xilinx / bootgen Goto Github PK

View Code? Open in Web Editor NEW

30.0 12.0 40.0 2.02 MB

bootgen source code

License: Other

C++ 82.98% C 12.90% Makefile 0.07% Lex 1.26% Yacc 2.79%

bootgen's Introduction

bootgen.git - Source code for Xilinx Bootgen

Overview

This repository contains source code to build Bootgen for SoC devices.

This repository provides NO support for traditional FPGA devices (Artix, Kintex, and Virtex families). These features are only available as part of Bootgen shipped with Vivado tools.

For SoC devices (Zynq-7000, Zynq UltraScale+ MPSoC, etc), this repository includes support for all features of BootGen, including BIN file construction and boot-time authentication and encryption based on OpenSSL (see details below).

For more details about Bootgen usage, please refer to Xilinx UG1283.

Obfuscated Key generation

Bootgen also supports Obfuscated Key generation using a Xilinx proprietary software. If you are using this proprietary flow, please contact a Xilinx® representative at '[email protected]'for details and to ensure export compliance.

Build instructions

Platform Support

Bootgen can be built for both Linux and Windows operating systems. It can be compiled natively for x86-based computers as well as cross-compiled for ARM-based platforms.

The following 3rd party packages are required to build Bootgen:

OpenSSL v1.1.1b libraries
- Windows libraries are available at http://slproweb.com/products/Win32OpenSSL.html
- Linux libraries are part of libssl-dev package

Linux Builds

A Makefile is included along with the code to build Bootgen for Linux. This Makefile creates an executable named bootgen, when run.

Install OpenSSL libraries.
In the bootgen directory, run

make
If OpenSSL libraries are located at a custom path, you can link with these libraries as given below.

Assuming OpenSSL libraries are located at /home/$USER/local/openssl,

make "LIBS=/home/$USER/local/openssl/lib/libssl.a /home/$USER/local/openssl/lib/libcrypto.a -ldl -lpthread"
"INCLUDE_USER=-I/home/$USER/local/openssl/include"

Windows Builds

Download and install "Win64 OpenSSL v1.1.1b", from http://slproweb.com/products/Win32OpenSSL.html.
Use Microsoft Visual Studio 2015 to build Bootgen source code and link it . with OpenSSL libraries downloaded in previous step.

Cross-compiling Bootgen

Bootgen can be cross-compiled to run on Xilinx processors.

Cross-compile openssl libraries.
Cross-compile Bootgen code and link against the libraries built above make "CROSS_COMPILER=aarch64-linux-gnu-g++" "LIBS=<opensslarm/lib/libssl.a>
<opensslarm/lib/libcrypto.a> -ldl -lpthread" "INCLUDE_USER=-I<opensslarm/include>"'

OpenSSL License

Bootgen links with openssl libraries. Below is openssl copyright.

 Copyright (c) 1998-2019 The OpenSSL Project.  All rights reserved.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions
 are met:

 1. Redistributions of source code must retain the above copyright
    notice, this list of conditions and the following disclaimer.

 2. Redistributions in binary form must reproduce the above copyright
    notice, this list of conditions and the following disclaimer in
    the documentation and/or other materials provided with the
    distribution.

 3. All advertising materials mentioning features or use of this
    software must display the following acknowledgment:
    "This product includes software developed by the OpenSSL Project
    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
    endorse or promote products derived from this software without
    prior written permission. For written permission, please contact
    [email protected].

 5. Products derived from this software may not be called "OpenSSL"
    nor may "OpenSSL" appear in their names without prior written
    permission of the OpenSSL Project.

 6. Redistributions of any form whatsoever must retain the following
    acknowledgment:
    "This product includes software developed by the OpenSSL Project
    for use in the OpenSSL Toolkit (http://www.openssl.org/)"

 THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 OF THE POSSIBILITY OF SUCH DAMAGE.

bootgen's People

Contributors

Stargazers

Watchers

bootgen's Issues

Please tag the 2019.2 release

I'm adding a package to buildroot to support this tool and would like to reference a released tag.

FPGA authentication, Zynqmp

I am trying to use the same key used for signing boot.bin to sign the fpga bistream.
For Zynqmp this key is 4096bits.

However when I execute the following bif:

jramirez@trex lmp-tools (master *+%)$ cat bifs/fpga.bif 
the_ROM_image:
{
        [sskfile] keys/SSK.pem
        [authentication=rsa] fpga.bit
}

and try to sign the bitstream:

./bootgenl -arch fpga -image bifs/fpga.bif -o fpga-signed.bin -w on -log error

I get the following error:

****** Xilinx Bootgen v2021.1
  **** Build date : Jul 20 2021-15:27:34
    ** Copyright 1986-2021 Xilinx, Inc. All Rights Reserved.

[ERROR]  : Incorrect Key Size !!!
           Key Size is 4096 bits. Expected key size is 2048 bits

Should I be signing differently?

strtoul in bif.l corrupts numbers larger than 2^32 on Windows

On line 277 of bif.l, strtoul is used to convert the value from a string to uint64_t.
However on Windows, unsigned long is 32 bits not 64, so strtoul will silently corrupt any value greater than 0xFFFFFFFF to that value.

