- Created by Confluence Wiki Admin, last modified by Mohan Marutirao Dhanawade on Jul 08, 2019
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
« Previous Version 2 Next »
Introduction
The XilSKey library provides APIs for programming and reading eFUSE bits and for programming the battery-backed RAM (BBRAM). Each SoC has different configuration of eFUSEs and BBRAM. Following list gives features with respect to each device.
Features Supported
- Programming/reading eFUSE's AES key, RSA Hashs, User key and Control Secure bits.
- Programming BBRAM with AES key.
Zynq-7000 Devices
- Processing System (PS) eFUSEs holds the RSA primary key hash bits and user feature bits, which can enable or disable some Zynq-7000 processor features
- Programmable Logic (PL) eFUSEs holds the AES key, the user key and some of the feature bits
- PL BBRAM holds the AES key
UltraScale/UltraScale+ Devices
- PL eFUSE holds the AES key, 32 bit and 128 bit user key, RSA hash and some of the feature bits
- PL BBRAM holds AES key with or without DPA protection enable or obfuscated key programming
Zynq UltraScale+ MPSoC Devices
- eFUSEs of Processing System (PS) of ZynqMP SoC holds the AES key, user data, PPK0 and PPK1 hashes, SPK_ID, some bits which can be used to enable/disable some of the features of SoC
- BBRAM holds the AES key
- Support of Physically Unclonable Function (PUF)
Refer following documents for detailed information on BBRAM and eFUSE functionality.
Caution:
eFUSE bits are one-time programmable. Once they are programmed(burnt), they cannot be modified.
XilSKey Library APIs
XilSKey library APIs divided into two parts – BBRAM APIs and eFUSE APIs. Following section gives glimpse of API functions of XilSKey library.
BBRAM APIs
XilSKey_ZynqMp_Bbram_Program | Writes input AES red key in BBRAM and verifies the write |
XilSKey_ZynqMp_Bbram_Zeroise | Zeroize's Key stored in BBRAM |
eFUSE APIs
Processing Systems (PS) eFUSE API | |
---|---|
XilSKey_ZynqMp_EfusePs_CheckAesKeyCrc | Performs CRC check of AES key stored in eFUSE |
XilSKey_ZynqMp_EfusePs_ReadUserFuse | Reads user eFUSE from eFUSE or cache |
XilSKey_ZynqMp_EfusePs_ReadPpk0Hash | Reads PPK0 hash from eFUSE or cache |
XilSKey_ZynqMp_EfusePs_ReadPpk1Hash | Reads PPK1 hash from eFUSE or cache |
XilSKey_ZynqMp_EfusePs_ReadSpkId | Reads SPK_ID hash from eFUSE or cache |
XilSKey_ZynqMp_EfusePs_ReadDna | Reads ZynqMP SoC DNA from eFUSE |
XilSKey_ZynqMp_EfusePs_ReadSecCtrlBits | Read the PS eFUSE secure control bits from eFUSE or cache |
XilSKey_ZynqMp_EfusePs_Write | Program the PS eFUSE of ZynqMP |
XilSKey_ZynqMp_EfusePs_WritePufHelprData | Programs the PS eFUSE's with PUF helper data |
XilSKey_ZynqMp_EfusePs_ReadPufHelprData | Reads the PS eFUSE's with PUF helper data |
XilSKey_ZynqMp_EfusePs_WritePufChash | Programs eFUSE's with PUF Chash value |
XilSKey_ZynqMp_EfusePs_ReadPufChash | Reads eFUSE's with PUF Chash value |
XilSKey_ZynqMp_EfusePs_WritePufAux | Programs eFUSE PUF Auxiliary Data |
XilSKey_ZynqMp_EfusePs_ReadPufAux | Reads eFUSE PUF Auxiliary Data |
Programmable Logic (PL) eFUSE API | |
XilSKey_EfusePl_Program | Programs PL eFUSE with input data |
XilSKey_EfusePl_ReadStatus | Reads the PL eFUSE status bits and gets all Secure and Control bits |
XilSKey_EfusePl_ReadKey | Verifies the input CRC matches with CRC of AES Key stored in eFUSE. It also initializes the timer, XADC and JTAG server subsystems, if not already done so. |
XilSKey_CrcCalculation | Calculates CRC value of provided key in string format |
XilSkey_CrcCalculation_AesKey | Calculates CRC value of provided key in binary format |
PUF APIs
XilSKey_Write_Puf_EfusePs_SecureBits | Programs the eFUSE PUF Secure Bits |
XilSKey_Read_Puf_EfusePs_SecureBits | Read the PS eFUSE PUF Secure Bits from eFUSE or cache |
XilSKey_Puf_Registration | Registration/Re-registration of PUF |
XilSKey_Puf_Regeneration | Regenerates PUF data |
Changelog
2016.3
Zynq
- Fixed Zynq eFUSE programming sequence, by programming DFT bits before eFUSE write protect bit.
- Added margin 2 read checks for Zynq eFUSE PS and PL.
Ultrascale
- Ultrscale eFUSE programming is handled using hardware module, Hardware module is controlled through GPIO pins, modified Ultrascale eFUSE example and input.h files to accept GPIO pin numbers from user.
- Corrected sysmon temperature reads of sysmon to 16-bit resolution.
- Added 128 bit user key programming.
- Provided single bit programming for User keys 32 and 128 bit User keys.
- Added error codes on failures.
- BBRAM is updated to have DPA protection and count configuration.
ZynqMP
- Modified ZynqMP PS eFUSE's single USER key programming to separate 32 bit User keys. Provided single bit programming for User Key.
2016.4
ZynqMP
- Added support for PUF registration, programming eFUSE with syndrome data, Auxilary value and CHash value.
Zynq
- Removed ForcePowerCycle and JtagDisable, from BBRAM Zynq PL instance as they are not actually programming any control bit. These are already exists in Zynq eFUSE PL instance.
2017.1
ZynqMP
- On ZynqMP Added CRC check after programming whole AES key.
- For each ZynqMP eFUSE bit programming added verification with all 3 margin reads
- Removed temperature and voltage checks for every eFUSE bit programming for ZynqMP.
- Added support for programming more secure control bits-Lbist,LPD/FPD SC enable.
- Modified PROG_GATE programming from three inputs to one.
2017.2
None
2017.3
- Provided support for programming eFUSE and BBRAM of Kintex Ultrascale plus
2017.4
None
2018.1
- Corrected status bits of Ultrascale Plus
2018.2
- Fixed hanging issue during program/zeroize request to ZynqMP BBRAM when programming mode is in enabled state.
2018.3
- Fixed armcc compile errors.
- Added support for programming eFuse from Linux via SMC calls.
- Added support for PUF regeneration.
2019.1
- Added IAR compiler support.
- Deprecated PPK0/1 SHA2 hash programming support.
- Added support to handle PUF underflow condition.
- Added support for Microblaze devices to select GPIO based on the design.
- Added support for SSIT devices on Microblaze.
Table of Content
- No labels