FSBL which performs all authentication and decryption. This is not the only means of booting a system. However, it is the simple and secure method.
Different sections within the boot image have different levels of security and are loaded into different locations. The following table explains the contents of the final boot image.
Final Boot Image with Secure Attributes
Binary |
RSA A uthenticated |
AES Encrypted |
Exception Level |
Loader |
|---|---|---|---|---|
FSBL |
Yes |
Yes |
EL3 |
CSU ROM |
PMU Firmware |
Yes |
Yes |
NA |
FSBL |
PL Bitstream |
Yes |
Yes |
NA |
FSBL |
Trusted Firmware-A (TF-A) |
Yes |
No |
EL3 |
FSBL |
R5 Software |
Yes |
Yes |
NA |
FSBL |
U-Boot |
Yes |
No |
EL2 |
FSBL |
Linux |
Yes |
No |
EL1 |
FSBL |
Note
In a secure boot sequence, the PMU image is loaded by the FSBL. Using the bootROM/CSU to load the PMU firmware introduces a security weakness as the key/IV combination is used twice: first to decrypt the FSBL, and then again to decrypt the PMU image. This is not allowed for the secure systems.
As of 2019.1, U-Boot does not perform a secure authenticated loading of Linux. Instead of U-Boot, FSBL loads the Linux images to a memory address and then uses U-Boot to jump to that memory address.
This tutorial demonstrates assembling the binaries that are created using Design Example 1: Using GPIOs, Timers, and Interrupts in a boot image with all the security features enabled. This section also shows how a PL bitstream can be added as a part of the secure boot flow. Follow the information in this chapter until Modifying the Build Settings to create all the necessary files and then switch back.
Note
If you have not run MPSoC Design Example 1, you can run the script (see Reference Design Automation) in the example’s ref_files to generate the binaries with one make all command.
Enabling the security features in boot image is done in two different methods. In the first method, the BIF file is manually created using a text editor and then that BIF file is used to make Bootgen create keys. This enables you to identify the sections of the BIF file that are enabled which security features. The second method uses the Create Boot Image wizard in the Vitis IDE. It demonstrates the same set of security features and reuses the keys from the first method for convenience.