The correct function should be strtoull

Grammar railroad diagram

Looking at bif.y there is several conflicts:

bif.y: warning: 125 shift/reduce conflicts [-Wconflicts-sr]
bif.y: warning: 141 reduce/reduce conflicts [-Wconflicts-rr]

The navigable railroad diagram shown bellow can help fix/debug/develop/document the grammar:

//
// EBNF to be viewd at
//    (IPV6) https://www.bottlecaps.de/rr/ui
//    (IPV4) https://rr.red-dove.com/ui
//
// Copy and paste this at one of the urls shown above in the 'Edit Grammar' tab
// then click the 'View Diagram' tab.
//

bif ::=
	group_list

group_list ::=
	/*empty*/
	| group_list bifoptions

bifoptions ::=
	INCLUDE COLON filename

bifoptions ::=
	WORD COLON OBRACE file_list EBRACE

file_list ::=
	/*empty*/
	| file_list file_spec
	| file_list other_spec
	| file_list image_spec
	| file_list metahdr_spec
	| file_list new_pdi_spec
	| file_list new_file_spec
	| file_list partition_spec

metahdr_spec ::=
	METAHEADER OBRACE  metahdr_attr_list EBRACE

metahdr_attr_list ::=
	metahdr_attr
	| metahdr_attr COMMA metahdr_attr_list
	| metahdr_attr metahdr_attr_list

metahdr_attr ::=
	/*empty*/
	| ENCRYPTION EQUAL encrvalue
	| KEYSRC_ENCRYPTION EQUAL key_src
	| AES_KEY_FILE EQUAL filename
	| AUTHENTICATION EQUAL authvalue
	| PPK_FILE EQUAL filename
	| PSK_FILE EQUAL filename
	| SPK_FILE EQUAL filename
	| SSK_FILE EQUAL filename
	| SPK_SIGNATURE_FILE EQUAL filename
	| PRESIGN EQUAL filename
	| REVOKE_ID EQUAL expression
	| CHECKSUM EQUAL checkvalue
	| DPA_CM
	| BLOCKS EQUAL metahdr_blk
	| PUFHD_LOC

optional_data ::=
	optional_data_attr
	| optional_data_attr SEMICOLON optional_data

optional_data_attr ::=
	filename COMMA ID EQUAL expression
	| /*empty*/

metahdr_blk ::=
	metahdr_blk_attr
	| metahdr_blk_attr SEMICOLON metahdr_blk

metahdr_blk_attr ::=
	expression
	| expression LPAREN expression RPAREN
	| expression LPAREN ASTERISK RPAREN

new_pdi_spec ::=
	ID EQUAL expression
	| PARENT_ID EQUAL expression
	| ID_CODE EQUAL expression
	| EXT_ID_CODE EQUAL expression
	| other_file_attr EQUAL filename
	| KEYSRC_ENCRYPTION EQUAL key_src
	| PARTITION_TYPE EQUAL ptypevalue
	| REVOKE_ID EQUAL expression

image_spec ::=
	image_list
	| image_spec image_list

image_list ::=
	IMAGE OBRACE image_content EBRACE

image_content ::=
	/*empty*/
	| image_content image_attributes_list
	| image_content file_spec
	| image_content partition_spec

image_attributes_list ::=
	image_attributes
	| image_attributes COMMA image_attributes_list
	| image_attributes image_attributes_list

image_attributes ::=
	ID EQUAL expression
	| NAME EQUAL WORD
	| DELAY_HANDOFF
	| DELAY_LOAD
	| INIT
	| COPY EQUAL expression
	| PARTITION_TYPE EQUAL ptypevalue
	| UNIQUE_ID EQUAL expression
	| PARENT_UNIQUE_ID EQUAL expression
	| FUNCTION_ID EQUAL expression
	| PCR_NUMBER EQUAL expression
	| PCR_MEASUREMENT_INDEX EQUAL expression

partition_spec ::=
	PARTITION partition_content
	| partition_content

partition_content ::=
	/*empty*/
	| partition_content file_spec
	| partition_content new_file_spec

other_spec ::=
	OBRACKET KEYSRC_ENCRYPTION EBRACKET key_src

other_spec ::=
	OBRACKET FSBL_CONFIG EBRACKET fsbl_attr_list
	| FSBL_CONFIG OBRACE fsbl_attr_list EBRACE
	| BOOT_DEVICE OBRACE sec_boot_attr_list EBRACE
	| OBRACKET BOOT_DEVICE EBRACKET boot_device_type
	| BOOT_DEVICE EQUAL boot_device_type
	| OBRACKET AUTH_PARAMS EBRACKET auth_parameters
	| OBRACKET SPLIT EBRACKET split_options
	| OBRACKET BOOTVECTORS EBRACKET bootvectors_list
	| AUTHJTAG_CONFIG OBRACE authjtag_attr_list EBRACE
	| OPTIONAL_DATA OBRACE optional_data EBRACE

sec_boot_attr_list ::=
	sec_boot_attr
	| sec_boot_attr COMMA sec_boot_attr_list

sec_boot_attr ::=
	boot_device_type
	| IMAGE_STORE
	| ADDRESS EQUAL expression

fsbl_attr_list ::=
	fsbl_attr
	| fsbl_attr COMMA fsbl_attr_list

authjtag_attr_list ::=
	authjtag_attr
	| authjtag_attr COMMA authjtag_attr_list
	| authjtag_attr authjtag_attr_list

authjtag_attr ::=
	REVOKE_ID EQUAL expression
	| DEVICE_DNA EQUAL HEXWORD
	| JTAG_TIMEOUT EQUAL expression

fsbl_attr ::=
	core
	| bh_rsa
	| auth_hash
	| int_hash
	| pufhd_loc
	| auth_only
	| opt_key
	| PUF4KMODE
	| SHUTTER EQUAL expression
	| dpa_cm
	| SMAP_WIDTH EQUAL expression
	| BYPASS_IDCODE_CHECK
	| A_HWROT
	| S_HWROT
	| PUFROSWAP EQUAL expression
	| DICE

file_spec ::=
	OBRACKET attribute_list EBRACKET filename
	| filename

new_file_spec ::=
	OBRACE new_attribute_list EBRACE

new_attribute_list ::=
	attribute
	| new_attribute
	| new_attribute COMMA new_attribute_list
	| attribute COMMA new_attribute_list
	| new_attribute new_attribute_list
	| attribute new_attribute_list

