- This line was added.
- This line was removed.
- Formatting was changed.
The XilSKey library provides APIs for programming and reading eFUSE bits and for programming the battery-backed RAM (BBRAM). Each SoC has different configuration of eFUSEs and BBRAM. Following list gives features with respect to each device.
- Programming/reading eFUSE's AES key, RSA Hashs, User key and Control Secure bits.
- Programming BBRAM with AES key.
- Processing System (PS) eFUSEs holds the RSA primary key hash bits and user feature bits, which can enable or disable some Zynq-7000 processor features
- Programmable Logic (PL) eFUSEs holds the AES key, the user key and some of the feature bits
- PL BBRAM holds the AES key
Supports for both mono or SSIT devices.
- PL eFUSE holds the AES key, 32 bit and 128 bit user key, RSA hash and some of the feature bits
- PL BBRAM holds AES key with or without DPA protection enable or obfuscated key programming
Zynq UltraScale+ MPSoC Devices
- eFUSEs of Processing System (PS) of ZynqMP SoC holds the AES key, user data, PPK0 and PPK1 hashes, SPK_ID, some bits which can be used to enable/disable some of the features of SoC
- BBRAM holds the AES key
- Support of Physically Unclonable Function (PUF)
- Supports ZU+ PL similar to Ultrascale plus devices.
Refer following documents for detailed information on BBRAM and eFUSE functionality.
eFUSE bits are one-time programmable. Once they are programmed(burnt), they cannot be modified.
XilSKey Library APIs
XilSKey library APIs divided into two parts – BBRAM APIs and eFUSE APIs. Following section gives glimpse of API functions of XilSKey library.
Writes input AES red key in BBRAM and verifies the write
Zeroize's Key stored in BBRAM
Processing Systems (PS) eFUSE API
Performs CRC check of AES key stored in eFUSE
Reads user eFUSE from eFUSE or cache
Reads PPK0 hash from eFUSE or cache
Reads PPK1 hash from eFUSE or cache
Reads SPK_ID hash from eFUSE or cache
Reads ZynqMP SoC DNA from eFUSE
Read the PS eFUSE secure control bits from eFUSE or cache
Program the PS eFUSE of ZynqMP
Programs the PS eFUSE's with PUF helper data
Reads the PS eFUSE's with PUF helper data
Programs eFUSE's with PUF Chash value
Reads eFUSE's with PUF Chash value
Programs eFUSE PUF Auxiliary Data
Reads eFUSE PUF Auxiliary Data
Programmable Logic (PL) eFUSE API
Programs PL eFUSE with input data
Reads the PL eFUSE status bits and gets all Secure and Control bits
Verifies the input CRC matches with CRC of AES Key stored in eFUSE.
It also initializes the timer, XADC and JTAG server subsystems, if not already done so.
Calculates CRC value of provided key in string format
Calculates CRC value of provided key in binary format
Programs the eFUSE PUF Secure Bits
Read the PS eFUSE PUF Secure Bits from eFUSE or cache
Registration/Re-registration of PUF
|XilSKey_Puf_Regeneration||Regenerates PUF data|
- Fixed Zynq eFUSE programming sequence, by programming DFT bits before eFUSE write protect bit.
- Added margin 2 read checks for Zynq eFUSE PS and PL.
- Ultrscale eFUSE programming is handled using hardware module, Hardware module is controlled through GPIO pins, modified Ultrascale eFUSE example and input.h files to accept GPIO pin numbers from user.
- Corrected sysmon temperature reads of sysmon to 16-bit resolution.
- Added 128 bit user key programming.
- Provided single bit programming for User keys 32 and 128 bit User keys.
- Added error codes on failures.
- BBRAM is updated to have DPA protection and count configuration.
- Modified ZynqMP PS eFUSE's single USER key programming to separate 32 bit User keys. Provided single bit programming for User Key.
- Added support for PUF registration, programming eFUSE with syndrome data, Auxilary value and CHash value.
- Removed ForcePowerCycle and JtagDisable, from BBRAM Zynq PL instance as they are not actually programming any control bit. These are already exists in Zynq eFUSE PL instance.
- On ZynqMP Added CRC check after programming whole AES key.
- For each ZynqMP eFUSE bit programming added verification with all 3 margin reads
- Removed temperature and voltage checks for every eFUSE bit programming for ZynqMP.
- Added support for programming more secure control bits-Lbist,LPD/FPD SC enable.
- Modified PROG_GATE programming from three inputs to one.
- Provided support for programming eFUSE and BBRAM of Kintex Ultrascale plus
- Corrected status bits of Ultrascale Plus
- Fixed hanging issue during program/zeroize request to ZynqMP BBRAM when programming mode is in enabled state.
- Fixed armcc compile errors.
- Added support for programming eFuse from Linux via SMC calls.
- Added support for PUF regeneration.
- Added IAR compiler support.
- Deprecated PPK0/1 SHA2 hash programming support.
- Added support to handle PUF underflow condition.
- Added support for Microblaze devices to select GPIO based on the design.
- Added support for SSIT devices on Microblaze.
Zynq Ultrascale plus
- Fixed MISRAC violations and coverity warnings and updated doxygen comments.
- Updated doxygen comments.
- Moved floating point calculation to compile time in ZU+ PS
- Fixed CHASH reading from wrong location of syndrome
data in Zynqmp
- Corrected length of data to be read.
- Fixed controller locking back in ZU+
- Reporting puf_acc_error to user.
- Added assert statements
- Initialized Status variables to XST_FAILURE
- Removed Tbits programming code in ZU+
- Added sysmon override or not option under BSP settings
Ultrascale/Ultrascale plus device
- Added support for user to add IDCODES for microblaze devices
- Added Debug define for dummy programming for microblaze
- Added support to access ZU+ PL efuse and BBRAM
- Modified Microblaze SSIT devices based on CONFIG ORDER
- Aligned spaces in dependecies.props
- Disabled BBRAM programming mode after key write
- Fixes coverity warnings
- Depecrated XilSKey_Puf_Fetch_Dbg_Mode2_result functionality
- Fixed ARMCC compilation errors
- Removed ZynqMP efuse temperature and voltage checks for efuse reads
- Deprecated support to read from efuse memory, if requested throws an error
- Placed temperature and voltage checks before enabling programming
Table of Content
|Table of Contents|