UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Observer nrubeli
Observer
149 Views
Registered: ‎10-24-2019

boot encrypted petalinux

Dear Community

I am currently working with a ZYNQ7000 ZC702 SoC and petaliunx. My Goal is to implement a secure boot with an SD-Card.

I successfully created the hardware project and built petalinux (following UG1144). I partitioned the SD Card as stated in UG1144, created a .bif file in the SDK (including FSBL, Bitstream and U-Boot) and copied the resulting BOOT.bin as well as the image.ub file to the first partition of my SD card. After that I extracted the file rootfs.tar.gz to the rootfs partition on my SD card. With this configuration I was able to encrypt FSBL, bitstream and SSBL and boot the system.

But, what if I want to encrypt the petalinux image as well? which files need to be included in my .bif file? I tried it with just including the uImage but that did not work out. Is it even possible to use a petalinux built with the petalinux tools or do I need a completly custom one (build device tree and everything myself) ?

Thanks in advance!

0 Kudos
2 Replies
133 Views
Registered: ‎07-23-2019

Re: boot encrypted petalinux

 

What do you want to encrypt? The root filesystem? why? It would only make the boot taking longer to load something anyone has access.

0 Kudos
Observer nrubeli
Observer
128 Views
Registered: ‎10-24-2019

Re: boot encrypted petalinux

I want to encrypt the petalinux image (everything that gets loaded by u-boot). I know that this is going to take longer. But later on in this project I need to load another OS that needs to be protected.

0 Kudos