new_attribute ::=
	PFILE EQUAL filename
	| ID EQUAL expression
	| IMAGE_STORE EQUAL expression
	| PARTITION_TYPE EQUAL boolattr
	| PARTITION_TYPE EQUAL PMCDATA
	| BIF_SECTION EQUAL WORD

attribute_list ::=
	attribute
	| attribute COMMA attribute_list

attribute ::=
	boolattr
	| optattr
	| numattr
	| fileattr
	| blocksattr_list

blocksattr_list ::=
	BLOCKS EQUAL blocksattr
	| AUTHBLOCKS EQUAL authblockattr

blocksattr ::=
	blockattr
	| blockattr SEMICOLON blocksattr

bootvectors_list ::=
	bootvector
	| bootvector COMMA bootvectors_list

bootvector ::=
	expression

authblockattr ::=
	expression

boolattr ::=
	BOOTLOADER
	| BOOT
	| USER
	| STATIC
	| NOAUTOSTART
	| MULTIBOOT
	| PROTECTED
	| EARLY_HANDOFF
	| HIVEC
	| XIP_MODE
	| INIT
	| BOOTIMAGE
	| key_file
	| other_files
	| ptypevalue
	| LOCKSTEP

trustzone_type ::=
	TRUSTZONE
	| TRUSTZONE EQUAL TRUSTZONE_TYPE

blockattr ::=
	expression
	| expression LPAREN expression RPAREN
	| expression LPAREN ASTERISK RPAREN

optattr ::=
	AUTHENTICATION EQUAL authvalue
	| ENCRYPTION EQUAL encrvalue
	| CHECKSUM EQUAL checkvalue
	| PARTITION_OWNER EQUAL pownervalue
	| DEST_CPU EQUAL dest_cpu_type
	| DEST_DEVICE EQUAL dest_device_type
	| EXCEPTION_LEVEL EQUAL exception_level_type
	| AES_KEY_FILE EQUAL filename
	| PPK_FILE EQUAL filename
	| PSK_FILE EQUAL filename
	| SPK_FILE EQUAL filename
	| SSK_FILE EQUAL filename
	| SPK_SELECT EQUAL spkselect
	| SPK_ID EQUAL expression
	| SPK_SIGNATURE_FILE EQUAL filename
	| trustzone_type
	| PARTITION_TYPE EQUAL ptypevalue
	| KEYSRC_ENCRYPTION EQUAL key_src
	| REVOKE_ID EQUAL expression
	| DPA_CM
	| SLR_NUM EQUAL expression
	| CLUSTER_NUM EQUAL expression
	| PUFHD_LOC
	| DELAY_AUTH
	| TCM_BOOT

other_file_attr ::=
	INIT
	| key_file
	| BH_KEK_IV
	| BBRAM_KEK_IV
	| EFUSE_KEK_IV
	| EFUSE_USER_KEK0_IV
	| EFUSE_USER_KEK1_IV
	| USER_KEYS

authvalue ::=
	NONE
	| AUTHVALUE

encrvalue ::=
	NONE
	| ENCRVALUE

checkvalue ::=
	NONE
	| CHECKSUMVALUE

pownervalue ::=
	POWNERVALUE

ptypevalue ::=
	PTYPEVALUE

key_src ::=
	KEY_SRC

core ::=
	CORE

bh_rsa ::=
	BH_RSA

dpa_cm ::=
	DPA_CM

auth_hash ::=
	AUTH_HASH

int_hash ::=
	INT_HASH

pufhd_loc ::=
	PUFHD_LOC

opt_key ::=
	OPT_KEY

auth_only ::=
	AUTH_ONLY

boot_device_type ::=
	BOOT_DEVICE_TYPE

dest_cpu_type ::=
	DEST_CPU_TYPE

dest_device_type ::=
	DEST_DEVICE_TYPE

exception_level_type ::=
	EXCEPTION_LEVEL_TYPE

numattr ::=
	ALIGNMENT EQUAL expression
	| OFFSET EQUAL expression
	| RESERVE_LEGACY EQUAL expression
	| RESERVE EQUAL expression
	| LOAD EQUAL expression
	| STARTUP EQUAL expression
	| BIGENDIAN
	| A32_MODE
	| PARTITION_NUM EQUAL expression
	| TCM_A_REGION EQUAL expression
	| TCM_B_REGION EQUAL expression
	| TCM_C_REGION EQUAL expression

fileattr ::=
	PRESIGN EQUAL filename
	| UDF_DATA EQUAL filename

key_file ::=
	AES_KEY_FILE
	| rsa_key_file
	| SPK_SIGNATURE_FILE
	| BH_SIGNATURE_FILE
	| HEADER_SIGNATURE_FILE
	| BH_KEY_FILE
	| PUF_HELPER_FILE
	| BH_KEY_IV
	| FAMILY_KEY

rsa_key_file ::=
	PPK_FILE
	| PSK_FILE
	| SPK_FILE
	| SSK_FILE

other_files ::=
	PMUFW_IMAGE
	| PMCDATA
	| UDF_BH

auth_parameters ::=
	PPK_SELECT EQUAL expression
	| SPK_SELECT EQUAL spkselect
	| SPK_ID EQUAL expression
	| HEADER_AUTH
	| auth_parameters SEMICOLON auth_parameters

spkselect ::=
	SPKSELECT

split_options ::=
	SPLIT_MODE EQUAL splitmode
	| SPLIT_FMT EQUAL splitfmt
	| split_options COMMA split_options

splitmode ::=
	SPLITMODE

splitfmt ::=
	MCS
	| BIN

filename ::=
	FILENAME
	| QFILENAME

number ::=
	HEXVALUE
	| DECVALUE
	| LPAREN expression RPAREN

unary_expression ::=
	number
	| PLUS unary_expression
	| NEGATION unary_expression

