WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Minor documentation fixes.

pull/568/head
David Garske 2025-02-25 12:44:25 -08:00 committed by Daniele Lacamera
parent 64c74b8233
commit 5e9cc8c603
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
IDE/XilinxSDK/README.md
View File

@ -214,7 +214,7 @@ Successfully ran Hello World application
4. Edit `xilskey_efuseps_zynqmp_input.h`
* 433 `#define XSK_EFUSEPS_WRITE_PPK0_HASH TRUE`
* 453 `#define XSK_EFUSEPS_PPK0_IS_SHA3 TRUE`
* 454 `#define XSK_EFUSEPS_PPK0_HASH "0000000000000000000000000000000000000000000000000000000000000000" /* from ppkf_hash.txt */``
* 454 `#define XSK_EFUSEPS_PPK0_HASH "0000000000000000000000000000000000000000000000000000000000000000" /* from ppkf_hash.txt */`
5. Update boot.bif (see boot_auth.bif)
```
@ -297,7 +297,7 @@ Example .bif that includes the PUF helper data and black key/iv. This enables th
the_ROM_image:
{
// Boot Header Authentication Enable
[fsbl_config] a53_x64, bh_auth_enable, puf4kmode, shutter=0x0100005E, pufhd_bh, auth_only
[fsbl_config] a53_x64, bh_auth_enable, puf4kmode, shutter=0x0100005E, pufhd_bh
[keysrc_encryption] bh_blk_key
[puf_file] helperdata.txt
[bh_key_iv] black_iv.txt
@ -310,7 +310,7 @@ the_ROM_image:
[pskfile] pskf.pem
[sskfile] sskf.pem
[bootloader, authentication=rsa, destination_cpu=a53-0] zynqmp_fsbl.elf
[bootloader, authentication=rsa, encryption=aes, destination_cpu=a53-0] zynqmp_fsbl.elf
[destination_cpu=pmu, authentication=rsa] pmufw.elf
[destination_device=pl, authentication=rsa] system.bit
[destination_cpu=a53-0, authentication=rsa, exception_level=el-3, trustzone] bl31.elf
@ -320,6 +320,11 @@ the_ROM_image:
}
```
Generated BOOT.BIN using: `bootgen -image bootgen.bif -arch zynqmp -o BOOT.BIN -w -p xzcu9eg`
This will create an encryption key file `zynqmp_fsbl.nky`.
### CSU JTAG Enable
When RSA authentication is enabled the JTAG feature is disabled in the PMU. To re-enable it (assuming eFuse allows it) build with `CFLAGS_EXTRA+=-DDEBUG_CSU=2` and apply the PMUFW patches below.

4
src/tpm.c
View File

@ -1245,8 +1245,8 @@ void wolfBoot_tpm2_deinit(void)
TPMA_SESSION_continueSession));
if (rc == 0) {
/* Change platform auth to random value, to prevent application
* from being able to use platform hierarchy. This is defined in
* section 10 of the TCG PC Client Platform specification. */
* from being able to use platform hierarchy. This is defined in
* section 10 of the TCG PC Client Platform specification. */
rc = wolfTPM2_ChangePlatformAuth(&wolftpm_dev, &wolftpm_session);
}
if (rc != 0) {