cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Observer
Observer
480 Views
Registered: ‎10-24-2019

boot encrypted petalinux

Dear Community

I am currently working with a ZYNQ7000 ZC702 SoC and petaliunx. My Goal is to implement a secure boot with an SD-Card.

I successfully created the hardware project and built petalinux (following UG1144). I partitioned the SD Card as stated in UG1144, created a .bif file in the SDK (including FSBL, Bitstream and U-Boot) and copied the resulting BOOT.bin as well as the image.ub file to the first partition of my SD card. After that I extracted the file rootfs.tar.gz to the rootfs partition on my SD card. With this configuration I was able to encrypt FSBL, bitstream and SSBL and boot the system.

But, what if I want to encrypt the petalinux image as well? which files need to be included in my .bif file? I tried it with just including the uImage but that did not work out. Is it even possible to use a petalinux built with the petalinux tools or do I need a completly custom one (build device tree and everything myself) ?

Thanks in advance!

0 Kudos
2 Replies
Highlighted
464 Views
Registered: ‎07-23-2019

 

What do you want to encrypt? The root filesystem? why? It would only make the boot taking longer to load something anyone has access.

0 Kudos
Highlighted
Observer
Observer
459 Views
Registered: ‎10-24-2019

I want to encrypt the petalinux image (everything that gets loaded by u-boot). I know that this is going to take longer. But later on in this project I need to load another OS that needs to be protected.

0 Kudos