multiplicative_expression ::=
	unary_expression
	| multiplicative_expression MULT unary_expression
	| multiplicative_expression DIVIDE unary_expression
	| multiplicative_expression MODULO unary_expression

additive_expression ::=
	multiplicative_expression
	| additive_expression PLUS multiplicative_expression
	| additive_expression MINUS multiplicative_expression

shift_expression ::=
	additive_expression
	| shift_expression LSHIFT additive_expression
	| shift_expression RSHIFT additive_expression

and_expression ::=
	shift_expression
	| and_expression AND shift_expression

xor_expression ::=
	and_expression
	| xor_expression XOR and_expression

expression ::=
	xor_expression
	| expression OR xor_expression


//Tokens

BOOTLOADER ::= "bootloader"
PRESIGN ::= "presign"
UDF_DATA ::= "udf_data"
XIP_MODE ::= "xip_mode"
BOOT ::= "boot"
USER ::= "user"
STATIC ::= "static"
NOAUTOSTART ::= "noautostart"
MULTIBOOT ::= "multiboot"
PROTECTED ::= "protected"
ALIGNMENT ::= "alignment"
EARLY_HANDOFF ::= "early_handoff"
DELAY_HANDOFF ::= "delay_handoff"
DELAY_LOAD ::= "delay_load"
DELAY_AUTH ::= "delay_auth"
HIVEC ::= "hivec"
BLOCKS ::= "blocks"
AUTHBLOCKS ::= "authblocks"
BIGENDIAN ::= "big_endian"
A32_MODE ::= "aarch32_mode"
PARTITION ::= "partition"
IMAGE ::= "image"
METAHEADER ::= "metaheader"
BIF_SECTION ::= "section"
LOCKSTEP ::= "lockstep"
INCLUDE ::= "include"
TCM_BOOT ::= "tcmboot"
OPTIONAL_DATA ::= "optionaldata"

OFFSET ::= "offset"
RESERVE_LEGACY ::= "reserve_legacy"
RESERVE ::= "reserve"
LOAD ::= "load"
COPY ::= "copy"
STARTUP ::= "startup"
PARTITION_NUM ::= "pid"
INIT ::= "init"
UDF_BH ::= "udf_bh"
AES_KEY_FILE ::= "aeskeyfile"
PPK_FILE ::= "ppkfile"
PSK_FILE ::= "pskfile"
SPK_FILE ::= "spkfile"
SSK_FILE ::= "sskfile"
SPK_SIGNATURE_FILE ::= "spksignature"
BH_SIGNATURE_FILE ::= "bhsignature"
HEADER_SIGNATURE_FILE ::= "headersignature"
BOOTVECTORS ::= "bootvectors"
BOOTIMAGE ::= "bootimage"
PARENT_ID ::= "parent_id"
ID_CODE ::= "id_code"
EXT_ID_CODE ::= "extended_id_code"
ID ::= "id"
NAME ::= "name"
PFILE ::= "file"
BH_KEY_FILE ::= "bh_keyfile"
PUF_HELPER_FILE ::= "puf_file"
PMUFW_IMAGE ::= "pmufw_image"
PMCDATA ::= "pmcdata"
BH_KEY_IV ::= "bh_key_iv"
UNIQUE_ID ::= "uid"
PARENT_UNIQUE_ID ::= "parent_uid"
FUNCTION_ID ::= "function_id"
PCR_NUMBER ::= "pcr"
PCR_MEASUREMENT_INDEX ::= "pcr_mindex"
IMAGE_STORE ::= "imagestore"
TCM_A_REGION ::= "tcm_a_region"
TCM_B_REGION ::= "tcm_b_region"
TCM_C_REGION ::= "tcm_c_region"

BBRAM_KEK_IV ::= "bbram_kek_iv"
BH_KEK_IV ::= "bh_kek_iv"
EFUSE_KEK_IV ::= "efuse_kek_iv"
EFUSE_USER_KEK0_IV ::= "efuse_user_kek0_iv"
EFUSE_USER_KEK1_IV ::= "efuse_user_kek1_iv"
USER_KEYS ::= "userkeys"

FAMILY_KEY ::= "familykey"

ENCRYPTION ::= "encryption"
NONE ::= "none"
ENCRVALUE ::= "aes"

AUTHENTICATION ::= "authentication"
AUTHVALUE ::= "rsa"
AUTHVALUE ::= "ecdsa"
AUTHVALUE ::= "ecdsa-p384"
AUTHVALUE ::= "ecdsa-p521"

CHECKSUM ::= "checksum"
CHECKSUMVALUE ::= "md5"
CHECKSUMVALUE ::= "sha2"
CHECKSUMVALUE ::= "sha3"

PARTITION_OWNER ::= "partition_owner"
PARTITION_OWNER ::= "owner"
POWNERVALUE ::= "fsbl"
POWNERVALUE ::= "uboot"
POWNERVALUE ::= "pmc"
POWNERVALUE ::= "non-pmc"
POWNERVALUE ::= "plm"
POWNERVALUE ::= "non-plm"

PARTITION_TYPE ::= "partition_type"
PARTITION_TYPE ::= "type"
PTYPEVALUE ::= "cdo"
PTYPEVALUE ::= "raw"
PTYPEVALUE ::= "cfi"
PTYPEVALUE ::= "cfi-gsc"
PTYPEVALUE ::= "slr-boot"
PTYPEVALUE ::= "slr-config"
PTYPEVALUE ::= "slr-slave"
PTYPEVALUE ::= "slr-slave-boot"
PTYPEVALUE ::= "slr-slave-config"
PTYPEVALUE ::= "elf"

