With the release of WolfBoot version v2.4.0, we have made significant improvements to our secure boot support for Xilinx UltraScale+ MPSoC systems. This major update brings several key enhancements that make it easier and more efficient to deploy wolfBoot on this target.
UltraScale+ enhancements in wolfBoot v2.4.0
To see the complete list of improvements see wolfBoot PR #499.
- Standalone build
The latest release adds support for building without any dependencies from the Vitis/Xilinx SDK. This shift allows developers to bypass traditional SDK-based workflows, making it easier to integrate secure boot into their projects.
- Expanded Exception Level (EL) Support
We now support all ARMv8-A exception levels, enhancing security, virtualization, and OS management:
- Exception Level 3 (EL3) – Trusted Firmware
- Exception Level 2 (EL2) – Hypervisor
- Exception Level 1 (EL1) – Operating System
- Flattened Image Tree (FIT) Format
We have also introduced support for the FIT format, which combines a Flattened Device Tree (FDT) with embedded binaries. FIT images are widely used in embedded Linux systems, providing a flexible and efficient way to package and deploy software.
- Enhanced QSPI Bare-Metal Driver
The latest release includes significant improvements to the QSPI bare-metal driver, enhancing its capabilities for DMA and clock speed configuration. For example using DMA vs IO mode reduced the read of 154MB from 18,228ms to 2,607ms.
- ARMv8 Crypto Extensions
wolfBoot now supports the wolfCrypt ARM crypto assembly speedups for SHA2 and SHA3, which greatly improves hashing performance on the integrity checking during boot.
- Processing System (PS):
- Quad-core ARM Cortex-A53 (Application Processing Unit – APU)
- Dual-core ARM Cortex-R5 (Real-time Processing Unit – RPU)
- ARM Mali-400 MP2 GPU for graphics acceleration
- Programmable Logic (PL):
- Integrated UltraScale+ FPGA fabric for custom hardware acceleration
- Supports Partial Reconfiguration (PR)
- High-performance DSP slices for signal processing applications
- Configuration Security Unit (CSU):
- The CSU is responsible for secure boot and system configuration.
- It ensures secure key storage, authentication, and decryption for secure boot processes.
- Supports Root of Trust (RoT) for secure application execution.
- Manages bit-stream authentication and encryption for FPGA security.
- Platform Management Unit (PMU):
- The PMU is a triple-redundant MicroBlaze processor system, ensuring high reliability and fault tolerance.
- Handles power sequencing, system monitoring, and fault detection.
- Manages dynamic power and thermal control, optimizing energy efficiency.
- Provides error handling and recovery mechanisms for mission-critical applications.
AMD/Xilinx UltraScale+ MPSoC (ZCU102) Features
The AMD/Xilinx Zynq UltraScale+ MPSoC ZCU102 is a powerful evaluation board that provides a platform for system designers to develop and prototype applications:
Note: The wolfBoot support for using the CSU and hardware based Root of Trust is in development now. You can follow the progress here.
Getting Started
To get started with wolfBoot on your Xilinx UltraScale+ MPSoC system, please refer to the official documentation docs/Targets.md.
The Xilinx hardware uses a First Stage BootLoader (FSBL) and requires assembly of a BOOT.BIN image using bootgen and .bif file. Detailed instructions can be found in IDE/XilinxSDK.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now