Versal Adaptive SoC Image Header Table - 2024.1 English

Vitis Unified Software Platform Documentation: Embedded Software Development (UG1400)

Document ID
UG1400
Release Date
2024-05-30
Version
2024.1 English

The following table contains generic information related to the PDI image.

Table 1. Versal Adaptive SoC Image Header Table
Offset Name Description
0x0 Version

0x00040000(v4.0) :

  1. Added AAD support for IHT.
  2. Hash is included into the 32k secure chunk.

0x00030000(v3.0): updated secure chunk size to 32 KB from 64 KB

0x00020000(v2.00): IHT, PHT sizes doubled

0x4 Total Number of Images Total number of images in the PDI
0x8 Image Header Offset Word address to start of first image header
0xC Total Number of Partitions Total number of partitions in the PDI
0x10 Partition Header Offset Word offset to the start of partitions headers
0x14 Secondary boot device address

Indicates the address where secondary image is present.

This is only valid if secondary boot device is present in attributes

0x1C Image Header Table Attributes Refer to Table 2
0x20 PDI ID Used to identify a PDI
0x24 Parent ID ID of initial boot PDI. For boot PDI, it is same as the PDI ID
0x28 Identification string

Full PDI if present with boot header – “FPDI”

Partial/Sub-system PDI – “PPDI”

0x2C Headers size

0-7: Image header table size in words

8-15: Image header size in words

16-23: Partition header size in words

24-31: Reserved

0x30 Total meta header length (Word) Including authentication and encryption overhead (excluding IHT and including AC)
0x34 -0x3C IV for encryption of meta header IV for decrypting SH of header table
0x40 Encryption status Encryption key source, only key source used for PLM is valid for meta header.

0x00000000 - Unencrypted

0xA5C3C5A3 - eFuse red key

0xA5C3C5A5 - eFUSE black key

0x3A5C3C5A - BBRAM red key

0x3A5C3C59 - BBRAM black key

0xA35C7C53 - Boot Header black key

0x48 Meta Header AC Offset (Word) Word Offset to Meta Header Authentication Certificate
0x4c Meta Header Black/IV IV that is used to encrypt the Black key used to encrypt the Meta Header.
0x58 Optional Data Length (Word) Size of Optional Data available in Bootloader
0x5C - 0x78 Reserved 0x0
0x7C Checksum A sum of all the previous words in the image header table

Image Header Table Attributes

The image header tables are described in the following table.

Table 2. Versal Adaptive SoC Image Header Table Attributes
Bit Field Name Description
31:14 Reserved 0
14 PUF Helper Data Location Location of the PUF Helper Data efuse/BH
12 dpacm enable DPA Counter Measure enable or not
11:6 Secondary boot device

Indicates the device on which rest of the data is present in.

0 - Same boot device (default)

1 - QSPI32

2 - QSPI24

3 - NAND

4 - SD0

5 - SD1

6 - SDLS

7 - MMC

8 - USB

9 - ETHERNET

10 - PCIe

11 - SATA

12 - OSPI

13 - SMAP

14 - SBI

15 - SD0RAW

16 - SD1RAW

17 - SDLSRAW

18 - MMCRAW

19 - MMC0

20 - MMC0RAW

21- imagestore

All others are reserved

Note: These options are supported for various devices in Bootgen. For the exact list of secondary boot devices supported by any device, refer to its corresponding Systems Software Developers Guide (SSDG).
5:0   Reserved

IHT Optional Data

Optional Data is binary data placed in the PDI after Image Header Table (IHT). You can include your own optional data. This data is authenticated as part IHT Signature and IHT is added as AAD (Additional Authenticated Data) for the first Secure Header (SH) of the Image Header (IH) during encryption along with IHT.

As part of Authentication Optimization, for partitions that use the same authentication keys, the partition hashes are placed as part of IHT Optional Data. See Authentication Optimization.

Bootgen also accepts user optional data. There can also be multiple entires of optional data. For adding user optional data refer to optionaldata.

Table 3. Versal Adaptive SoC IHT Optional Data
Offset Name Description
0x0 ID The Data IDs from 0x0 to 0x20 for Optional Data are reserved for internal use. User Optional Data ID can be anything > 0x20.

0 - None, can be used for padding

1 - PLM Build Time Configuration Metadata as defined in the PLM Configuration document

2 - Data structure version information used in In-Place PLM Update Compatibility Check

3 - Hash Table for authentication optimization

0x2 Size Total optional data size in words
0x4 Data Actual data including padding
Last Checksum Sum of all the previous words in this data structure