KEYSRC_ENCRYPTION ::= "keysrc_encryption"
KEYSRC_ENCRYPTION ::= "keysrc"
KEY_SRC ::= "efuse"
KEY_SRC ::= "bbram"
KEY_SRC ::= "efuse_red_key"
KEY_SRC ::= "efuse_blk_key"
KEY_SRC ::= "efuse_gry_key"
KEY_SRC ::= "bbram_red_key"
KEY_SRC ::= "bbram_blk_key"
KEY_SRC ::= "bbram_gry_key"
KEY_SRC ::= "bh_gry_key"
KEY_SRC ::= "bh_blk_key"
KEY_SRC ::= "user_key0"
KEY_SRC ::= "user_key1"
KEY_SRC ::= "user_key2"
KEY_SRC ::= "user_key3"
KEY_SRC ::= "user_key4"
KEY_SRC ::= "user_key5"
KEY_SRC ::= "user_key6"
KEY_SRC ::= "user_key7"
KEY_SRC ::= "efuse_user_key0"
KEY_SRC ::= "efuse_user_blk_key0"
KEY_SRC ::= "efuse_user_gry_key0"
KEY_SRC ::= "efuse_user_key1"
KEY_SRC ::= "efuse_user_blk_key1"
KEY_SRC ::= "efuse_user_gry_key1"
KEY_SRC ::= "kup_key"

FSBL_CONFIG ::= "fsbl_config"
FSBL_CONFIG ::= "boot_config"
FSBL_CONFIG ::= "image_config"
CORE ::= "r5_single"
CORE ::= "a53_x32"
CORE ::= "a5x_x32"
CORE ::= "a53_x64"
CORE ::= "a5x_x64"
CORE ::= "r5_dual"
BH_RSA ::= "bh_auth_enable"
AUTH_HASH ::= "auth_sha2_enable"
INT_HASH ::= "INT_HASH"
PUFHD_LOC ::= "pufhd_bh"
AUTH_ONLY ::= "auth_only"
OPT_KEY ::= "opt_key"
PUF4KMODE ::= "puf4kmode"
SHUTTER ::= "shutter"
PUFROSWAP ::= "puf_ro_swap"
DPA_CM ::= "dpacm_enable"
DICE ::= "dice_enable"
SMAP_WIDTH ::= "smap_width"
BYPASS_IDCODE_CHECK ::= "bypass_idcode_check"
A_HWROT ::= "a_hwrot"
S_HWROT ::= "s_hwrot"

BOOT_DEVICE ::= "boot_device"
ADDRESS ::= "address"
BOOT_DEVICE_TYPE ::= "qspi32"
BOOT_DEVICE_TYPE ::= "qspi24"
BOOT_DEVICE_TYPE ::= "nand"
BOOT_DEVICE_TYPE ::= "sd0"
BOOT_DEVICE_TYPE ::= "sd1"
BOOT_DEVICE_TYPE ::= "sd-ls"
BOOT_DEVICE_TYPE ::= "mmc"
BOOT_DEVICE_TYPE ::= "usb"
BOOT_DEVICE_TYPE ::= "ethernet"
BOOT_DEVICE_TYPE ::= "pcie"
BOOT_DEVICE_TYPE ::= "sata"
BOOT_DEVICE_TYPE ::= "ospi"
BOOT_DEVICE_TYPE ::= "smap"
BOOT_DEVICE_TYPE ::= "sbi"
BOOT_DEVICE_TYPE ::= "sd0-raw"
BOOT_DEVICE_TYPE ::= "sd1-raw"
BOOT_DEVICE_TYPE ::= "sd-ls-raw"
BOOT_DEVICE_TYPE ::= "mmc-raw"
BOOT_DEVICE_TYPE ::= "mmc0"
BOOT_DEVICE_TYPE ::= "mmc0-raw"

DEST_CPU ::= "destination_cpu"
DEST_CPU ::= "core"
DEST_CPU_TYPE ::= "a53-0"
DEST_CPU_TYPE ::= "a72-0"
DEST_CPU_TYPE ::= "a78-0"
DEST_CPU_TYPE ::= "a5x-0"
DEST_CPU_TYPE ::= "a53-1"
DEST_CPU_TYPE ::= "a72-1"
DEST_CPU_TYPE ::= "a78-1"
DEST_CPU_TYPE ::= "a5x-1"
DEST_CPU_TYPE ::= "a53-2"
DEST_CPU_TYPE ::= "a78-2"
DEST_CPU_TYPE ::= "a5x-2"
DEST_CPU_TYPE ::= "a53-3"
DEST_CPU_TYPE ::= "a78-3"
DEST_CPU_TYPE ::= "a5x-3"
DEST_CPU_TYPE ::= "r5-0"
DEST_CPU_TYPE ::= "r52-0"
DEST_CPU_TYPE ::= "r5-1"
DEST_CPU_TYPE ::= "r52-1"
DEST_CPU_TYPE ::= "r5-lockstep"
DEST_CPU_TYPE ::= "pmu"
DEST_CPU_TYPE ::= "psm"
DEST_CPU_TYPE ::= "aie"
CLUSTER_NUM ::= "cluster"

DEST_DEVICE ::= "destination_device"
DEST_DEVICE_TYPE ::= "ps"
DEST_DEVICE_TYPE ::= "pl"
DEST_DEVICE_TYPE ::= "pmufw"
DEST_DEVICE_TYPE ::= "xip"

EXCEPTION_LEVEL ::= "exception_level"
EXCEPTION_LEVEL_TYPE ::= "el-0"
EXCEPTION_LEVEL_TYPE ::= "el-1"
EXCEPTION_LEVEL_TYPE ::= "el-2"
EXCEPTION_LEVEL_TYPE ::= "el-3"

TRUSTZONE ::= "trustzone"
TRUSTZONE_TYPE ::= "secure"
TRUSTZONE_TYPE ::= "nonsecure"

