cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
363 Views
Registered: ‎09-09-2019

Secure Boot Authentication: How to authenticate Kernel and root file system

 This is related to Secure Boot in Xilinx Ultrascale in embedded  Linux Enivironment.  At power-up, assuming we using RSA authentication only, CSU authenticate FSBL and U-Boot. Is there a procedure or ( Xilix APIs from U-boot )  to authenticate other images like Kernel, Root File System and device tree.

1- Secure Boot authenticate FSBL and U-Boot , How U-Boot is authenticating  the Kernel ? The documents says that it is up to user to authenticate the rest after U-Boot.

2- Let assume in Bootgen ( BIF FILE) we add the kernel and we select rsa authentication. since the kernel will be in Boot.bin, does it mean that it will be authenticated as well. What happen if it fails authentication.

Is there a documented  or recommended procedures for authenticating the rest of images based on HW Root of Trust ?

0 Kudos
1 Reply
Highlighted
Observer
Observer
320 Views
Registered: ‎05-07-2018

hi @mobbadxilinx 

please check below link for Loading authenticated and/or encrypted image partitions from u-boot.

https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/18842432/Loading+authenticated+and+or+encrypted+image+partitions+from+u-boot

0 Kudos