According to AR# 72588 (Zynq UltraScale+ MPSoC/RFSoC, Encrypt Only Boot Mode - Unauthenticated Boot and Partition Headers) see https://www.xilinx.com/support/answers/72588.html,
I have the following questions:
First, I would like to get confirmed that this flaw is not only affecting UltraScale+ as reported in https://raw.githubusercontent.com/inversepath/advisories/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU%2B-Encrypt_Only_Secure_Boot_bypass.txt, but also the entire Zynq family?
I investigated this on both a Zynq XC7Z010 and XC7Z020 with XSDK 2018.1, when generating a boot image in encryption only mode.
Second, will there be an updated FSBL template by Xilinx, which shows how to authenticate the partition headers in SW with acceptable performance/memory overhead?
Thanks in advance.
The Design Advisoty is only related to MPSoC mainly because in zynq-7000 Xilinx doesn't offer an ENCRYPTION ONLY out-of-box solution.
I am not sure what you mean about "how to authenticate the partition headers in SW with acceptable performance/memory overhead".
Xilinx continues to recommend the use of the Hardware Root of Trust (HWRoT) boot mode when possible. The HWRoT boot mode does authenticate the boot and partition headers.