SLR_NUM ::= "slr"

AUTH_PARAMS ::= "auth_params"
PPK_SELECT ::= "ppk_select"
SPK_SELECT ::= "spk_select"
SPKSELECT ::= "spk-efuse"
SPKSELECT ::= "user-efuse"
SPK_ID ::= "spk_id"
HEADER_AUTH ::= "header_auth"

REVOKE_ID ::= "revoke_id"

SPLIT ::= "split"
SPLIT_MODE ::= "mode"
SPLITMODE ::= "slaveboot"
SPLITMODE ::= "normal"
SPLIT_FMT ::= "fmt"
MCS ::= "mcs"
BIN ::= "bin"

AUTHJTAG_CONFIG ::= "authjtag_config"
DEVICE_DNA ::= "device_dna"
JTAG_TIMEOUT ::= "jtag_timeout"


COLON ::= ":"
SEMICOLON ::= ";"
EQUAL ::= "="
COMMA ::= ","
OBRACKET ::= "["
EBRACKET ::= "]"
OBRACE ::= "{"
EBRACE ::= "}"
LPAREN ::= "("
RPAREN ::= ")"
ASTERISK ::= "*"

PLUS ::= "+"
MINUS ::= "-"
LSHIFT ::= "<<"
RSHIFT ::= ">>"
MULT ::= "*"
DIVIDE ::= "/"
MODULO ::= "%"
NEGATION ::= "~"
AND ::= "&"
OR ::= "|"
XOR ::= "^"

xip_mode ignores the offset=<addr> value

When using XIP mode, the offset of the image always becomes 0x1700, no matter what the offset= is set to.

The error is in partition.cpp line 232
if(header->imageHeader->GetXipMode()) {
This function returns false, even when xip_mode is set.

libc 2.25 dependency

I am using 2021 buildroot/sysroot to make the image for the target. Then when I compile bootgen using this repo, I get the error :

zynq> ./bootgen
./bootgen: /lib/libc.so.6: version `GLIBC_2.25' not found (required by ./bootgen)

My libc version is 2.23. How to resolve this and why do we need libc 2.25 ? I tried to use the oldest branch here but its the same dependency.

Creating aeskeys and encrypted/signed .BIN files results in hanging process

I am using the most recent commit of this repo's master branch - Xilinx Bootgen v2022.2

When I attempt to create an aeskey with bootgen, the process will "hang" seemingly forever. Example:

gen_aeskey:
{
  [aeskeyfile] aeskey.nky
  [keysrc_encryption] efuse
  [bootloader, encryption=aes] zynq_fsbl.elf
}

$ bootgen -p xc7z015 -image gen_aeskey.bif

Once I run the above command, I just see the following, with the process never finishing (tested up to 6 hours):



****** Xilinx Bootgen v2022.2
  **** Build date : Feb 23 2023-20:49:42
    ** Copyright 1986-2022 Xilinx, Inc. All Rights Reserved.

The same thing happens when trying to make any encrypted/signed .BIN files where the -p option is required.

fsbl_prime:
{
  [aeskeyfile] aeskey.nky
  [keysrc_encryption] efuse

  [pskfile] psk.pem
  [sskfile] ssk.pem

  [bootloader,encryption=aes,authentication=rsa] zynq_fsbl.elf
}

$ bootgen -arch zynq -p xc7z015 -image fsbl_prime.bif -o FSBL_PRIME.BIN -w on

bootloaders:
{
  [aeskeyfile] aeskey.nky
  [keysrc_encryption] efuse

  [pskfile] psk.pem
  [sskfile] ssk.pem

  [bootloader,encryption=aes,authentication=rsa] zynq_fsbl.elf
  [encryption=aes,authentication=rsa] u-boot.elf
}

$ bootgen -arch zynq -p xc7z015 -image bootloaders.bif -o BOOT.BIN -w on

linux_image:
{
  [aeskeyfile] aeskey.nky
  [keysrc_encryption] efuse

  [pskfile] psk.pem
  [sskfile] ssk.pem

  [encryption=aes,authentication=rsa, load = 0x3000000, partition_owner=uboot] system.bit.gz
  [encryption=aes,authentication=rsa, load = 0x5000000, partition_owner=uboot] image.ub
}

$ bootgen -arch zynq -p xc7z015 -image image.bif -o IMAGE.BIN -w on

While I initially imagined that part of the issue with the last three things is that the aeskey.nky file didn't exist, it doesn't complain to me about that like it does when other files may be missing.

The common thread here appears to be providing the -p xc7z015 arguments. This part name is what my vendor mentions in their documentation, and they say that the device is "Zynq®-7015 SoC family device featuring ARM Cortex™-A9 processor". I wonder if somehow the petalinux image that was built for this Zynq device is somehow wanting a different part name, or if the part name is just straight up wrong.

Trying this with something like
bootgen -p xc7z030 -image gen_aeskey.bif
or from bootgen -help p's example
bootgen -p xc7z020clg484 -image gen_aeskey.bif
or even a nonsensical argument like
bootgen -p x7148 -image gen_aeskey.bif

all result in the same behavior.

What might I be doing wrong/need to fix?

Make 'fill' optional with 'split' option enabled

When generating a .bin boot image with the 'split' option enabled, it would be useful to allow the option to disable the 'fill' option. This allows the generation of smaller files and prevent erasing memory areas which are not to be erased.

This is useful if partitions are to be flashed separately (both in time and memory space) from each others or from the boot code / headers.

Currently the implementation ignores the "doFill" argument: https://github.com/Xilinx/bootgen/blame/1795f18361caf1536d76ffe40ae3cb66e212b020/binfile.cpp#L87

Implementation wise, this would involve a new command line option (e.g. -no-fill) which sets the doFill property https://github.com/Xilinx/bootgen/blob/master/options.h#L267 , maybe checking that the 'split' option is set.

