11-20-2017 05:29 AM
I am working with zynq 7010.
How can I run an encrypted application (.elf) for example "hello world" on the Linux OS.
I succeeded to encrypt an application on standalone(bare-metal) by encrypting boot.bin (that include fsbl, application PS, application PL)
The question is whether I run linux OS if I can add my application (helloworld.elf) to the boot.bin?
11-20-2017 05:41 AM
The answer is "yes, but..." The first stage boot loader is capable of launching a secure OS where all the components are verified and authenticated with a trust chain. But, here's the problem... your application can be encrypted on the non-volatile storage medium, but it has to be decrypted in memory in order to run.. and this means that the data will be visible on the external DDR2/3 memory interface. The only way to hide your software is to keep it entirely inside the device, stored in the on chip static memory (OCM), which is rather small (256 Kbytes). This requires remapping that block of ram into the Linux user space, and loading your encrypted program entirely into the OCM. This is definitely an advanced Linux programming application.
11-20-2017 06:34 AM
that you said "yes".
you mean that i can create Linux project through petalinux
for example to take BSP file of microzed board and create files for Linux OS.
One of the files is BOOT.bin (that include Uboot.elf and PL.bit)
and there i add partition of my application (.elf)?