11-13-2019 04:06 AM - edited 11-13-2019 04:59 AM
I am currently working with a ZYNQ7000 ZC702 SoC and petaliunx. My Goal is to implement a secure boot with an SD-Card.
I successfully created the hardware project and built petalinux (following UG1144). I partitioned the SD Card as stated in UG1144, created a .bif file in the SDK (including FSBL, Bitstream and U-Boot) and copied the resulting BOOT.bin as well as the image.ub file to the first partition of my SD card. After that I extracted the file rootfs.tar.gz to the rootfs partition on my SD card. With this configuration I was able to encrypt FSBL, bitstream and SSBL and boot the system.
But, what if I want to encrypt the petalinux image as well? which files need to be included in my .bif file? I tried it with just including the uImage but that did not work out. Is it even possible to use a petalinux built with the petalinux tools or do I need a completly custom one (build device tree and everything myself) ?
Thanks in advance!
11-13-2019 04:57 AM
I want to encrypt the petalinux image (everything that gets loaded by u-boot). I know that this is going to take longer. But later on in this project I need to load another OS that needs to be protected.