Invalid read of a malformed .bif triggers a crash

echo "IA==" | base64 -d > test0000
./bootgen -image test0000

****** Xilinx Bootgen v2020.1
  **** Build date : Jul 15 2020-15:10:01
    ** Copyright 1986-2020 Xilinx, Inc. All Rights Reserved.

AddressSanitizer:DEADLYSIGNAL
=================================================================
==30623==ERROR: AddressSanitizer: SEGV on unknown address 0x0000000004d0 (pc 0x000000523748 bp 0x7fffffffd470 sp 0x7fffffffd3a0 T0)
==30623==The signal is caused by a READ memory access.
==30623==Hint: address points to the zero page.
    #0 0x523748 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) /usr/lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/basic_string.h
    #1 0x523748 in BifOptions::GetGroupName[abi:cxx11]() /root/bootgen/bifoptions.cpp:381:12
    #2 0x4c849b in BootImage::BootImage(Options&) /root/bootgen/bootimage.cpp:220:24
    #3 0x4c0b03 in ZynqBootImage::ZynqBootImage(Options&) /root/bootgen/bootimage-zynq.cpp:37:50
    #4 0x4c0b03 in BIF_File::Process(Options&) /root/bootgen/bootimage.cpp:88:29
    #5 0x4bb1f2 in BootGenApp::Run(int, char const**) /root/bootgen/main.cpp:78:17
    #6 0x4b993d in main /root/bootgen/main.cpp:91:13
    #7 0x7ffff765909a in __libc_start_main /build/glibc-vjB4T1/glibc-2.28/csu/../csu/libc-start.c:308:16
    #8 0x307c59 in _start (/root/bootgen/bootgen+0x307c59)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /usr/lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/basic_string.h in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)
==30623==ABORTING

ZynqImageHeaderStructure does not match with the datafields in the manual

Hello,
according to
https://www.xilinx.com/support/documentation/sw_manuals/xilinx2018_2/ug1283-bootgen-user-guide.pdf
Page 16, Table 4: Zynq-7000 SoC Device Image Header,
the content of the structure should be

0x0: next image header
0x4: corresponding partition header
0x8: Reserved
0xC: Partition Count length (number of partitions)
0x10..N Image name
N: String terminator
N+4 Reserved

However, in https://github.com/Xilinx/bootgen/blob/d000746f9621000042d9469686ee867d73321c17/imageheadertable-zynq.h
ZynqImageHeaderStructure is defined as:

0x0: next image header
0x4: corresponding partition header
0x8: dataSectionCount
0xC: imageNameLength
0x10..N Image name

So the imageNameLength seems to be wrong. Moreover, when reading the data field imageNameLength, I always get a 1, even if there is valid name with > 10 chars present. So this indeed looks much more like being the number of partitions, not the name length.

-verify crashes on ZynqMP boot.bin file

The -verify option was crashes bootgen on a ZynqMP boot.bin file as the code wasn't
reading the image headers. Please find the following patch which fixed the problem:

From c6091d880c65665d1752c295b0c6c0f852b9afa8 Mon Sep 17 00:00:00 2001
From: Andrew Worsley <[email protected]>
Date: Fri, 8 Mar 2024 12:39:31 +1100
Subject: [PATCH 1/2] Fix segfault in -verify option

Code wasn't reading in the boot.bin image file headers for the -verify option
So add in a call to ReadHeaderTableDetails() prior to ReadPartitions() which
assumes the iHT (Image Header Table) pointer has been initialised.
With out this it results in the following crash:

(gdb) run -arch zynqmp -verify  BOOT-zub1cg-rsa-new.bin -log trace
Starting program: /home/amw/work/src/bootgen/bootgen -arch zynqmp -verify  BOOT-zub1cg-rsa-new.bin -log trace
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

****** Bootgen v2023.2
  **** Build date : Mar  6 2024-17:46:38
    ** Copyright 1986-2022 Xilinx, Inc. All Rights Reserved.
    ** Copyright 2022-2023 Advanced Micro Devices, Inc. All Rights Reserved.

[TRACE]  : Command Line parsing started
[TRACE]  : Command: -arch zynqmp -verify BOOT-zub1cg-rsa-new.bin -log trace
[INFO]   : Command line parsing completed successfully

Program received signal SIGSEGV, Segmentation fault.
0x000055555564c452 in ZynqMpReadImage::VerifyAuthentication (this=0x55555572fa30,
    verifyImageOption=true) at verifyimage-zynqmp.cpp:55
55          if (iHT->headerAuthCertificateWordOffset != 0)
(gdb) p iHT
$1 = (ZynqMpImageHeaderTableStructure *) 0x0
(gdb) bt
    verifyImageOption=true) at verifyimage-zynqmp.cpp:55
    at main.cpp:73
---
 readimage-zynqmp.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/readimage-zynqmp.cpp b/readimage-zynqmp.cpp
index af6993d..17e5896 100755
--- a/readimage-zynqmp.cpp
+++ b/readimage-zynqmp.cpp
@@ -100,6 +100,7 @@ void ZynqMpReadImage::ReadBinaryFile(DumpOption::Type dump, std::string path)
     {
         LOG_ERROR("The option '-read/-dump' is not supported on mcs format file : %s", binFilename.c_str());
     }
+    ReadHeaderTableDetails();
     ReadPartitions();
 }
 /*******************************************************************************/
-- 
2.30.2

efuseppkbits - Unknown option on command line

Hi,

I am trying to generate the SHA to write to the eFuse so I can properly activate the secure boot authentication
However using the documented bif file, I am having the following issue:

all:
{
        [pskfile] keys/PSK.pem
        [sskfile] keys/SSK.pem
        [bootloader, destination_cpu=a53-0, authentication=rsa] u-boot-spl.bin
}

./bootgen –arch zynqmp –image bif.hash -o boot.bin –efuseppkbits eFUSE.txt

****** Xilinx Bootgen v2021.1
  **** Build date : Jul 15 2021-00:18:02
    ** Copyright 1986-2021 Xilinx, Inc. All Rights Reserved.

