Solved: Re: Zynq Ultrascale+ Fallback Multiboot

cmuhlbauer · ‎09-17-2019

We are trying to implement fallback multiboot to avoid bricking of system during failed field updates. We are finding that the boot header needs to be corrupted to trigger the fallback multiboot from a golden image. This is not very useful. What happens when the FSBL is corrupted or the boot image is corrupted? How do we implement full fall back multiboot like we had in earlier FPGA families? We are booting from a Quad-SPI (QSPI32) flash memory using a XCZU6CG MPSoC device.

glena · ‎09-20-2019

UG1137 describes the behavior in Fallback. The header is validated in a non-secure boot. For a pull partition check, add authentication. In that boot case the partition is authenticated, if it fails, the boot will fallback to the next image.

-------------------------------------------------------------------------
Don’t forget to reply, kudo, and accept as solution.
-------------------------------------------------------------------------

View solution in original post

glena · ‎09-20-2019

UG1137 describes the behavior in Fallback. The header is validated in a non-secure boot. For a pull partition check, add authentication. In that boot case the partition is authenticated, if it fails, the boot will fallback to the next image.

-------------------------------------------------------------------------
Don’t forget to reply, kudo, and accept as solution.
-------------------------------------------------------------------------

View solution in original post