[ERROR]  : Unknown option on command line:

It is not straightforward to debug the parser (lex/bixon stuff).
Could you help me understand the error in the command line please - verbatim from the documentation?

This actually relates to #10

bootgen -generate-keys pem - warnings and invalid keys generated

jramirez@trex bootgen_bif (master *$%)$ more bif.keys
the_ROM_image:
{
        [ppkfile] <keys/PPK.pem>
        [pskfile] <keys/PSK.pem>
        [spkfile] <keys/SPK.pem>
        [sskfile] <keys/SSK.pem>
}

./bootgen -image bif.keys -generate_keys pem

****** Xilinx Bootgen v2021.1
  **** Build date : Jul 15 2021-00:18:02
    ** Copyright 1986-2021 Xilinx, Inc. All Rights Reserved.

WARNING: bad character! '<' (0x3C)
WARNING: bad character! '>' (0x3E)
WARNING: bad character! '<' (0x3C)
WARNING: bad character! '>' (0x3E)
WARNING: bad character! '<' (0x3C)
WARNING: bad character! '>' (0x3E)
WARNING: bad character! '<' (0x3C)
WARNING: bad character! '>' (0x3E)
[WARNING]: A bootimage cannot be generated on the go, with '-generate_keys'.
           However, the requested keys will be generated.

[INFO]   : Bootimage generated successfully

The generated keys can not be used for authentication as they are not the expected 4096 but 2048

Problems with BIF Attribute [bootimage]

The [bootimage] attribute seems to modify the state of the original partition in the input image, especially the partition with the [offset] attribute specified.

The test process is as follows：

I used the following bif file to generate an image called BASE_BOOT.BIN

the_loader_image:  
{                                         
	[bootloader] ./images/linux/zynq_fsbl.elf
	./images/linux/system.bit
	./images/linux/u-boot.elf
	[load=0x00100000] ./images/linux/system.dtb
	[offset=0x440000, partition_owner=uboot] ./images/linux/boot.scr
}

2.Then I used the following bif file to generate another image called RE_BASE_BOOT.BIN

the_ROM_image:
{
    [bootimage] ./images/linux/BASE_BOOT.BIN
}

3.BASE_BOOT.BIN and RE_BASE_BOOT.BIN are not the same size, so I compared the binary content of the two files. I found that the address of the ./images/linux/boot.scr partition has changed， Its starting address becomes the address immediately following the ./images/linux/system.dtb partition，In other words, the [offset] attribute of the ./images/linux/boot.scr partition is invalid

I don’t know if this is a bug, and I want to know how to avoid this problem: do not modify the original state of the input partition when using the [bootimage] attribute

bootgen -o option not working in zynq

https://forums.xilinx.com/t5/Embedded-Linux/Petalinux-2020-2-FPGA-manager-bootgen-failed/m-p/1239675/highlight/true#M50390

Bootgen authentication failures on ZCU102 Dev Board (ZynqMP)

BIF File:

cdmx_image:
{
    [fsbl_config] bh_auth_enable
    [pskfile] keys/psk0.pem
    [sskfile] keys/ssk0.pem

    [fsbl_config] puf4kmode, shutter=0x0100005E, pufhd_bh
    [keysrc_encryption] bh_blk_key
    [bh_keyfile] keys/bh_keyfile.txt
    [bh_key_iv] keys/bh_key_iv.txt
    [puf_file] keys/puf_file.txt
    [auth_params] ppk_select=0; spk_id=0

    [
        bootloader,
        authentication=rsa,
        encryption=aes,
        aeskeyfile=keys/fsbl.nky
    ] fsbl.elf
    
    ...

Bootgen command line:

bootgen -arch zynqmp -image cdmx_image.bif -w -o boot.bin

The latest version of bootgen (34c4313) fails to build boot.bin due to an error with the PUF shutter value, as the MSB bit is now required to be set. This contradicts the value generated by the PUF registration example code (xilskey_puf_registration_example.c), which does not have the MSB set. The error message comes from here:
https://github.com/Xilinx/bootgen/blob/master/bifoptions.cpp#L588

If the MSB bit is set in the BIF file, boot.bin is generated, but fails to boot. No console output is shown.

Disabling encryption (i.e. just using authentication) works correctly.

The problem appears to be with the more recent commits, as commit 8221184 (tagged as "2020.3") also works correctly.

Windows Build issue

I've been trying to build Bootgen tool on windows platform. The steps provided in README.md is not sufficient to build the source code.

Steps followed:

Installed Win64 OpenSSL v1.1.1s
Installed g++ compiler for windows
Used the below command to compile in cygwin
$ make "INCLUDE_USER=-I<installed_location>/openssl/include"
Error log:

Please help!

Query regarding split command

Hi,
We have been using bootgen for a while, need to split the boot images as 3 partitions ( 1st partition -> FSBL - Uboot; 2nd partition -> Linux Kernel; 3rd partition -> RootFS).

Can we authenticate all partitions via eFUSE keys after being splited into three partitions??

Thanks,
Sriram

Add .gitignore to filter generated *.o and bootgen

bootgen blindly assumes all ELF32 headers are ARMv7/AArch32

In ElfFormat::GetElfFormat() in elftools.cpp, it is blindly assumed that all ELF32 headers are associated with AArch32 code. The ILP32 data model of AArch64 also uses a ELF32 header which causes bl31 from ARM Trusted Firmware to incorrectly jump to the contained code in AArch32 mode which, for obvious reasons, does not end well.